From b6be91e4d990ff4c9f1954a51ca9929364071d79 Mon Sep 17 00:00:00 2001 From: nb72soza Bittner Date: Fri, 4 Jul 2025 23:19:24 +0000 Subject: [PATCH] Update on Overleaf. --- AdditionalPackages.tex | 11 +- Bibliography.bib | 1035 ++++++++++++++++++----------------- Chapters/Background.tex | 7 +- Chapters/Conclusions.tex | 10 +- Chapters/Evaluation.tex | 59 +- Chapters/Implementation.tex | 77 +-- Chapters/RelatedWork.tex | 2 +- 7 files changed, 630 insertions(+), 571 deletions(-) diff --git a/AdditionalPackages.tex b/AdditionalPackages.tex index 848665d..29bb22b 100644 --- a/AdditionalPackages.tex +++ b/AdditionalPackages.tex @@ -163,4 +163,13 @@ % plots \usepackage{pgfplots} -\pgfplotsset{compat=1.18} \ No newline at end of file +\pgfplotsset{compat=1.18} + +% Allow linebreaks in texttt +\newcommand*\justify{% + \fontdimen2\font=0.4em% interword space + \fontdimen3\font=0.2em% interword stretch + \fontdimen4\font=0.1em% interword shrink + \fontdimen7\font=0.1em% extra space + \hyphenchar\font=`\-% allowing hyphenation +} \ No newline at end of file diff --git a/Bibliography.bib b/Bibliography.bib index 5796d7c..70ab46c 100644 --- a/Bibliography.bib +++ b/Bibliography.bib @@ -1,51 +1,220 @@ -@article{ahmed_transparency_2021, - title = {Transparency of {SIM} profiles for the consumer remote {SIM} provisioning protocol}, - volume = {76}, - issn = {1958-9395}, - url = {https://doi.org/10.1007/s12243-020-00791-2}, - doi = {10.1007/s12243-020-00791-2}, - abstract = {In mobile communication, User Equipment (UE) authenticates a subscriber to a Mobile Network Operator (MNO) using credentials from the MNO specified SIM profile that is securely stored inside the SIM card. Traditionally, a change in a subscriber’s SIM profile, such as a change in a subscription, requires replacement of the physical SIM card. To address this shortcoming, the GSM Association (GSMA) has specified the consumer Remote SIM Provisioning (RSP) protocol. The protocol enables remote provisioning of SIM profiles from a server to SIM cards, also known as the embedded Universal Integrated Circuit Card (eUICC). In RSP, any GSMA-certified server is trusted by all eUICCs, and consequently any server can provision SIM profiles to all eUICCs, even those not originating from the MNO associated with the GSMA-certified RSP server. Consequently, an attacker, by compromising a server, can clone a genuine SIM profile and provision it to other eUICCs. To address this security problem, we present SIM Profile Transparency Protocol (SPTP) to detect malicious provisioning of SIM profiles. SPTP assures to the eUICC and the MNO that all SIM provisioning actions—both approved and unapproved—leave a permanent, non-repudiatable trail. We evaluate security guarantees provided by SPTP using a formal model, implement a prototype for SPTP, and evaluate the prototype against a set of practical requirements.}, - language = {en}, - number = {3}, - urldate = {2024-12-16}, - journal = {Annals of Telecommunications}, - author = {Ahmed, Abu Shohel and Thakur, Mukesh and Paavolainen, Santeri and Aura, Tuomas}, - month = apr, +@misc{gsma_sgp21_2021, + title = {{SGP}.21 v2.3 {RSP} {Architecture}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2021/07/SGP.21-2.3.pdf}, + urldate = {2025-02-24}, + author = {{GSMA}}, + month = jun, year = {2021}, - keywords = {Consumer RSP, eSIM security, SIM profile cloning, Transparency}, - pages = {187--202}, - file = {Full Text PDF:/home/niklas/Zotero/storage/JSB5G2YT/Ahmed et al. - 2021 - Transparency of SIM profiles for the consumer remote SIM provisioning protocol.pdf:application/pdf}, + file = {PDF:/Users/privat/Zotero/storage/9RWMQ5EI/SGP.21 v2.3 RSP Architecture.pdf:application/pdf}, } -@article{ahmed_security_2024, - title = {Security {Analysis} of the {Consumer} {Remote} {SIM} {Provisioning} {Protocol}}, - volume = {27}, - issn = {2471-2566}, - url = {https://dl.acm.org/doi/10.1145/3663761}, - doi = {10.1145/3663761}, - abstract = {Remote SIM provisioning (RSP) for consumer devices is the protocol specified by the GSM Association for downloading SIM profiles into a secure element in a mobile device. The process is commonly known as eSIM, and it is expected to replace removable SIM cards. The security of the protocol is critical because the profile includes the credentials with which the mobile device will authenticate to the mobile network. In this article, we present a formal security analysis of the consumer RSP protocol. We model the multi-party protocol in applied pi calculus, define formal security goals, and verify them in ProVerif. The analysis shows that the consumer RSP protocol protects against a network adversary when all the intended participants are honest. However, we also model the protocol in realistic partial compromise scenarios where the adversary controls a legitimate participant or communication channel. The security failures in the partial compromise scenarios reveal weaknesses in the protocol design. The most important observation is that the security of RSP depends unnecessarily on it being encapsulated in a TLS tunnel. Also, the lack of pre-established identifiers means that a compromised download server anywhere in the world or a compromised secure element can be used for attacks against RSP between honest participants. Additionally, the lack of reliable methods for verifying user intent can lead to serious security failures. Based on the findings, we recommend practical improvements to RSP implementations, future versions of the specification, and mobile operator processes to increase the robustness of eSIM security.}, - number = {3}, - urldate = {2024-12-16}, - journal = {ACM Trans. Priv. Secur.}, - author = {Ahmed, Abu Shohel and Peltonen, Aleksi and Sethi, Mohit and Aura, Tuomas}, +@misc{gsma_sgp22_2024, + title = {{SGP}.22 v2.6 {RSP} {Technical} {Specification}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2024/09/SGP.22-v2.6.pdf}, + urldate = {2025-02-24}, + author = {{GSMA}}, + month = sep, + year = {2024}, + file = {PDF:/Users/privat/Zotero/storage/5BBQVAT6/SGP.22 v2.6 RSP Technical Specification.pdf:application/pdf}, +} + +@misc{etsi_gsm_1997, + title = {{GSM} 11.14 {SIM} {Application} {Toolkit}}, + url = {https://www.etsi.org/deliver/etsi_gts/11/1114/05.04.00_60/gsmts_1114v050400p.pdf}, + urldate = {2025-03-03}, + author = {{ETSI}}, + month = jul, + year = {1997}, + file = {PDF:/Users/privat/Zotero/storage/6TLW4EZW/ETSI GSM 11.14 SIM Application Toolkit.pdf:application/pdf}, +} + +@misc{etsi_ts_2020, + title = {{TS} 131 111 {USIM} {Application} {Toolkit}}, + url = {https://www.etsi.org/deliver/etsi_ts/131100_131199/131111/16.01.00_60/ts_131111v160100p.pdf}, + urldate = {2025-03-03}, + author = {{ETSI}}, + month = jul, + year = {2020}, + file = {PDF:/Users/privat/Zotero/storage/HQ5NC5HT/ETSI TS 131 111 USIM Application Toolkit.pdf:application/pdf}, +} + +@misc{trusted_connectivity_alliance_st_2009, + title = {S@{T} 01.50 v4.0.0 {S}@{T} {Browser} {Behavior} {Guidlines}}, + url = {https://trustedconnectivityalliance.org/wp-content/uploads/2020/01/S@T-01.50-v4.0.0-Release-2009.pdf}, + urldate = {2025-01-02}, + author = {{Trusted Connectivity Alliance}}, + year = {2009}, + file = {PDF:/Users/privat/Zotero/storage/XWXLNA5W/S@T 01.50 v4.0.0 S@T Browser Behavior Guidlines.pdf:application/pdf}, +} + +@misc{etsi_ts_2003, + title = {{TS} 102 22 {UICC}-{Terminal} interface}, + url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102221/04.10.00_60/ts_102221v041000p.pdf}, + urldate = {2025-02-03}, + author = {{ETSI}}, + month = jun, + year = {2003}, + file = {PDF:/Users/privat/Zotero/storage/DAXFX2XH/ETSI TS 102 221 V4.10.0.pdf:application/pdf}, +} + +@misc{trusted_connectivity_alliance_euicc_2021, + title = {{eUICC} {Profile} {Package}: {Interoperable} {Format} {Technical} {Specification} v3.0}, + url = {https://trustedconnectivityalliance.org/wp-content/uploads/2021/05/Profile-interoperability-technical-specification_V3.0-Final.pdf}, + urldate = {2025-02-14}, + author = {{Trusted Connectivity Alliance}}, + month = may, + year = {2021}, + file = {PDF:/Users/privat/Zotero/storage/PMG9FK4I/eUICC Profile Package Interoperable Format Technical Specification v3.0.pdf:application/pdf}, +} + +@misc{etsi_ts_2022, + title = {{TS} 102 226 {Remote} {APDU} structure for {UICC} based applications}, + language = {en}, + author = {{ETSI}}, + month = oct, + year = {2022}, + file = {PDF:/Users/privat/Zotero/storage/WPCH9N8K/TS 102 226 - V17.0.0 - Smart Cards\; Remote APDU structure for UICC based applications (Release 17).pdf:application/pdf}, +} + +@misc{nonpointer_estkme_2025, + title = {{eSTK}.me: {The} next generation of swappable consumer {eSIM} cards {\textbar} {Echo}}, + shorttitle = {{eSTK}.me}, + url = {https://iecho-cc.translate.goog/2024/03/16/estk-me-next-generation-removable-consumer-esim/?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=zh-CN&_x_tr_pto=wapp}, + abstract = {让国行手机用上 eSIM:支持 iOS 写卡切卡、OTA 远程管理的可插拔 eSIM 卡。}, + language = {en}, + urldate = {2025-02-24}, + author = {nonPointer}, + month = feb, + year = {2025}, + file = {Snapshot:/Users/privat/Zotero/storage/6IIWBLRP/estk-me-next-generation-removable-consumer-esim.html:text/html}, +} + +@misc{etsi_ts_2022-1, + title = {{TS} 102 221 {Terminal} {Interface}}, + url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102221/17.01.00_60/ts_102221v170100p.pdf}, + urldate = {2025-02-16}, + author = {{ETSI}}, + month = jan, + year = {2022}, + file = {PDF:/Users/privat/Zotero/storage/L9JNWCIF/ETSI TS 102 221 V17.1.0.pdf:application/pdf}, +} + +@misc{gsma_sgp02_2020, + title = {{SGP}.02 v4.1 {Remote} {Provisioning} {Architecture} for {Embedded} {UICC}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2020/06/SGP.02-v4.1.pdf}, + urldate = {2025-02-16}, + author = {{GSMA}}, + month = may, + year = {2020}, + file = {PDF:/Users/privat/Zotero/storage/Q9BSLLSK/SGP.02 v4.1 Remote Provisioning Architecture for Embedded UICC.pdf:application/pdf}, +} + +@misc{gsma_ts38_2019, + title = {{TS}.38 {SIM} {Toolkit} {Device} {Requirements} - {User} {Experience} {Enhancements} v2.0}, + url = {https://www.gsma.com/newsroom/wp-content/uploads//TS.38-v2.0.pdf}, + urldate = {2025-02-17}, + author = {{GSMA}}, + month = mar, + year = {2019}, + file = {PDF:/Users/privat/Zotero/storage/XXQD9Y5B/TS.38 SIM Toolkit Device Requirements - User Experience Enhancements v2.0.pdf:application/pdf}, +} + +@misc{gsma_sgp22_2025, + title = {{SGP}.22 v2.6.1 {RSP} {Technical} {Specification}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2025/04/SGP.22-v2.6.1.pdf}, + urldate = {2025-04-29}, + author = {{GSMA}}, + month = apr, + year = {2025}, + file = {PDF:/Users/privat/Zotero/storage/K6CTMKMX/SGP.22 v2.6.1 RSP Technical Specification.pdf:application/pdf}, +} + +@misc{gsma_sgp22_2023, + title = {{SGP}.22 v3.1 {RSP} {Technical} {Specification}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2023/12/SGP.22-v3.1.pdf}, + language = {en}, + publisher = {GSMA}, + author = {{GSMA}}, + month = jan, + year = {2023}, + note = {SGP.22 v3.1. Published by GSMA for the eSIM ecosystem}, + file = {SGP.22-v3.1.pdf:/Users/privat/Zotero/storage/JFU8XMUB/SGP.22-v3.1.pdf:application/pdf}, +} + +@misc{frank_ruan_frank_2024, + title = {Frank {Ruan}'s {Blog} - {Removable} {eUICCs}...