The simkaarthack who last week came to light, in which attackers at a distance were able to hack on sim cards, is largely gone. That says beveiligingsonderzoeker Karsten Nohl, which the problem is revealed, in an interview with Tweakers.
By now, many providers, according to Nohl measures taken. The researcher does not want to go into details about which providers whether or not reacted well to the attack, but from his words we can conclude that the Dutch providers have done. “It helps that two of the three providers in the Netherlands are part of larger families’, thus referring to Vodafone and T-Mobile. “But also the remaining provider has done its best,” says Nohl, referring to KPN.
That is not to say that all the providers have done their job properly: some companies saw the danger of the hack, according to Nohl not really. He is also concerned about providers from outside Europe. “We have about this issue especially had contact with European providers, and with providers from outside Europe. It may be that they have their own experts have enabled, but if it means that they simply do not worry about this problem, then that is cause for concern,” says Nohl. Especially in Africa and South America, where sim cards are used for payments, to authenticate, that could be a problem.
The hacking of the sim card was possible with sim cards rely on outdated encryptiestandaard DES, an encryption key of only 56 bits are used. In addition, the map needs to be tempted to its secrets, by letting him respond to a text message that providers the background to their customers to send changes on the sim card. A part of the sim card responds to an incorrect message with a reply which includes a so-called checksum is found, from which the cryptographic signature of the sim card can be derived. Has an attacker over that signature, then he has as much power over the sim card if the service provider.
Click here to read the full achtergrondartikel about the simkaarthack.