[cryptography] Must have seemed like a good idea at the time

James A. Donald jamesd at echeque.com
Sun Jul 21 19:27:52 EDT 2013

On 2013-07-22 9:01 AM, Randall Webmail wrote:
> [SNIP]
> To derive a DES OTA key, an attacker starts by sending a binary SMS to 
> a target device. The SIM does not execute the improperly signed OTA 
> command, but does in many cases respond to the attacker with an error 
> code carrying a cryptographic signature, once again sent over binary 
> SMS. A rainbow table resolves this plaintext-signature tuple to a 
> 56-bit DES key within two minutes on a standard computer.
> *Deploying SIM malware.* The cracked DES key enables an attacker to 
> send properly signed binary SMS, which download Java applets onto the 
> SIM. Applets are allowed to send SMS, change voicemail numbers, and 
> query the phone location, among many other predefined functions. These 
> capabilities alone provide plenty of potential for abuse. [SNIP]
> https://srlabs.de/rooting-sim-cards/

A number of projects have been launched to use cell phones as a money 
device, a smart card.  I am pretty sure if your malware can send sms, it 
can transfer funds.

This not all that fatal, as the money is traceable, but it means that 
the financial institution needs an apparatus to reverse cell phone 
transactions, and that cell phone money is therefore soft on the may scale.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130722/e95b9175/attachment.html>

More information about the cryptography mailing list