}, + url = {https://frank-ruan.com/2024/08/27/removable-euicc/}, + language = {en-us}, + urldate = {2025-02-22}, + author = {{Frank Ruan}}, month = aug, year = {2024}, - pages = {23:1--23:36}, - file = {Full Text PDF:/home/niklas/Zotero/storage/JTYF7F4Q/Ahmed et al. - 2024 - Security Analysis of the Consumer Remote SIM Provisioning Protocol.pdf:application/pdf}, + file = {Snapshot:/Users/privat/Zotero/storage/25NJYNJL/removable-euicc.html:text/html}, } -@inproceedings{lisowski_simurai_2024, - title = {\{{SIMurai}\}: {Slicing} {Through} the {Complexity} of \{{SIM}\} {Card} {Security} {Research}}, - isbn = {978-1-939133-44-1}, - shorttitle = {\{{SIMurai}\}}, - url = {https://www.usenix.org/conference/usenixsecurity24/presentation/lisowski}, - language = {en}, - urldate = {2024-12-16}, - author = {Lisowski, Tomasz Piotr and Chlosta, Merlin and Wang, Jinjin and Muench, Marius}, +@misc{gsma_esim_2024, + title = {{eSIM} {Consumer} and {IoT} {Specifications}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/esim-specification/}, + abstract = {The below content provides the status of the eSIM specifications that have been published by GSMA and a comprehensive way to link the core specifications with the related test and requirement specifications. Architecture Specifications Technical Specifications Test Specifications GSMA EID Definition and Assignment Compliance Specifications To notify Software changes on eUICC certified products there is a GSMA […]}, + language = {en-US}, + urldate = {2025-01-04}, + journal = {eSIM}, + author = {{GSMA}}, year = {2024}, - pages = {4481--4498}, - file = {Full Text PDF:/home/niklas/Zotero/storage/RB2QNKQP/Lisowski et al. - 2024 - SIMurai Slicing Through the Complexity of SIM Card Security Research.pdf:application/pdf}, + file = {Snapshot:/Users/privat/Zotero/storage/84VDANVV/esim-specification.html:text/html}, +} + +@misc{security_research_labs_github_2019, + title = {{GitHub} - srlabs/{SIMTester}: {A} tool to test {SIM} card security}, + url = {https://github.com/srlabs/SIMTester/tree/main}, + urldate = {2025-01-02}, + author = {{Security Research Labs}}, + year = {2019}, + file = {GitHub - srlabs/SIMTester\: A tool to test SIM card security:/Users/privat/Zotero/storage/WQD9GVYP/main.html:text/html}, +} + +@misc{enea_simjacker_2019, + title = {Simjacker}, + url = {https://www.enea.com/info/simjacker/}, + language = {en-GB}, + urldate = {2025-01-02}, + journal = {Enea}, + author = {{ENEA}}, + year = {2019}, + file = {PDF:/Users/privat/Zotero/storage/UYMWY5RR/Simjacker.pdf:application/pdf;Snapshot:/Users/privat/Zotero/storage/MAIKW559/simjacker.html:text/html}, +} + +@misc{paljak_globalplatformpro_2024, + title = {{GlobalPlatformPro}}, + copyright = {LGPL-3.0}, + url = {https://github.com/martinpaljak/GlobalPlatformPro}, + abstract = {�� �� Manage applets and keys on JavaCard-s like a pro}, + urldate = {2025-01-02}, + author = {Paljak, Martin}, + month = dec, + year = {2024}, + note = {original-date: 2014-01-15T15:34:22Z}, + keywords = {cli, globalplatform, java, javacard, sdk, smartcard}, +} + +@inproceedings{zhao_securesim_2021, + address = {New York, NY, USA}, + series = {{MobiCom} '21}, + title = {{SecureSIM}: rethinking authentication and access control for {SIM}/{eSIM}}, + isbn = {978-1-4503-8342-4}, + shorttitle = {{SecureSIM}}, + url = {https://dl.acm.org/doi/10.1145/3447993.3483254}, + doi = {10.1145/3447993.3483254}, + abstract = {The SIM/eSIM card stores critical information for a mobile user to access the 4G/5G network. In this work, we uncover three vulnerabilities of the current SIM practice. We show that the PIN-based access control may expose the in-SIM data to an adversary through both hardware and software. Once exposed, such in-SIM information can be used to reconstruct various keys used for device authentication, data encryption, etc. They thus enable a number of attacks, including traffic eavesdropping, man-in-the-middle attack, impersonation, etc. The fundamental problem is that, the current SIM design does not offer proper authentication and fine-grained access control to hundreds of in-SIM files for various in-card applets and off-card units. We next propose a new solution that offers both authentication and fine-grained access control. Our implementation and evaluation have confirmed the viability of our proposal.}, + urldate = {2024-12-16}, + booktitle = {Proceedings of the 27th {Annual} {International} {Conference} on {Mobile} {Computing} and {Networking}}, + publisher = {Association for Computing Machinery}, + author = {Zhao, Jinghao and Ding, Boyan and Guo, Yunqi and Tan, Zhaowei and Lu, Songwu}, + month = oct, + year = {2021}, + pages = {451--464}, + file = {Full Text PDF:/Users/privat/Zotero/storage/Q4DJCTU5/Zhao et al. - 2021 - SecureSIM rethinking authentication and access control for SIMeSIM.pdf:application/pdf}, } @misc{welte_euicc_2024, @@ -57,17 +226,7 @@ journal = {eUICC and eSIM Developer Manual}, author = {Welte, Harald}, year = {2024}, - file = {Snapshot:/home/niklas/Zotero/storage/R4ACBEUQ/euicc-manual.osmocom.org.html:text/html}, -} - -@misc{welte_sysmoeuicc1_2024, - title = {{sysmoEUICC1} {User} {Manual}}, - url = {https://www.sysmocom.de/manuals/sysmoeuicc-manual.pdf}, - language = {en}, - publisher = {Sysmocom}, - author = {Welte, Harald}, - year = {2024}, - file = {PDF:/home/niklas/Zotero/storage/LAU8TCF3/Welte - sysmoEUICC1 User Manual.pdf:application/pdf}, + file = {Snapshot:/Users/privat/Zotero/storage/R4ACBEUQ/euicc-manual.osmocom.org.html:text/html}, } @misc{welte_pysim_2024, @@ -84,6 +243,25 @@ keywords = {3gpp, cellular, osmocom, sim, telecommunications, usim-cards}, } +@misc{welte_sysmoeuicc1_2024, + title = {{sysmoEUICC1} {User} {Manual}}, + url = {https://www.sysmocom.de/manuals/sysmoeuicc-manual.pdf}, + language = {en}, + publisher = {Sysmocom}, + author = {Welte, Harald}, + year = {2024}, + file = {PDF:/Users/privat/Zotero/storage/LAU8TCF3/Welte - sysmoEUICC1 User Manual.pdf:application/pdf}, +} + +@misc{gsma_esim_2018, + title = {{eSIM} {Whitepaper}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2018/12/esim-whitepaper.pdf}, + publisher = {GSMA}, + author = {{GSMA}}, + year = {2018}, + file = {esim-whitepaper.pdf:/Users/privat/Zotero/storage/5URD9U72/esim-whitepaper.pdf:application/pdf}, +} + @article{mckeeman_differential_1998, title = {Differential {Testing} for {Software}}, volume = {10}, @@ -114,242 +292,91 @@ C compilers is available on the web.}, author = {McKeeman, William M}, year = {1998}, pages = {100--107}, - file = {PDF:/home/niklas/Zotero/storage/UJDPELAV/McKeeman - Differential Testing for Software.pdf:application/pdf}, + file = {PDF:/Users/privat/Zotero/storage/UJDPELAV/McKeeman - Differential Testing for Software.pdf:application/pdf}, } -@misc{gsma_esim_2018, - title = {{eSIM} {Whitepaper}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2018/12/esim-whitepaper.pdf}, - publisher = {GSMA}, - author = {{GSMA}}, - year = {2018}, - file = {esim-whitepaper.pdf:/home/niklas/Zotero/storage/5URD9U72/esim-whitepaper.pdf:application/pdf}, -} - -@misc{gsma_sgp22_2023, - title = {{SGP}.22 v3.1 {RSP} {Technical} {Specification}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2023/12/SGP.22-v3.1.pdf}, +@inproceedings{lisowski_simurai_2024, + title = {\{{SIMurai}\}: {Slicing} {Through} the {Complexity} of \{{SIM}\} {Card} {Security} {Research}}, + isbn = {978-1-939133-44-1}, + shorttitle = {\{{SIMurai}\}}, + url = {https://www.usenix.org/conference/usenixsecurity24/presentation/lisowski}, language = {en}, - publisher = {GSMA}, - author = {{GSMA}}, - month = jan, - year = {2023}, - note = {SGP.22 v3.1. Published by GSMA for the eSIM ecosystem}, - file = {SGP.22-v3.1.pdf:/home/niklas/Zotero/storage/JFU8XMUB/SGP.22-v3.1.pdf:application/pdf}, -} - -@inproceedings{zhao_securesim_2021, - address = {New York, NY, USA}, - series = {{MobiCom} '21}, - title = {{SecureSIM}: rethinking authentication and access control for {SIM}/{eSIM}}, - isbn = {978-1-4503-8342-4}, - shorttitle = {{SecureSIM}}, - url = {https://dl.acm.org/doi/10.1145/3447993.3483254}, - doi = {10.1145/3447993.3483254}, - abstract = {The SIM/eSIM card stores critical information for a mobile user to access the 4G/5G network. In this work, we uncover three vulnerabilities of the current SIM practice. We show that the PIN-based access control may expose the in-SIM data to an adversary through both hardware and software. Once exposed, such in-SIM information can be used to reconstruct various keys used for device authentication, data encryption, etc. They thus enable a number of attacks, including traffic eavesdropping, man-in-the-middle attack, impersonation, etc. The fundamental problem is that, the current SIM design does not offer proper authentication and fine-grained access control to hundreds of in-SIM files for various in-card applets and off-card units. We next propose a new solution that offers both authentication and fine-grained access control. Our implementation and evaluation have confirmed the viability of our proposal.}, urldate = {2024-12-16}, - booktitle = {Proceedings of the 27th {Annual} {International} {Conference} on {Mobile} {Computing} and {Networking}}, - publisher = {Association for Computing Machinery}, - author = {Zhao, Jinghao and Ding, Boyan and Guo, Yunqi and Tan, Zhaowei and Lu, Songwu}, - month = oct, - year = {2021}, - pages = {451--464}, - file = {Full Text PDF:/home/niklas/Zotero/storage/Q4DJCTU5/Zhao et al. - 2021 - SecureSIM rethinking authentication and access control for SIMeSIM.pdf:application/pdf}, -} - -@misc{paljak_globalplatformpro_2024, - title = {{GlobalPlatformPro}}, - copyright = {LGPL-3.0}, - url = {https://github.com/martinpaljak/GlobalPlatformPro}, - abstract = {�� �� Manage applets and keys on JavaCard-s like a pro}, - urldate = {2025-01-02}, - author = {Paljak, Martin}, - month = dec, + author = {Lisowski, Tomasz Piotr and Chlosta, Merlin and Wang, Jinjin and Muench, Marius}, year = {2024}, - note = {original-date: 2014-01-15T15:34:22Z}, - keywords = {cli, globalplatform, java, javacard, sdk, smartcard}, + pages = {4481--4498}, + file = {Full Text PDF:/Users/privat/Zotero/storage/RB2QNKQP/Lisowski et al. - 2024 - SIMurai Slicing Through the Complexity of SIM Card Security Research.pdf:application/pdf}, } -@misc{security_research_labs_github_2019, - title = {{GitHub} - srlabs/{SIMTester}: {A} tool to test {SIM} card security}, - url = {https://github.com/srlabs/SIMTester/tree/main}, - urldate = {2025-01-02}, - author = {{Security Research Labs}}, - year = {2019}, - file = {GitHub - srlabs/SIMTester\: A tool to test SIM card security:/home/niklas/Zotero/storage/WQD9GVYP/main.html:text/html}, -} - -@misc{enea_simjacker_2019, - title = {Simjacker}, - url = {https://www.enea.com/info/simjacker/}, - language = {en-GB}, - urldate = {2025-01-02}, - journal = {Enea}, - author = {{ENEA}}, - year = {2019}, - file = {PDF:/home/niklas/Zotero/storage/UYMWY5RR/Simjacker.pdf:application/pdf;Snapshot:/home/niklas/Zotero/storage/MAIKW559/simjacker.html:text/html}, -} - -@misc{gsma_esim_2024, - title = {{eSIM} {Consumer} and {IoT} {Specifications}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/esim-specification/}, - abstract = {The below content provides the status of the eSIM specifications that have been published by GSMA and a comprehensive way to link the core specifications with the related test and requirement specifications. Architecture Specifications Technical Specifications Test Specifications GSMA EID Definition and Assignment Compliance Specifications To notify Software changes on eUICC certified products there is a GSMA […]}, - language = {en-US}, - urldate = {2025-01-04}, - journal = {eSIM}, - author = {{GSMA}}, - year = {2024}, - file = {Snapshot:/home/niklas/Zotero/storage/84VDANVV/esim-specification.html:text/html}, -} - -@misc{etsi_ts_2022, - title = {{TS} 102 226 {Remote} {APDU} structure for {UICC} based applications}, - language = {en}, - author = {{ETSI}}, - month = oct, - year = {2022}, - file = {PDF:/home/niklas/Zotero/storage/WPCH9N8K/TS 102 226 - V17.0.0 - Smart Cards\; Remote APDU structure for UICC based applications (Release 17).pdf:application/pdf}, -} - -@misc{frank_ruan_frank_2024, - title = {Frank {Ruan}'s {Blog} - {Removable} {eUICCs}...}, - url = {https://frank-ruan.com/2024/08/27/removable-euicc/}, - language = {en-us}, - urldate = {2025-02-22}, - author = {{Frank Ruan}}, +@article{ahmed_security_2024, + title = {Security {Analysis} of the {Consumer} {Remote} {SIM} {Provisioning} {Protocol}}, + volume = {27}, + issn = {2471-2566}, + url = {https://dl.acm.org/doi/10.1145/3663761}, + doi = {10.1145/3663761}, + abstract = {Remote SIM provisioning (RSP) for consumer devices is the protocol specified by the GSM Association for downloading SIM profiles into a secure element in a mobile device. The process is commonly known as eSIM, and it is expected to replace removable SIM cards. The security of the protocol is critical because the profile includes the credentials with which the mobile device will authenticate to the mobile network. In this article, we present a formal security analysis of the consumer RSP protocol. We model the multi-party protocol in applied pi calculus, define formal security goals, and verify them in ProVerif. The analysis shows that the consumer RSP protocol protects against a network adversary when all the intended participants are honest. However, we also model the protocol in realistic partial compromise scenarios where the adversary controls a legitimate participant or communication channel. The security failures in the partial compromise scenarios reveal weaknesses in the protocol design. The most important observation is that the security of RSP depends unnecessarily on it being encapsulated in a TLS tunnel. Also, the lack of pre-established identifiers means that a compromised download server anywhere in the world or a compromised secure element can be used for attacks against RSP between honest participants. Additionally, the lack of reliable methods for verifying user intent can lead to serious security failures. Based on the findings, we recommend practical improvements to RSP implementations, future versions of the specification, and mobile operator processes to increase the robustness of eSIM security.}, + number = {3}, + urldate = {2024-12-16}, + journal = {ACM Trans. Priv. Secur.}, + author = {Ahmed, Abu Shohel and Peltonen, Aleksi and Sethi, Mohit and Aura, Tuomas}, month = aug, year = {2024}, - file = {Snapshot:/home/niklas/Zotero/storage/25NJYNJL/removable-euicc.html:text/html}, + pages = {23:1--23:36}, + file = {Full Text PDF:/Users/privat/Zotero/storage/JTYF7F4Q/Ahmed et al. - 2024 - Security Analysis of the Consumer Remote SIM Provisioning Protocol.pdf:application/pdf}, } -@misc{nonpointer_estkme_2025, - title = {{eSTK}.me: {The} next generation of swappable consumer {eSIM} cards {\textbar} {Echo}}, - shorttitle = {{eSTK}.me}, - url = {https://iecho-cc.translate.goog/2024/03/16/estk-me-next-generation-removable-consumer-esim/?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=zh-CN&_x_tr_pto=wapp}, - abstract = {让国行手机用上 eSIM:支持 iOS 写卡切卡、OTA 远程管理的可插拔 eSIM 卡。}, +@article{ahmed_transparency_2021, + title = {Transparency of {SIM} profiles for the consumer remote {SIM} provisioning protocol}, + volume = {76}, + issn = {1958-9395}, + url = {https://doi.org/10.1007/s12243-020-00791-2}, + doi = {10.1007/s12243-020-00791-2}, + abstract = {In mobile communication, User Equipment (UE) authenticates a subscriber to a Mobile Network Operator (MNO) using credentials from the MNO specified SIM profile that is securely stored inside the SIM card. Traditionally, a change in a subscriber’s SIM profile, such as a change in a subscription, requires replacement of the physical SIM card. To address this shortcoming, the GSM Association (GSMA) has specified the consumer Remote SIM Provisioning (RSP) protocol. The protocol enables remote provisioning of SIM profiles from a server to SIM cards, also known as the embedded Universal Integrated Circuit Card (eUICC). In RSP, any GSMA-certified server is trusted by all eUICCs, and consequently any server can provision SIM profiles to all eUICCs, even those not originating from the MNO associated with the GSMA-certified RSP server. Consequently, an attacker, by compromising a server, can clone a genuine SIM profile and provision it to other eUICCs. To address this security problem, we present SIM Profile Transparency Protocol (SPTP) to detect malicious provisioning of SIM profiles. SPTP assures to the eUICC and the MNO that all SIM provisioning actions—both approved and unapproved—leave a permanent, non-repudiatable trail. We evaluate security guarantees provided by SPTP using a formal model, implement a prototype for SPTP, and evaluate the prototype against a set of practical requirements.}, language = {en}, - urldate = {2025-02-24}, - author = {nonPointer}, - month = feb, - year = {2025}, - file = {Snapshot:/home/niklas/Zotero/storage/6IIWBLRP/estk-me-next-generation-removable-consumer-esim.html:text/html}, -} - -@misc{gsma_sgp22_2025, - title = {{SGP}.22 v2.6.1 {RSP} {Technical} {Specification}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2025/04/SGP.22-v2.6.1.pdf}, - urldate = {2025-04-29}, - author = {{GSMA}}, + number = {3}, + urldate = {2024-12-16}, + journal = {Annals of Telecommunications}, + author = {Ahmed, Abu Shohel and Thakur, Mukesh and Paavolainen, Santeri and Aura, Tuomas}, month = apr, - year = {2025}, - file = {PDF:/home/niklas/Zotero/storage/K6CTMKMX/SGP.22 v2.6.1 RSP Technical Specification.pdf:application/pdf}, -} - -@misc{gsma_ts38_2019, - title = {{TS}.38 {SIM} {Toolkit} {Device} {Requirements} - {User} {Experience} {Enhancements} v2.0}, - url = {https://www.gsma.com/newsroom/wp-content/uploads//TS.38-v2.0.pdf}, - urldate = {2025-02-17}, - author = {{GSMA}}, - month = mar, - year = {2019}, - file = {PDF:/home/niklas/Zotero/storage/XXQD9Y5B/TS.38 SIM Toolkit Device Requirements - User Experience Enhancements v2.0.pdf:application/pdf}, -} - -@misc{gsma_sgp02_2020, - title = {{SGP}.02 v4.1 {Remote} {Provisioning} {Architecture} for {Embedded} {UICC}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2020/06/SGP.02-v4.1.pdf}, - urldate = {2025-02-16}, - author = {{GSMA}}, - month = may, - year = {2020}, - file = {PDF:/home/niklas/Zotero/storage/Q9BSLLSK/SGP.02 v4.1 Remote Provisioning Architecture for Embedded UICC.pdf:application/pdf}, -} - -@misc{etsi_ts_2022-1, - title = {{TS} 102 221 {Terminal} {Interface}}, - url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102221/17.01.00_60/ts_102221v170100p.pdf}, - urldate = {2025-02-16}, - author = {{ETSI}}, - month = jan, - year = {2022}, - file = {PDF:/home/niklas/Zotero/storage/L9JNWCIF/ETSI TS 102 221 V17.1.0.pdf:application/pdf}, -} - -@misc{trusted_connectivity_alliance_euicc_2021, - title = {{eUICC} {Profile} {Package}: {Interoperable} {Format} {Technical} {Specification} v3.0}, - url = {https://trustedconnectivityalliance.org/wp-content/uploads/2021/05/Profile-interoperability-technical-specification_V3.0-Final.pdf}, - urldate = {2025-02-14}, - author = {{Trusted Connectivity Alliance}}, - month = may, year = {2021}, - file = {PDF:/home/niklas/Zotero/storage/PMG9FK4I/eUICC Profile Package Interoperable Format Technical Specification v3.0.pdf:application/pdf}, + keywords = {Consumer RSP, eSIM security, SIM profile cloning, Transparency}, + pages = {187--202}, + file = {Full Text PDF:/Users/privat/Zotero/storage/JSB5G2YT/Ahmed et al. - 2021 - Transparency of SIM profiles for the consumer remote SIM provisioning protocol.pdf:application/pdf}, } -@misc{etsi_ts_2003, - title = {{TS} 102 22 {UICC}-{Terminal} interface}, - url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102221/04.10.00_60/ts_102221v041000p.pdf}, - urldate = {2025-02-03}, - author = {{ETSI}}, - month = jun, - year = {2003}, - file = {PDF:/home/niklas/Zotero/storage/DAXFX2XH/ETSI TS 102 221 V4.10.0.pdf:application/pdf}, -} - -@misc{trusted_connectivity_alliance_st_2009, - title = {S@{T} 01.50 v4.0.0 {S}@{T} {Browser} {Behavior} {Guidlines}}, - url = {https://trustedconnectivityalliance.org/wp-content/uploads/2020/01/S@T-01.50-v4.0.0-Release-2009.pdf}, - urldate = {2025-01-02}, - author = {{Trusted Connectivity Alliance}}, - year = {2009}, - file = {PDF:/home/niklas/Zotero/storage/XWXLNA5W/S@T 01.50 v4.0.0 S@T Browser Behavior Guidlines.pdf:application/pdf}, -} - -@misc{etsi_gsm_1997, - title = {{GSM} 11.14 {SIM} {Application} {Toolkit}}, - url = {https://www.etsi.org/deliver/etsi_gts/11/1114/05.04.00_60/gsmts_1114v050400p.pdf}, - urldate = {2025-03-03}, - author = {{ETSI}}, - month = jul, - year = {1997}, - file = {PDF:/home/niklas/Zotero/storage/6TLW4EZW/ETSI GSM 11.14 SIM Application Toolkit.pdf:application/pdf}, -} - -@misc{etsi_ts_2020, - title = {{TS} 131 111 {USIM} {Application} {Toolkit}}, - url = {https://www.etsi.org/deliver/etsi_ts/131100_131199/131111/16.01.00_60/ts_131111v160100p.pdf}, - urldate = {2025-03-03}, - author = {{ETSI}}, - month = jul, - year = {2020}, - file = {PDF:/home/niklas/Zotero/storage/HQ5NC5HT/ETSI TS 131 111 USIM Application Toolkit.pdf:application/pdf}, -} - -@misc{gsma_sgp22_2024, - title = {{SGP}.22 v2.6 {RSP} {Technical} {Specification}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2024/09/SGP.22-v2.6.pdf}, - urldate = {2025-02-24}, - author = {{GSMA}}, - month = sep, - year = {2024}, - file = {PDF:/home/niklas/Zotero/storage/5BBQVAT6/SGP.22 v2.6 RSP Technical Specification.pdf:application/pdf}, -} - -@misc{gsma_sgp21_2021, - title = {{SGP}.21 v2.3 {RSP} {Architecture}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2021/07/SGP.21-2.3.pdf}, - urldate = {2025-02-24}, - author = {{GSMA}}, - month = jun, - year = {2021}, - file = {PDF:/home/niklas/Zotero/storage/9RWMQ5EI/SGP.21 v2.3 RSP Architecture.pdf:application/pdf}, -} - -@misc{osmocom_open_nodate, - title = {Open {Source} {Mobile} {Communications}}, - url = {https://osmocom.org/}, +@misc{osmocom_simtrace_nodate, + title = {{SIMtrace} 2 - {Open} {Source} {Mobile} {Communications}}, + url = {https://osmocom.org/projects/simtrace2/wiki}, urldate = {2025-05-11}, author = {{Osmocom}}, - file = {Open Source Mobile Communications:/home/niklas/Zotero/storage/GBAJJJN5/osmocom.org.html:text/html}, + file = {Wiki - SIMtrace 2 - Open Source Mobile Communications:/Users/privat/Zotero/storage/YGSSZYR3/wiki.html:text/html}, +} + +@misc{welte_wireshark_nodate, + title = {Wireshark {GSM} {SIM} dissector}, + url = {https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-gsm_sim.c}, + abstract = {Read-only mirror of Wireshark\&\#39;s Git repository at https://gitlab.com/wireshark/wireshark. ⚠️ GitHub won\&\#39;t let us disable pull requests. ⚠️ THEY WILL BE IGNORED HERE ⚠️ Upload them at GitLab...}, + urldate = {2025-05-11}, + publisher = {Wireshark}, + author = {Welte, Harald}, + file = {Snapshot:/Users/privat/Zotero/storage/LCYMD2GY/packet-gsm_sim.html:text/html}, +} + +@misc{petercxy_openeuicc_nodate, + title = {{OpenEUICC}}, + url = {https://gitea.angry.im/PeterCxy/OpenEUICC}, + abstract = {eSIM LPA (Local Profile Assistant) implementation for Android. System privilege or ARA-M allowlisting required.}, + urldate = {2025-05-11}, + author = {{PeterCxy}}, + file = {Snapshot:/Users/privat/Zotero/storage/45U7S476/OpenEUICC.html:text/html}, +} + +@misc{esimmoe_minilpa_nodate, + title = {{MiniLPA}}, + url = {https://github.com/EsimMoe/MiniLPA}, + urldate = {2025-05-11}, + author = {{EsimMoe}}, + file = {GitHub - EsimMoe/MiniLPA\: Professional LPA UI:/Users/privat/Zotero/storage/CMWHRGQM/MiniLPA.html:text/html}, } @misc{icedtangerine_easylpac_2025, @@ -365,51 +392,12 @@ C compilers is available on the web.}, keywords = {esim, lpa, sgp22}, } -@misc{esimmoe_minilpa_nodate, - title = {{MiniLPA}}, - url = {https://github.com/EsimMoe/MiniLPA}, - urldate = {2025-05-11}, - author = {{EsimMoe}}, - file = {GitHub - EsimMoe/MiniLPA\: Professional LPA UI:/home/niklas/Zotero/storage/CMWHRGQM/MiniLPA.html:text/html}, -} - -@misc{petercxy_openeuicc_nodate, - title = {{OpenEUICC}}, - url = {https://gitea.angry.im/PeterCxy/OpenEUICC}, - abstract = {eSIM LPA (Local Profile Assistant) implementation for Android. System privilege or ARA-M allowlisting required.}, - urldate = {2025-05-11}, - author = {{PeterCxy}}, - file = {Snapshot:/home/niklas/Zotero/storage/45U7S476/OpenEUICC.html:text/html}, -} - -@misc{welte_wireshark_nodate, - title = {Wireshark {GSM} {SIM} dissector}, - url = {https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-gsm_sim.c}, - abstract = {Read-only mirror of Wireshark\&\#39;s Git repository at https://gitlab.com/wireshark/wireshark. ⚠️ GitHub won\&\#39;t let us disable pull requests. ⚠️ THEY WILL BE IGNORED HERE ⚠️ Upload them at GitLab...}, - urldate = {2025-05-11}, - publisher = {Wireshark}, - author = {Welte, Harald}, - file = {Snapshot:/home/niklas/Zotero/storage/LCYMD2GY/packet-gsm_sim.html:text/html}, -} - -@misc{osmocom_simtrace_nodate, - title = {{SIMtrace} 2 - {Open} {Source} {Mobile} {Communications}}, - url = {https://osmocom.org/projects/simtrace2/wiki}, +@misc{osmocom_open_nodate, + title = {Open {Source} {Mobile} {Communications}}, + url = {https://osmocom.org/}, urldate = {2025-05-11}, author = {{Osmocom}}, - file = {Wiki - SIMtrace 2 - Open Source Mobile Communications:/home/niklas/Zotero/storage/YGSSZYR3/wiki.html:text/html}, -} - -@misc{security_research_labs_simtester_2025, - title = {{SIMTester}}, - url = {https://github.com/srlabs/SIMTester}, - abstract = {A tool to test SIM card security}, - urldate = {2025-05-11}, - publisher = {Security Research Labs}, - author = {{Security Research Labs}}, - month = may, - year = {2025}, - note = {original-date: 2022-10-25T09:34:57Z}, + file = {Open Source Mobile Communications:/Users/privat/Zotero/storage/GBAJJJN5/osmocom.org.html:text/html}, } @misc{estkme_lpac_2025, @@ -426,70 +414,16 @@ C compilers is available on the web.}, keywords = {sgp22, euicc}, } -@misc{globalplatform_secure_2024, - title = {Secure {Element} {Access} {Control} v1.2}, - language = {en}, - author = {{GlobalPlatform}}, - month = dec, - year = {2024}, - file = {PDF:/home/niklas/Zotero/storage/A2LX9CP2/Secure Element Access Control v1.2.pdf:application/pdf}, -} - -@misc{globalplatform_secure_2014, - title = {Secure {Element} {Access} {Control} v1.1}, - language = {en}, - author = {{GlobalPlatform}}, - month = sep, - year = {2014}, - file = {PDF:/home/niklas/Zotero/storage/S6DJUWNA/Secure Element Access Control v1.1.pdf:application/pdf}, -} - -@misc{oss_nokalva_asn1_nodate, - title = {{ASN}.1 {Introduction}}, - url = {https://www.oss.com/asn1/resources/asn1-made-simple/introduction.html}, - urldate = {2025-05-13}, - journal = {ASN.1 Made Simple - Introduction}, - author = {{OSS Nokalva}}, - file = {ASN.1 Made Simple - Introduction:/home/niklas/Zotero/storage/SYR7T4NW/introduction.html:text/html}, -} - -@misc{eftlab_list_nodate, - title = {List of {APDU} responses}, - url = {https://www.eftlab.com/knowledge-base/complete-list-of-apdu-responses}, - urldate = {2025-05-13}, - journal = {EFTlab - Breakthrough Payment Technologies}, - author = {{EFTlab}}, - file = {EFTlab - Breakthrough Payment Technologies:/home/niklas/Zotero/storage/XD6VW8D6/complete-list-of-apdu-responses.html:text/html}, -} - -@misc{etsi_etsi_2020, - title = {{ETSI} {TS} 131 101 {3GPP} integration}, - url = {https://www.etsi.org/deliver/etsi_ts/131100_131199/131101/16.00.00_60/ts_131101v160000p.pdf}, - urldate = {2025-05-13}, - author = {{ETSI}}, - month = jul, - year = {2020}, - file = {PDF:/home/niklas/Zotero/storage/UMVTLP9K/ts_131101v160000p.pdf:application/pdf}, -} - -@misc{etsi_etsi_2021, - title = {{ETSI} {TS} 102 221 {Terminal} {Interface}}, - url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102221/16.06.00_60/ts_102221v160600p.pdf}, - urldate = {2025-05-13}, - author = {{ETSI}}, - month = oct, - year = {2021}, - file = {PDF:/home/niklas/Zotero/storage/HCNXBALK/ts_102221v160600p.pdf:application/pdf}, -} - -@misc{isoiec_isoiec_2006, - title = {{ISO}/{IEC} 7816-3}, - url = {https://www.freecalypso.org/pub/GSM/ISO7816/ISO_7816-3_2006.pdf}, - urldate = {2025-05-13}, - author = {{ISO/IEC}}, - month = nov, - year = {2006}, - file = {PDF:/home/niklas/Zotero/storage/58QIFPW4/ISOIEC - 2006 - ISOIEC 7816-3.pdf:application/pdf}, +@misc{security_research_labs_simtester_2025, + title = {{SIMTester}}, + url = {https://github.com/srlabs/SIMTester}, + abstract = {A tool to test SIM card security}, + urldate = {2025-05-11}, + publisher = {Security Research Labs}, + author = {{Security Research Labs}}, + month = may, + year = {2025}, + note = {original-date: 2022-10-25T09:34:57Z}, } @misc{ort_writing_2001, @@ -499,17 +433,73 @@ C compilers is available on the web.}, author = {Ort, Ed}, month = jan, year = {2001}, - file = {Writing a Java Card Applet:/home/niklas/Zotero/storage/P7WHIQEX/javacard-applet.html:text/html}, + file = {Writing a Java Card Applet:/Users/privat/Zotero/storage/P7WHIQEX/javacard-applet.html:text/html}, } -@misc{etsi_ts_2014, - title = {{TS} 102 223 {Card} {Application} {Toolkit}}, - url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102223/12.01.00_60/ts_102223v120100p.pdf}, - urldate = {2025-05-18}, +@misc{etsi_etsi_2020, + title = {{ETSI} {TS} 131 101 {3GPP} integration}, + url = {https://www.etsi.org/deliver/etsi_ts/131100_131199/131101/16.00.00_60/ts_131101v160000p.pdf}, + urldate = {2025-05-13}, author = {{ETSI}}, + month = jul, + year = {2020}, + file = {PDF:/Users/privat/Zotero/storage/UMVTLP9K/ts_131101v160000p.pdf:application/pdf}, +} + +@misc{etsi_etsi_2021, + title = {{ETSI} {TS} 102 221 {Terminal} {Interface}}, + url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102221/16.06.00_60/ts_102221v160600p.pdf}, + urldate = {2025-05-13}, + author = {{ETSI}}, + month = oct, + year = {2021}, + file = {PDF:/Users/privat/Zotero/storage/HCNXBALK/ts_102221v160600p.pdf:application/pdf}, +} + +@misc{isoiec_isoiec_2006, + title = {{ISO}/{IEC} 7816-3}, + url = {https://www.freecalypso.org/pub/GSM/ISO7816/ISO_7816-3_2006.pdf}, + urldate = {2025-05-13}, + author = {{ISO/IEC}}, + month = nov, + year = {2006}, + file = {PDF:/Users/privat/Zotero/storage/58QIFPW4/ISOIEC - 2006 - ISOIEC 7816-3.pdf:application/pdf}, +} + +@misc{eftlab_list_nodate, + title = {List of {APDU} responses}, + url = {https://www.eftlab.com/knowledge-base/complete-list-of-apdu-responses}, + urldate = {2025-05-13}, + journal = {EFTlab - Breakthrough Payment Technologies}, + author = {{EFTlab}}, + file = {EFTlab - Breakthrough Payment Technologies:/Users/privat/Zotero/storage/XD6VW8D6/complete-list-of-apdu-responses.html:text/html}, +} + +@misc{oss_nokalva_asn1_nodate, + title = {{ASN}.1 {Introduction}}, + url = {https://www.oss.com/asn1/resources/asn1-made-simple/introduction.html}, + urldate = {2025-05-13}, + journal = {ASN.1 Made Simple - Introduction}, + author = {{OSS Nokalva}}, + file = {ASN.1 Made Simple - Introduction:/Users/privat/Zotero/storage/SYR7T4NW/introduction.html:text/html}, +} + +@misc{globalplatform_secure_2014, + title = {Secure {Element} {Access} {Control} v1.1}, + language = {en}, + author = {{GlobalPlatform}}, month = sep, year = {2014}, - file = {PDF:/home/niklas/Zotero/storage/2AETCTSV/ts_102223v120100p.pdf:application/pdf}, + file = {PDF:/Users/privat/Zotero/storage/S6DJUWNA/Secure Element Access Control v1.1.pdf:application/pdf}, +} + +@misc{globalplatform_secure_2024, + title = {Secure {Element} {Access} {Control} v1.2}, + language = {en}, + author = {{GlobalPlatform}}, + month = dec, + year = {2024}, + file = {PDF:/Users/privat/Zotero/storage/A2LX9CP2/Secure Element Access Control v1.2.pdf:application/pdf}, } @misc{estkme_rlpa-server_2025, @@ -525,17 +515,33 @@ C compilers is available on the web.}, note = {original-date: 2024-06-15T14:06:07Z}, } -@misc{rousseau_pyscard_2025, - title = {pyscard}, - copyright = {LGPL-2.1}, - url = {https://github.com/LudovicRousseau/pyscard}, - abstract = {pyscard smartcard library for python}, +@misc{etsi_ts_2014, + title = {{TS} 102 223 {Card} {Application} {Toolkit}}, + url = {https://www.etsi.org/deliver/etsi_ts/102200_102299/102223/12.01.00_60/ts_102223v120100p.pdf}, + urldate = {2025-05-18}, + author = {{ETSI}}, + month = sep, + year = {2014}, + file = {PDF:/Users/privat/Zotero/storage/2AETCTSV/ts_102223v120100p.pdf:application/pdf}, +} + +@misc{etsi_ts_2005, + title = {{TS} 151 011 {SIM}-{ME} interface}, + url = {https://www.etsi.org/deliver/etsi_ts/151000_151099/151011/04.15.00_60/ts_151011v041500p.pdf}, urldate = {2025-05-20}, - author = {Rousseau, Ludovic}, - month = may, - year = {2025}, - note = {original-date: 2015-06-16T18:25:06Z}, - keywords = {smartcard, apdu, pcsc, pyscard, python, python3, smartcard-library, travis-ci}, + author = {{ETSI}}, + month = jun, + year = {2005}, + file = {PDF:/Users/privat/Zotero/storage/BY2ZCG4E/ts_151011v041500p.pdf:application/pdf}, +} + +@misc{etsi_ts_2023, + title = {{TS} 102 241 {UICC} {API}}, + language = {en}, + author = {{ETSI}}, + month = aug, + year = {2023}, + file = {PDF:/Users/privat/Zotero/storage/3CTHDWNK/TS 102 241 - V17.5.0 - Smart Cards\; UICC Application Programming Interface (UICC API) for Java Card™.pdf:application/pdf}, } @misc{maciver_hypothesis_2019, @@ -549,26 +555,20 @@ C compilers is available on the web.}, year = {2019}, doi = {10.21105/joss.01891}, note = {original-date: 2013-03-10T13:51:19Z}, - file = {Full Text:/home/niklas/Zotero/storage/M3TAPWCL/MacIver et al. - 2019 - Hypothesis A new approach to property-based testing.pdf:application/pdf}, + file = {Full Text:/Users/privat/Zotero/storage/M3TAPWCL/MacIver et al. - 2019 - Hypothesis A new approach to property-based testing.pdf:application/pdf}, } -@misc{etsi_ts_2023, - title = {{TS} 102 241 {UICC} {API}}, - language = {en}, - author = {{ETSI}}, - month = aug, - year = {2023}, - file = {PDF:/home/niklas/Zotero/storage/3CTHDWNK/TS 102 241 - V17.5.0 - Smart Cards\; UICC Application Programming Interface (UICC API) for Java Card™.pdf:application/pdf}, -} - -@misc{etsi_ts_2005, - title = {{TS} 151 011 {SIM}-{ME} interface}, - url = {https://www.etsi.org/deliver/etsi_ts/151000_151099/151011/04.15.00_60/ts_151011v041500p.pdf}, +@misc{rousseau_pyscard_2025, + title = {pyscard}, + copyright = {LGPL-2.1}, + url = {https://github.com/LudovicRousseau/pyscard}, + abstract = {pyscard smartcard library for python}, urldate = {2025-05-20}, - author = {{ETSI}}, - month = jun, - year = {2005}, - file = {PDF:/home/niklas/Zotero/storage/BY2ZCG4E/ts_151011v041500p.pdf:application/pdf}, + author = {Rousseau, Ludovic}, + month = may, + year = {2025}, + note = {original-date: 2015-06-16T18:25:06Z}, + keywords = {smartcard, apdu, pcsc, pyscard, python, python3, smartcard-library, travis-ci}, } @inproceedings{fioraldi_afl_2020, @@ -581,7 +581,7 @@ C compilers is available on the web.}, author = {Fioraldi, Andrea and Maier, Dominik and Eißfeldt, Heiko and Heuse, Marc}, month = aug, year = {2020}, - file = {PDF:/home/niklas/Zotero/storage/QNMM4NBX/Fioraldi et al. - AFL++ Combining Incremental Steps of Fuzzing Research.pdf:application/pdf}, + file = {PDF:/Users/privat/Zotero/storage/QNMM4NBX/Fioraldi et al. - AFL++ Combining Incremental Steps of Fuzzing Research.pdf:application/pdf}, } @misc{corcoran_pcsc-lite_2025, @@ -591,7 +591,7 @@ C compilers is available on the web.}, journal = {MUSCLE PC/SC-Lite API Documentation}, author = {Corcoran, David and Rousseau, Ludovic}, year = {2025}, - file = {pcsc-lite\: MUSCLE PC/SC-Lite API Documentation:/home/niklas/Zotero/storage/MIGD3JM4/index.html:text/html}, + file = {pcsc-lite\: MUSCLE PC/SC-Lite API Documentation:/Users/privat/Zotero/storage/MIGD3JM4/index.html:text/html}, } @misc{nist_nvd_2025, @@ -600,16 +600,7 @@ C compilers is available on the web.}, urldate = {2025-06-30}, author = {{NIST}}, year = {2025}, - file = {NVD - CVE-2025-0343:/home/niklas/Zotero/storage/D6K8HLIX/CVE-2025-0343.html:text/html}, -} - -@misc{mitre_cve_2003, - title = {{CVE} - {CVE}-2003-0818}, - url = {https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0818}, - urldate = {2025-06-30}, - author = {{MITRE}}, - year = {2003}, - file = {CVE - CVE-2003-0818:/home/niklas/Zotero/storage/8NTHT84Y/cvename.html:text/html}, + file = {NVD - CVE-2025-0343:/Users/privat/Zotero/storage/D6K8HLIX/CVE-2025-0343.html:text/html}, } @misc{nist_nvd_2024, @@ -618,71 +609,43 @@ C compilers is available on the web.}, urldate = {2025-06-30}, author = {{NIST}}, year = {2024}, - file = {NVD - CVE-2024-6197:/home/niklas/Zotero/storage/PMM5K88C/CVE-2024-6197.html:text/html}, + file = {NVD - CVE-2024-6197:/Users/privat/Zotero/storage/PMM5K88C/CVE-2024-6197.html:text/html}, } -@misc{gsma_sgp41_2025, - title = {{SGP}.41 v1.0 {eSIM} {IFPP} {Architecture} and {Requirements}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2025/02/SGP.41-eSIM-IFPP-Architecture-and-Requirements-v1.0.pdf}, - urldate = {2025-07-01}, - publisher = {GSMA}, +@misc{mitre_cve_2003, + title = {{CVE} - {CVE}-2003-0818}, + url = {https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0818}, + urldate = {2025-06-30}, + author = {{MITRE}}, + year = {2003}, + file = {CVE - CVE-2003-0818:/Users/privat/Zotero/storage/8NTHT84Y/cvename.html:text/html}, +} + +@misc{gsma_sgp21_2023, + title = {{SGP}.21 v3.1 {RSP} {Architecture}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2023/12/SGP.21-V3.1.pdf}, + urldate = {2025-06-22}, author = {{GSMA}}, - month = feb, - year = {2025}, - file = {PDF:/home/niklas/Zotero/storage/2CCS6TUE/SGP.41-eSIM-IFPP-Architecture-and-Requirements-v1.0.pdf:application/pdf}, + year = {2023}, + file = {PDF:/Users/privat/Zotero/storage/KSQP8T2D/SGP.21-V3.1.pdf:application/pdf}, } -@misc{gsma_sgp31_2024, - title = {{SGP}.31 v1.2 {eSIM} {IoT} {Architecture} and {Requirements}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2024/04/SGP.31-v1.2.pdf}, +@misc{gsma_sgp21_2015, + title = {{SGP}.21 v1.01 {RSP} {Architecture}}, + url = {https://www.gsma.com/newsroom/wp-content/uploads/SGP.21-v1.01.pdf}, urldate = {2025-07-01}, - publisher = {GSMA}, author = {{GSMA}}, - year = {2024}, - file = {PDF:/home/niklas/Zotero/storage/H4ERY4E3/SGP.31-v1.2.pdf:application/pdf}, + year = {2015}, + file = {PDF:/Users/privat/Zotero/storage/ZNI6GMH2/SGP.21-v1.01.pdf:application/pdf}, } -@misc{gd_rsp_nodate, - title = {{RSP} solutions driving excellence in {eSIM} management}, - shorttitle = {Solution {Brief}}, - url = {https://www.gi-de.com/corporate/Digital_Security/Connectivity_IoT/IoT/AirOn360-iot/Solution_Brief_GD_RSP.pdf}, +@misc{gsma_sgp01_2014, + title = {{SGP}.01 v1.12 {eSIM} {RSP} {Architecture}}, + url = {https://www.gsma.com/newsroom/wp-content/uploads//SGP.01-v1.12.pdf}, urldate = {2025-07-01}, - journal = {G+D’s RSP solutions driving excellence in eSIM management}, - author = {{G+D}}, - file = {PDF:/home/niklas/Zotero/storage/VUSEQNYY/Solution_Brief_GD_RSP.pdf:application/pdf}, -} - -@misc{gsma_sgp32_2024, - title = {{SGP}.32 v1.1 {eSIM} {IoT} {Technical} {Specification}}, - language = {en}, - publisher = {GSMA}, author = {{GSMA}}, - year = {2024}, - file = {PDF:/home/niklas/Zotero/storage/BN4I9UQ8/Sanz - SGP.32 eSIM IoT Technical Specification v1.1.pdf:application/pdf}, -} - -@misc{esimme_esimme_2025, - title = {{eSIM}.me: {UPGRADE} to {eSIM} - {Apps} on {Google} {Play}}, - shorttitle = {{eSIM}.me}, - url = {https://play.google.com/store/apps/details?id=esim.me&hl=en_CA}, - abstract = {ADD eSIM Functionality to your "Existing" Smartphone}, - language = {en-CA}, - urldate = {2025-07-01}, - author = {{esim.me}}, - year = {2025}, - file = {Snapshot:/home/niklas/Zotero/storage/BI639BHE/details.html:text/html}, -} - -@misc{apple_apple_2018, - title = {Apple introduces {iPhone} {XR}}, - url = {https://www.apple.com/newsroom/2018/09/apple-introduces-iphone-xr/}, - abstract = {Apple today announced iPhone XR, integrating breakthrough technologies from iPhone XS in an all-screen glass and aluminum design.}, - language = {en-US}, - urldate = {2025-07-01}, - journal = {Apple Newsroom}, - author = {{Apple}}, - year = {2018}, - file = {Snapshot:/home/niklas/Zotero/storage/NVCL4WBU/apple-introduces-iphone-xr.html:text/html}, + year = {2014}, + file = {PDF:/Users/privat/Zotero/storage/RWPD9BJM/SGP.01-v1.12.pdf:application/pdf}, } @misc{vincent_samsungs_2016, @@ -695,42 +658,71 @@ C compilers is available on the web.}, author = {Vincent, James}, month = feb, year = {2016}, - file = {Snapshot:/home/niklas/Zotero/storage/F4N2FLKA/esim-wearable-smartwatch-samsung-gear-s2.html:text/html}, + file = {Snapshot:/Users/privat/Zotero/storage/F4N2FLKA/esim-wearable-smartwatch-samsung-gear-s2.html:text/html}, } -@misc{gsma_sgp01_2014, - title = {{SGP}.01 v1.12 {eSIM} {RSP} {Architecture}}, - url = {https://www.gsma.com/newsroom/wp-content/uploads//SGP.01-v1.12.pdf}, +@misc{apple_apple_2018, + title = {Apple introduces {iPhone} {XR}}, + url = {https://www.apple.com/newsroom/2018/09/apple-introduces-iphone-xr/}, + abstract = {Apple today announced iPhone XR, integrating breakthrough technologies from iPhone XS in an all-screen glass and aluminum design.}, + language = {en-US}, urldate = {2025-07-01}, - author = {{GSMA}}, - year = {2014}, - file = {PDF:/home/niklas/Zotero/storage/RWPD9BJM/SGP.01-v1.12.pdf:application/pdf}, + journal = {Apple Newsroom}, + author = {{Apple}}, + year = {2018}, + file = {Snapshot:/Users/privat/Zotero/storage/NVCL4WBU/apple-introduces-iphone-xr.html:text/html}, } -@misc{gsma_sgp21_2015, - title = {{SGP}.21 v1.01 {RSP} {Architecture}}, - url = {https://www.gsma.com/newsroom/wp-content/uploads/SGP.21-v1.01.pdf}, +@misc{esimme_esimme_2025, + title = {{eSIM}.me: {UPGRADE} to {eSIM} - {Apps} on {Google} {Play}}, + shorttitle = {{eSIM}.me}, + url = {https://play.google.com/store/apps/details?id=esim.me&hl=en_CA}, + abstract = {ADD eSIM Functionality to your "Existing" Smartphone}, + language = {en-CA}, urldate = {2025-07-01}, - author = {{GSMA}}, - year = {2015}, - file = {PDF:/home/niklas/Zotero/storage/ZNI6GMH2/SGP.21-v1.01.pdf:application/pdf}, + author = {{esim.me}}, + year = {2025}, + file = {Snapshot:/Users/privat/Zotero/storage/BI639BHE/details.html:text/html}, } -@misc{gsma_sgp21_2023, - title = {{SGP}.21 v3.1 {RSP} {Architecture}}, - url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2023/12/SGP.21-V3.1.pdf}, - urldate = {2025-06-22}, +@misc{gsma_sgp32_2024, + title = {{SGP}.32 v1.1 {eSIM} {IoT} {Technical} {Specification}}, + language = {en}, + publisher = {GSMA}, author = {{GSMA}}, - year = {2023}, - file = {PDF:/home/niklas/Zotero/storage/KSQP8T2D/SGP.21-V3.1.pdf:application/pdf}, + year = {2024}, + file = {PDF:/Users/privat/Zotero/storage/BN4I9UQ8/Sanz - SGP.32 eSIM IoT Technical Specification v1.1.pdf:application/pdf}, } -@misc{iebb_nekokolpa_nodate, - title = {{NekokoLPA}}, - url = {https://github.com/iebb/NekokoLPA}, - urldate = {2025-07-02}, - author = {{iebb}}, - file = {iebb/NekokoLPA\: NekokoLPA:/home/niklas/Zotero/storage/S8SXVMEV/NekokoLPA.html:text/html}, +@misc{gd_rsp_nodate, + title = {{RSP} solutions driving excellence in {eSIM} management}, + shorttitle = {Solution {Brief}}, + url = {https://www.gi-de.com/corporate/Digital_Security/Connectivity_IoT/IoT/AirOn360-iot/Solution_Brief_GD_RSP.pdf}, + urldate = {2025-07-01}, + journal = {G+D’s RSP solutions driving excellence in eSIM management}, + author = {{G+D}}, + file = {PDF:/Users/privat/Zotero/storage/VUSEQNYY/Solution_Brief_GD_RSP.pdf:application/pdf}, +} + +@misc{gsma_sgp31_2024, + title = {{SGP}.31 v1.2 {eSIM} {IoT} {Architecture} and {Requirements}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2024/04/SGP.31-v1.2.pdf}, + urldate = {2025-07-01}, + publisher = {GSMA}, + author = {{GSMA}}, + year = {2024}, + file = {PDF:/Users/privat/Zotero/storage/H4ERY4E3/SGP.31-v1.2.pdf:application/pdf}, +} + +@misc{gsma_sgp41_2025, + title = {{SGP}.41 v1.0 {eSIM} {IFPP} {Architecture} and {Requirements}}, + url = {https://www.gsma.com/solutions-and-impact/technologies/esim/wp-content/uploads/2025/02/SGP.41-eSIM-IFPP-Architecture-and-Requirements-v1.0.pdf}, + urldate = {2025-07-01}, + publisher = {GSMA}, + author = {{GSMA}}, + month = feb, + year = {2025}, + file = {PDF:/Users/privat/Zotero/storage/2CCS6TUE/SGP.41-eSIM-IFPP-Architecture-and-Requirements-v1.0.pdf:application/pdf}, } @misc{colvin_pydantic_2025, @@ -744,3 +736,48 @@ C compilers is available on the web.}, year = {2025}, note = {original-date: 2017-05-03T21:23:58Z}, } + +@misc{iebb_nekokolpa_nodate, + title = {{NekokoLPA}}, + url = {https://github.com/iebb/NekokoLPA}, + urldate = {2025-07-02}, + author = {{iebb}}, + file = {iebb/NekokoLPA\: NekokoLPA:/Users/privat/Zotero/storage/S8SXVMEV/NekokoLPA.html:text/html}, +} + +@misc{globalplatform_gp_2018, + title = {{GP} {Card} {Specification} v2.3.1}, + url = {https://globalplatform.org/wp-content/uploads/2018/05/GPC_CardSpecification_v2.3.1_PublicRelease_CC.pdf}, + urldate = {2025-07-04}, + author = {{GlobalPlatform}}, + month = mar, + year = {2018}, + file = {PDF:/Users/privat/Zotero/storage/RKV2ERY8/GPC_CardSpecification_v2.3.1_PublicRelease_CC.pdf:application/pdf}, +} + +@misc{refirmlabs_binwalk_2025, + title = {binwalk}, + copyright = {MIT}, + url = {https://github.com/ReFirmLabs/binwalk}, + abstract = {Firmware Analysis Tool}, + urldate = {2025-07-04}, + publisher = {ReFirm Labs}, + author = {{ReFirmLabs}}, + month = jul, + year = {2025}, + note = {original-date: 2013-11-15T20:45:40Z}, +} + +@misc{nsa_ghidra_2025, + title = {ghidra}, + copyright = {Apache-2.0}, + url = {https://github.com/NationalSecurityAgency/ghidra}, + abstract = {Ghidra is a software reverse engineering (SRE) framework}, + urldate = {2025-07-04}, + publisher = {National Security Agency}, + author = {{NSA}}, + month = jul, + year = {2025}, + note = {original-date: 2019-03-01T03:27:48Z}, + keywords = {disassembler, reverse-engineering, software-analysis}, +} diff --git a/Chapters/Background.tex b/Chapters/Background.tex index 4dcac36..458dd47 100644 --- a/Chapters/Background.tex +++ b/Chapters/Background.tex @@ -18,8 +18,7 @@ The \gls{sim} card is a specialized type of smart card, a form factor also emplo Interaction with the \gls{sim} is governed by an embedded operating system, which provides a standardized file system structure for data access and application management. In addition to storing subscriber data and cryptographic keys, the \gls{sim} operating system can execute Java Card applets to extend its functionality. -Java Card applets are applications written in a restricted subset of the Java programming language, specifically tailored for execution on constrained devices. They operate within the Java Card Runtime -Environment (JCRE), which itself runs inside the Java Card Virtual Machine (JCVM). This environment enables secure, platform-independent execution of custom logic directly on the \gls{sim} card, a capability that is heavily utilized in mobile network provisioning, secure authentication, and value-added services. +Java Card applets are applications written in a restricted subset of the Java programming language, specifically tailored for execution on constrained devices. They operate within the Java Card Runtime Environment (JCRE), which itself runs inside the Java Card Virtual Machine (JCVM). This environment enables secure, platform-independent execution of custom logic directly on the \gls{sim} card, a capability that is heavily utilized in mobile network provisioning, secure authentication, and value-added services.\cite{ort_writing_2001} \paragraph{Standards} @@ -280,7 +279,7 @@ The \gls{isdr} acts as the primary control authority on the \gls{euicc}. It mana Each \gls{isdp} hosts exactly one \gls{esim} profile and is responsible for profile download and installation. \glspl{isdp} may additionally host applets specific to the mobile network operator or service provider. An \gls{euicc} can have multiple \glspl{isdp} to have multiple profiles installed at the same time. Each \gls{isdp} must have it's own unique \glspl{aid}. -The \gls{aram}, as specified by \gls{gp}, governs access control for applications on the Secure Element. It aggregates access rules from multiple possible sources on the Secure Element and provides them in a standardized form. These rules are defined by the Secure Element issuer, typically the device manufacturer, during the \gls{euicc} manufacturing process and can restrict which device-side applications are permitted to communicate with the \gls{euicc} and its applets. +The \gls{aram}, as specified by \gls{gp} \cite{globalplatform_secure_2024}, governs access control for applications on the Secure Element. It aggregates access rules from multiple possible sources on the Secure Element and provides them in a standardized form. These rules are defined by the Secure Element issuer, typically the device manufacturer, during the \gls{euicc} manufacturing process and can restrict which device-side applications are permitted to communicate with the \gls{euicc} and its applets. Together, these components establish the trust and management architecture necessary for secure and scalable remote SIM provisioning. @@ -450,7 +449,5 @@ Next, the \gls{euicc} and \gls{smdpp} perform an \gls{ecka} to derive session ke After installation, session keys are erased and the \gls{euicc} generates a signed installation notification containing a sequence number and server address. The \gls{lpa} forwards this notification to the \gls{smdpp}, and upon receiving a success response, the \gls{euicc} removes the notification, completing the provisioning cycle. -\todo{Add sequence diagram which shows the rsp process} - diff --git a/Chapters/Conclusions.tex b/Chapters/Conclusions.tex index 528eb03..6e51d15 100644 --- a/Chapters/Conclusions.tex +++ b/Chapters/Conclusions.tex @@ -12,9 +12,9 @@ % reverse engineered the estk.me update mechanism -% SIMs and eSIMs are an established standard -% future work -% support of proactive commands to test esim like estk.me and 9esim v2 -% support for IoT specific features like remote push provisioning featured in the iot spec SGP.31 aswell as SGP.21 v3.1 -% +This thesis presented a systematic security analysis of commercial eSIM-on-SIM card implementations through the application of differential testing. Given the opaque and proprietary nature of most \gls{euicc} firmware, black-box testing approaches remain one of the few viable options for assessing correctness and security in deployed systems. By designing and implementing a custom framework, this work established a reproducible methodology for identifying behavioral inconsistencies across vendor-specific \gls{esim} implementations. + +The developed framework integrates trace recording, scenario-driven testing, and property-based structured fuzzing, allowing the systematic mutation and replay of \gls{apdu} traces. The combination of syntactically valid \gls{asn1}-based input generation with deterministic mutation provides a strong fuzzing implementation. Through this approach, several notable implementation discrepancies were identified, including a critical certificate validation bypass in one vendor’s \gls{euicc} side provisioning logic. + +These findings underscore the importance of independent verification and validation of \gls{esim} implementations, particularly in consumer devices, where assumptions of trust in embedded components are prevalent. The observed deviations from \gls{gsma} specifications suggest that even well-established standards do not guarantee uniform security guarantees across vendors. Differential testing, as demonstrated, offers a scalable and automation-friendly approach to detect such inconsistencies without requiring access to proprietary source code. diff --git a/Chapters/Evaluation.tex b/Chapters/Evaluation.tex index d70ab86..2bda168 100644 --- a/Chapters/Evaluation.tex +++ b/Chapters/Evaluation.tex @@ -166,7 +166,7 @@ The firmware image accompanying the update utility appears to be encrypted or ob \caption{Shannon entropy values across blocks for three different firmware versions.} \end{figure} -A deeper static analysis using Ghidra did not reveal any recognizable structure or file headers, further supporting the assumption of encryption. Similarly, tools like Binwalk\footnote{https://github.com/ReFirmLabs/binwalk} did not detect known compression schemes, embedded file systems, or file signatures. Consequently, firmware payload analysis could not be meaningfully performed beyond block-level transmission. +A deeper static analysis using Ghidra~\cite{nsa_ghidra_2025} did not reveal any recognizable structure or file headers, further supporting the assumption of encryption. Similarly, tools like Binwalk~\cite{refirmlabs_binwalk_2025} did not detect known compression schemes, embedded file systems, or file signatures. Consequently, firmware payload analysis could not be meaningfully performed beyond block-level transmission. \subsubsection*{Firmware Update Mechanism} @@ -178,8 +178,9 @@ The update mechanism exposes two primary functions via a custom \gls{aid} endpoi The \gls{aid} used to access the update utility differs based on firmware generation. For example, the test card (generation T001) uses the \gls{aid}: \begin{quote} -\texttt{A06573746B6D65FFFFFFFF6677757064} \\ -(hex-encoded: \texttt{'estkmeÿÿÿÿfwupd'}) + \centering + \texttt{A06573746B6D65FFFFFFFF6677757064} \\ + (hex-encoded: \texttt{'estkmeÿÿÿÿfwupd'}) \end{quote} Firmware versions follow the format \texttt{TXXXVXX}, where major generation (\texttt{T000}--\texttt{T003}) and minor version are encoded. Firmware updates are incremental and strictly one-way, the tool automatically selects the next version based on the currently installed one, and downgrade paths are not supported. @@ -278,29 +279,6 @@ While tracing provides valuable insights into command sequencing and \gls{aid} s \section{Data Fuzzing} \label{sec:data_fuzzing_evaluation} -Data fuzzing, as described in \cref{subsec:data_fuzzing}, was conducted on all tested \gls{esim} cards with the exception of \texttt{estk.me}. Each test case was executed sequentially across all eligible \glspl{esim} to ensure consistency and reproducibility of results. - -The majority of the cards handled the fuzzed input data as expected, either processing the requests successfully or rejecting them gracefully with standard-compliant error responses. However, notable exceptions were observed during the execution of the \texttt{GetProfileInfo} test case as shown in \cref{tab:data_fuzzing_result_part1} and \cref{tab:data_fuzzing_result_part2}, particularly for the following devices: -\begin{itemize} - \item 9esim - \item 9esim v2 - \item EIOTCLUB -\end{itemize} - -In all three cases, the fuzzing input - -\begin{lstlisting}[language=Python] -get_profiles(use_iccid=False, profile_class=None, tags=b'') -\end{lstlisting} - -resulted in a \texttt{CardConnectionException} raised by the \texttt{smartcard} Python library during \gls{apdu} transmission. - -During these failures, a consistent and unusual hardware behavior was observed. The transaction LED on the card reader continued to blink, suggesting ongoing \gls{apdu} activity, even though no further commands were being issued by the fuzzing logic. This blinking persisted even after the test process was terminated and, in some cases, even after the \gls{esim} card was physically removed from the reader. - -The LED activity ceased only when the card reader was fully disconnected from the host machine. This behavior strongly indicates that the failure triggered an inconsistent or undefined state within the underlying \texttt{smartcard} library or \texttt{libpcsc}. - -% Although this failure was not directly traceable to a specific eSIM firmware implementation (due to the exception occurring before a meaningful response could be recorded), its repeatability across multiple cards and hardware sessions suggests it warrants further investigation—potentially outside the scope of this work but relevant for tooling robustness in future studies. - \begin{table}[h!] \centering @@ -344,6 +322,29 @@ The LED activity ceased only when the card reader was fully disconnected from th \end{tabular} \end{table} +Data fuzzing, as described in \cref{subsec:data_fuzzing}, was conducted on all tested \gls{esim} cards with the exception of \texttt{estk.me}. Each test case was executed sequentially across all eligible \glspl{esim} to ensure consistency and reproducibility of results. + +The majority of the cards handled the fuzzed input data as expected, either processing the requests successfully or rejecting them gracefully with standard-compliant error responses. However, notable exceptions were observed during the execution of the \texttt{GetProfileInfo} test case as shown in \cref{tab:data_fuzzing_result_part1} and \cref{tab:data_fuzzing_result_part2}, particularly for the following devices: +\begin{itemize} + \item 9esim + \item 9esim v2 + \item EIOTCLUB +\end{itemize} + +In all three cases, the fuzzing input + +\begin{lstlisting}[language=Python] +get_profiles(use_iccid=False, profile_class=None, tags=b'') +\end{lstlisting} + +resulted in a \texttt{CardConnectionException} raised by the \texttt{smartcard} Python library during \gls{apdu} transmission. + +During these failures, a consistent and unusual hardware behavior was observed. The transaction LED on the card reader continued to blink, suggesting ongoing \gls{apdu} activity, even though no further commands were being issued by the fuzzing logic. This blinking persisted even after the test process was terminated and, in some cases, even after the \gls{esim} card was physically removed from the reader. + +The LED activity ceased only when the card reader was fully disconnected from the host machine. This behavior strongly indicates that the failure triggered an inconsistent or undefined state within the underlying \texttt{smartcard} library or \texttt{libpcsc}. + +% Although this failure was not directly traceable to a specific eSIM firmware implementation (due to the exception occurring before a meaningful response could be recorded), its repeatability across multiple cards and hardware sessions suggests it warrants further investigation—potentially outside the scope of this work but relevant for tooling robustness in future studies. + % apdu fuzzing @@ -427,15 +428,15 @@ The execution time of fuzzed \gls{apdu} sequences varied depending on chip proce The following classes of errors were consistently encountered during mutation campaigns: \begin{itemize} - \item \textbf{SCP03TSecurityError}: Occurred during the \texttt{LoadBoundProfilePackage} step, particularly when transmitting \texttt{sequenceOf86}, \texttt{sequenceOf88}, or the initial \texttt{sequenceOf87}. This indicates failure during Secure Channel Protocol 03 (terminal-side variant) session establishment. + \item \textbf{SCP03TSecurityError}: Occurred during the \texttt{\justify LoadBoundProfilePackage} step, particularly when transmitting \texttt{sequenceOf86}, \texttt{sequenceOf88}, or the initial \texttt{sequenceOf87}. This indicates failure during Secure Channel Protocol 03 (terminal-side variant) session establishment. \item \textbf{ApduException}: Triggered by malformed \gls{asn1} structures, typically due to mutations altering length or tag fields. \item \textbf{InvalidCertificate}: Observed during \texttt{AuthenticateServer} and \texttt{PrepareDownload}. The \gls{euicc} rejected the server certificate during validation. - \item \textbf{InvalidSignature}: Raised exclusively during \texttt{InitialiseSecureChannelRequest}, indicating that the \gls{euicc} failed to verify the signature required for secure channel establishment. + \item \textbf{InvalidSignature}: Raised exclusively during \texttt{\justify InitialiseSecureChannelRequest}, indicating that the \gls{euicc} failed to verify the signature required for secure channel establishment. - \item \textbf{UnsupportedRemoteOpType}: Also restricted to \texttt{InitialiseSecureChannelRequest}. Mutation operators such as \texttt{ZERO\_BLOCK} or \texttt{TRUNCATE} corrupted the operation type field, which is normally set to \texttt{installBoundProfilePackage (1)}. + \item \textbf{UnsupportedRemoteOpType}: Also restricted to \texttt{\justify InitialiseSecureChannelRequest}. Mutation operators such as \texttt{ZERO\_BLOCK} or \texttt{TRUNCATE} corrupted the operation type field, which is normally set to \texttt{\justify installBoundProfilePackage (1)}. \item \textbf{UnsupportedCurve}: Introduced via bit-level mutations affecting certificate parameters. The \gls{euicc} did not support the altered elliptic curve definition. diff --git a/Chapters/Implementation.tex b/Chapters/Implementation.tex index 3cbbb2d..b8fd596 100644 --- a/Chapters/Implementation.tex +++ b/Chapters/Implementation.tex @@ -23,9 +23,9 @@ % - tests for edge cases % - in the following sections i will go into details on how each implementation work -The primary goal of this thesis is to conduct a security analysis of commercial \gls{esim} implementations using differential testing. The underlying idea of this approach is to systematically compare the behavior of different \gls{euicc} implementations under the same inputs to detect inconsistencies or vulnerabilities. The focus lies particularly on components and behaviors that differentiate traditional \gls{sim} cards from \glspl{esim}, such as profile download and profile mangement capabilites. +The primary goal of this thesis is to conduct a security analysis of commercial \gls{esim} implementations through differential testing. We adopt a systematic approach to compare the behavior of different \gls{euicc} implementations under identical inputs to uncover inconsistencies and potential vulnerabilities. Our focus lies particularly on components and behaviors that differentiate traditional \gls{sim} cards from \glspl{esim}, such as profile download and profile mangement capabilites. -Differential testing is applied through structured fuzzing, using both valid and mutated \gls{apdu} sequences. By observing how different \glspl{euicc} respond to identical input, the approach aims to uncover deviations that may indicate security flaws or implementation weaknesses. +To perform differential testing, we designed a structured fuzzing methodology that employs both valid and mutated \gls{apdu} sequences. By observing and comparing how multiple \glspl{euicc} respond to the same inputs, we aim to uncover deviations that may indicate security flaws or implementation weaknesses. \section{Design} @@ -33,9 +33,9 @@ This section presents the step-by-step refinement of the testing strategy. The i \paragraph{Initial Naive Approach} -The first implementation was based on a straightforward observation setup using the \texttt{simtrace2} tool. \texttt{simtrace2}~\cite{osmocom_simtrace_nodate} allows monitoring of communication between a physical device (typically a smartphone acting as the \gls{lpa}) and a \gls{sim} card. The tool captures \glspl{apdu} and forwards them via \gls{udp} packets to a local socket. From this socket, the \gls{apdu} data can be read, parsed, and analyzed. +We first implemented a simple observation setup using the \texttt{simtrace2} tool. \texttt{simtrace2}~\cite{osmocom_simtrace_nodate} allows monitoring of communication between a physical device (typically a smartphone acting as the \gls{lpa}) and a \gls{sim} card. The tool captures \glspl{apdu} and forwards them via \gls{udp} packets to a local socket. From there, we parsed and analyzed the \gls{apdu} data. -The proposed method was to: +Our proposed methodology involved the following steps: \begin{enumerate} \item Record the \gls{apdu} traffic between the \gls{lpa} and the \gls{euicc} during an \gls{rsp} session. \item Store this traffic in a structured format. @@ -43,41 +43,37 @@ The proposed method was to: \item Replay each recorded \gls{apdu} and monitor the response. \end{enumerate} -The goal was to detect behavioral differences, such as differing \glspl{sw} or execution failures. However, this method proved infeasible in practice due to the nature of the \gls{rsp} protocol: many operations are cryptographically bound to the specific session using signed nonces, meaning that replaying recorded traffic is not possible. +The goal was to detect behavioral differences, such as differing \glspl{sw} or execution failures. However, we discovered that this method was impractical in real-world scenarios. Due to the nature of the \gls{rsp} protocol, many operations involve cryptographic bindings using session-specific nonces, rendering traffic replay infeasible. \paragraph{Controlled LPA Implementation} - To overcome the limitations of passive traffic replay, a new strategy was developed. Rather than relying on the proprietary \gls{lpa} applications often provided by \gls{esim} vendors, we implemented our own minimal \gls{lpa}. The motivation behind this was twofold: +To address the limitations of passive traffic replay, we developed our own minimal and controllable \gls{lpa}. Instead of relying on proprietary \gls{lpa} applications supplied by \gls{esim} vendors, we opted to implement a custom solution for two key reasons: \begin{itemize} \item Vendor \glspl{lpa} often introduce extraneous or undocumented traffic unrelated to the provisioning process, which complicates analysis. \item A custom \gls{lpa} allows for controlled mutation and injection of \gls{apdu} sequences. \end{itemize} -The implemented \gls{lpa} performs a target operation (e.g., profile download or enablement) by issuing the appropriate command sequence to the \gls{euicc} in the PC/SC card reader. Before sending, \glspl{apdu} can be programmatically mutated to evaluate robustness of the implementation against malformed or unexpected inputs. The \gls{lpa} records returned status words and checks for behavioral consistency across different \glspl{euicc}. +The implemented \gls{lpa} performs a target operation (e.g., profile download or enablement) by issuing the appropriate command sequence to the \gls{euicc} in the PC/SC card reader. Prior to transmission, we programmatically mutate \glspl{apdu} to test the implementation’s robustness against malformed or unexpected input. We then record the resulting status words and assess behavioral consistency across different \gls{euicc} devices. -While this approach allows for a more precise control, it has some drawbacks. \gls{rsp} is a stateful protocol, and provisioning actions rely on interaction with the profile vendor's \gls{smdpp} server. Consequently, execution speed is constrained by network latency and backend responsiveness as well as restoring the \gls{euicc} state after a reset. +While our approach allows for a more precise control, it has some drawbacks. \gls{rsp} is a stateful protocol, and provisioning actions rely on interaction with the profile vendor's \gls{smdpp} server. Consequently, execution speed is constrained by network latency and backend responsiveness as well as restoring the \gls{euicc} state after a reset. \paragraph{Fuzzing Strategy} -A challenge in mutating \gls{apdu} messages is that random mutations often lead to invalid \gls{asn1} structures. This effectively reduces the testing strategy to fuzzing the \gls{asn1} decoder, which constitutes only a small component of the overall \gls{euicc} logic. While this approach can reveal vulnerabilities in the \gls{asn1} parser, especially given that parsing vulnerabilities in \gls{asn1}-based decoders have historically led to critical security issues \cite{mitre_cve_2003, nist_nvd_2024, nist_nvd_2025}, it tends to produce limited coverage of the higher-level application logic implemented in the card. +When applying mutations to \gls{apdu} messages, we encountered a common issue: random mutations frequently produce invalid \gls{asn1} structures. This narrows the testing focus to the \gls{asn1} decoder, which represents only a small portion of the total \gls{euicc} logic. Despite this limitation, fuzzing at the decoding layer can still yield valuable results, as parsing flaws in \gls{asn1}-based decoders have historically led to critical vulnerabilities~\cite{mitre_cve_2003, nist_nvd_2024, nist_nvd_2025}. -Nonetheless, the effectiveness of fuzzing the \gls{asn1} parser layer should not be underestimated. Invalid or malformed inputs may still expose critical flaws, such as memory corruption or improper bounds checking within parser implementations. Consequently, early-stage fuzzing using random or deterministic byte-level mutations can serve as a useful baseline for robustness testing at the decoding boundary. +To improve the depth and scope of our fuzzing efforts, we adapted our implementation to generate and mutate structurally valid input instead. By preserving the syntactic and semantic correctness of \gls{asn1} structures, we enabled the fuzzer to exercise deeper layers of application logic. This allowed us to test state transitions, logical constraints, and error handling mechanisms that would otherwise remain untriggered by malformed data. -To broaden the scope and increase the effectiveness of the fuzzing strategy, the implementation was adapted to focus on generating and mutating \textit{structurally valid input} instead. By preserving the syntactic and semantic integrity of the underlying \gls{asn1} structures, the fuzzer is able to explore deeper application logic paths beyond the decoder. This allows for a more comprehensive evaluation of the \gls{euicc} system, including internal state transitions, logical constraints, and error handling routines that are only triggered in the presence of valid but semantically diverse \glspl{apdu}. +To support this structured fuzzing approach, we integrated the Python-based \texttt{hypothesis} library, which provides property-based testing capabilities~\cite{maciver_hypothesis_2019}. Using \texttt{hypothesis}, we defined input schemas mirroring the \gls{asn1} structures employed in the SGP.22 specification~\cite{gsma_sgp22_2025}. The framework then automatically generates valid input covering a wide range of edge cases. -To support structured data fuzzing, this thesis uses the Python-based \texttt{hypothesis} library, which implements property-based testing~\cite{maciver_hypothesis_2019}. \texttt{hypothesis} allows definition of input schemas that mirror \gls{asn1} structures used in \gls{esim} protocols. From these schemas, it automatically generates valid input data covering a wide range of edge cases. - -This strategy enables testing of: +With this setup, we were able to test: \begin{itemize} \item Field boundary conditions (e.g., maximum tag lengths). \item Rare but valid combinations of optional elements. \item Complex nesting of \gls{tlv} structures. \end{itemize} -In the following sections, the technical details of each implementation component, including the \gls{lpa} logic, mutation framework, and fuzzing harness, are presented. - - +In the following sections, we present the technical implementation details of our \gls{lpa} logic, input mutation framework, and fuzzing harness. \section{Tracing} \label{sec:tracing} @@ -95,7 +91,7 @@ In the following sections, the technical details of each implementation componen We built the tracing component to capture and interpret \glspl{apdu} exchanged between an \gls{lpa} (or other source) and the \gls{euicc}, and to replay them by inserting the recorded \glspl{apdu} into the communication between the \gls{lpa} and the \gls{euicc}. This forms the foundation of the differential testing framework by allowing the same interaction sequence to be executed across multiple \glspl{euicc} for behavioral comparison. -The tracing functionality comprises two main operations: +Our tracing functionality comprises two main operations: \begin{itemize} \item \textbf{Tracing and recording:} Captures \glspl{apdu} traffic from a physical interface using \texttt{simtrace2}~\cite{osmocom_simtrace_nodate} and associates it with functional interpretations (e.g., profile enablement, deletion). The \glspl{apdu} are parsed and stored along with contextual information such as sender and receiver addresses. @@ -124,7 +120,7 @@ The implementation consists of several key components: \item[\texttt{replay}] Loads a saved \texttt{recording}, connects to the target \gls{euicc} via \texttt{PcscLink}, and replays each \glspl{apdu}. During replay, the source and target \texttt{\gls{isdr}} values are automatically substituted. The response status words from the target \gls{euicc} are compared against those from the original trace. Any mismatch is reported to highlight divergent behavior. \end{description} -This modular structure allows for easy integration into both automated test pipelines and manual inspection tools, and lays the groundwork for both mutation-based and structure-aware fuzzing techniques described in subsequent sections. +This modular structure allows for easy integration into both automated test pipelines and manual inspection tools, and lays the groundwork for both our mutation-based and structure-aware fuzzing techniques described in subsequent sections. \section{LPA} @@ -199,7 +195,7 @@ This modular structure allows for easy integration into both automated test pipe % before returning the data to the caller -> client checks for error on server and eventually raises the corresponding exception -> as explained in the exception handling part % smdp+ client is mostly used by the isd-r -Due to the limitations of the \texttt{tracer} implementation in correctly replaying \gls{rsp} interactions, we developed a dedicated \gls{lpa} implementation to initiate valid interactions with the \gls{euicc}. This enables the controlled generation and mutation of valid traffic which we will further explain in \cref{sec:fuzzing}. Our implementation targets the SGP.22 v3.1 specification, which was the latest version available at the time of writing \cite{gsma_sgp22_2025}. +Due to the inability of the \texttt{tracer} implementation to accurately replay \gls{rsp} interactions, we developed a dedicated \gls{lpa} to initiate valid interactions with the \gls{euicc}. This custom \gls{lpa} provides us with full control over the generation and mutation of traffic, enabling structured and repeatable interaction patterns. We describe the mutation and fuzzing strategies enabled by this setup in detail in \cref{sec:fuzzing}. Our implementation specifically targets the SGP.22 v3.1 specification, which, at the time of writing, represented the most recent version available~\cite{gsma_sgp22_2025}. The \gls{lpa} is composed of multiple components: @@ -225,9 +221,9 @@ Known \glspl{adf} for \gls{isdr} observed during analysis: \item esim.me: \texttt{A0000005591010000000008900000300} \end{itemize} -The decoded response data is further processed we use \texttt{pydantic} data classes. \texttt{pydantic}~\cite{colvin_pydantic_2025} is a python library that enable structured parsing of values including Base64-encoded strings, bitfields, version types, and more. We implemented custom encoders/decoders to simplify readability and downstream data processing. For bit fields, a mixin is used to allow checking for specific feature flags via simple accessors. +To decoded response data for further processing, we use \texttt{pydantic} data classes. \texttt{pydantic}~\cite{colvin_pydantic_2025} is a python library that enabled us to implement structured parsing of values including Base64-encoded strings, bitfields, version types, and more. We implemented custom encoders/decoders to simplify readability and downstream data processing. For bit fields, a mixin is used to allow checking for specific feature flags via simple accessors. -The \texttt{estk\_fwupd} application implements a proprietary firmware update interface, which we reverse-engineered (see \cref{sec:eval_tracing}). It supports reading the current firmware version, unlocking\footnote{This unlocking is distinct from \gls{gp}-defined unlocking, which allows the execution of generic \gls{gp} commands. See \gls{gp} Card Specification.} the \gls{euicc} for updates, and installing new binaries. +The \texttt{estk\_fwupd} application implements a proprietary firmware update interface, which we reverse-engineered (see \cref{sec:eval_tracing}). It supports reading the current firmware version, unlocking\footnote{This unlocking is distinct from \gls{gp}-defined unlocking, which allows the execution of generic \gls{gp} commands. See \gls{gp} Card Specification \cite{globalplatform_gp_2018}.} the \gls{euicc} for updates, and installing new binaries. \paragraph{Exception Handling} The SGP.22 standard defines a variety of response codes and error conditions. We map these response codes to custom exception classes in the \gls{lpa} implementation to enable precise error handling. This is essential for both debugging and for the differential testing framework to reason about diverging behavior across implementations. A code listing of the exception handling mappings is provided in \cref{sec:exception-handling}. @@ -242,9 +238,9 @@ In addition to \gls{euicc} communication, the \gls{lpa} implementation must inte } \end{lstlisting} -Payload values are Base64-encoded as required by the specification. Response data is deserialized using \texttt{pydantic}. Error responses from the server trigger the appropriate exception, as explained previously. +We encode payload values in Base64 format, as mandated by the specification. To process server responses, we deserialize the returned data using custom \texttt{pydantic} data classes that model the expected structure. In the event of an error response, our implementation raises the appropriate exception, following the error-handling logic outlined in the previous section. -The \gls{smdpp} client is primarily used by the \gls{isdr} application to execute \gls{rsp}-related functionality. +The \gls{smdpp} client is primarily used by our \gls{isdr} application to execute \gls{rsp}-related functionality. \section{Fuzzing} \label{sec:fuzzing} @@ -332,9 +328,9 @@ To uncover behavioral differences between \gls{euicc} implementations, we implem \subsubsection*{Fuzzing Scenarios and Execution} -Fuzzing is conducted through predefined \emph{scenarios}—sequences of function calls that operate on the \gls{euicc}. Each function in a scenario interacts with the \gls{euicc} through the \gls{lpa} and is subject to mutation. The scenario runner initiates a fresh PC/SC link, resets the card into a clean state (processing all notifications and performing a full memory reset) by calling the \texttt{eUICCMemoryReset} function using our \gls{lpa} implementation, and executes each function with multiple mutations. +We perform fuzzing through predefined \emph{scenarios}, which consist of ordered sequences of function calls targeting the \gls{euicc}. Each function within a scenario is executed via our custom \gls{lpa} implementation and serves as a potential mutation point. To ensure a consistent test environment, the scenario runner establishes a fresh PC/SC connection and resets the card into a clean state by invoking the \texttt{eUICCMemoryReset} operation. This includes processing all pending notifications and performing a full memory wipe prior to execution. -This process is guided by an \textbf{operation recorder} that tracks each function call, applied mutations, and resulting responses in a structured \emph{mutation tree}. Each tree node represents a specific function call executed with one type of mutation. A tree level corresponds to a function in the scenario and sibling nodes represent different mutations of that function. +To systematically track the fuzzing process, we developed an \textbf{operation recorder} that tracks every function invocation, the applied mutations, and the corresponding responses. This data is structured as a hierarchical \emph{mutation tree}, where each node represents a function call with a specific mutation applied. Each level in the tree corresponds to a function in the scenario, while sibling nodes denote alternative mutations of the same function. \subsubsection*{Mutation Engine} \label{subsubsec:mutation_engine} @@ -370,6 +366,7 @@ Figure \cref{fig:scenario_flow} illustrates the \gls{apdu} fuzzing workflow, whi \begin{figure} \centering \input{Graphics/record_scenario_flow.tikz} + % \resizebox{\textwidth}{!}{\input{Graphics/record_scenario_flow.tikz}} \caption{Flow for recording a scenario.} \label{fig:scenario_flow} \end{figure} @@ -403,7 +400,7 @@ The decision process for selecting the next mutation to apply is a key component \label{fig:next_mutation_flow} \end{figure} -The algorithm, illustrated in \cref{fig:next_mutation_flow}, operates based on the current node in the mutation tree. Each node represents a function invocation, and its children represent the same invocation with different mutations. The logic proceeds as follows: +Our algorithm, illustrated in \cref{fig:next_mutation_flow}, operates based on the current node in the mutation tree. Each node represents a function invocation, and its children represent the same invocation with different mutations. The logic proceeds as follows: \begin{enumerate} \item \textbf{Check for untried mutations at the current node:} @@ -562,14 +559,32 @@ def test_get_profiles(self, use_iccid, profile_class, tags): This approach preserves the semantics and structure of the expected \gls{asn1} types while still allowing a wide variety of edge cases to be exercised. \paragraph{Implementation Scope} -Due to reliance on external infrastructure, such as the \gls{smdpp} server, our fuzzing campaign focuses exclusively on the \gls{euicc}-side of the \gls{rsp} protocol. Fuzzing requests directed at the \gls{smdpp} would lead to excessive traffic and could be misinterpreted as \gls{dos} attempts. Therefore, we restrict our tests to those functions defined in the ES10a, ES10b, and ES10c interfaces of the SGP.22 specification, which form the communication layer between the \gls{lpa} and the \gls{euicc}, specifically focusing on functions that accept structured input arguments and directly interact with the \gls{euicc}. +Due to reliance on external infrastructure for the \gls{rsp} process, such as the \gls{smdpp} server, our fuzzing campaign focuses exclusively on the \gls{euicc}-side of the \gls{rsp} protocol. Fuzzing requests directed at the \gls{smdpp} would lead to excessive traffic and could be misinterpreted as \gls{dos} attempts. Therefore, we restrict our tests to those functions defined in the ES10a, ES10b, and ES10c interfaces of the SGP.22 specification, which form the communication layer between the \gls{lpa} and the \gls{euicc}, specifically focusing on functions that accept structured input arguments and directly interact with the \gls{euicc}. Specifically, we implemented fuzzing tests for the following functions: \begin{itemize} - \item \textbf{ES10a:} \texttt{SetDefaultDpAddress} - \item \textbf{ES10b:} \texttt{PrepareDownload}, \texttt{LoadBoundProfilePackage}, \texttt{AuthenticateServer} - \item \textbf{ES10c:} \texttt{GetProfileInfo}, \texttt{EnableProfile}, \texttt{DisableProfile}, \texttt{DeleteProfile}, \texttt{eUICCMemoryReset}, \texttt{SetNickname} + \item \textbf{ES10a:} + \begin{itemize} + \item \texttt{SetDefaultDpAddress} + \end{itemize} + + \item \textbf{ES10b:} + \begin{itemize} + \item \texttt{PrepareDownload} + \item \texttt{LoadBoundProfilePackage} + \item \texttt{AuthenticateServer} + \end{itemize} + + \item \textbf{ES10c:} + \begin{itemize} + \item \texttt{GetProfileInfo} + \item \texttt{EnableProfile} + \item \texttt{DisableProfile} + \item \texttt{DeleteProfile} + \item \texttt{eUICCMemoryReset} + \item \texttt{SetNickname} + \end{itemize} \end{itemize} \paragraph{Fuzzing Lifecycle} diff --git a/Chapters/RelatedWork.tex b/Chapters/RelatedWork.tex index 3f7fc1e..c1655be 100644 --- a/Chapters/RelatedWork.tex +++ b/Chapters/RelatedWork.tex @@ -62,7 +62,7 @@ SPTP introduces two new entities: a private index service for managing \glspl{im \texttt{pySim}~\cite{welte_pysim_2024} is a Python-based toolset designed for interacting with \gls{sim} cards and their derivatives. It is developed and actively maintained by the Osmocom project, a community of engineers focused on open-source mobile communication tools. Osmocom is also responsible for related utilities such as \texttt{simtrace2}, a hardware and software solution for tracing \gls{sim} card communication, which is utilized in this thesis for trace collection. -The \texttt{pySim} suite comprises five primary scripts: \texttt{pySim-shell}, \texttt{pySim-read}, \texttt{pySim-prog}, \texttt{pySim-trace}, and \texttt{pySim-smdpp}. Among these, \texttt{pySim-shell} is the core component, offering an interactive shell interface to navigate the \gls{sim} card file system and issue application-specific commands. It supersedes the legacy \texttt{pySim-read} script, which only supports a limited subset of shell commands and is primarily used to extract commonly accessed data fields from \gls{sim} cards. +The \texttt{pySim} suite comprises five primary scripts: \texttt{pySim-shell}, \texttt{\justify pySim-read}, \texttt{pySim-prog}, \texttt{pySim-trace}, and \texttt{pySim-smdpp}. Among these, \texttt{pySim-shell} is the core component, offering an interactive shell interface to navigate the \gls{sim} card file system and issue application-specific commands. It supersedes the legacy \texttt{pySim-read} script, which only supports a limited subset of shell commands and is primarily used to extract commonly accessed data fields from \gls{sim} cards. The \texttt{pySim-trace} script provides a tracing utility and protocol decoder for \gls{sim} card-related communication. It integrates with \texttt{SIMtrace2} to intercept and decode communication between a user device and the \gls{sim} card. This functionality is limited to passive recording and does not support active injection or modification of messages.