niklas/master_thesis
1
0
Fork 0
mirror of https://sharelatex.tu-darmstadt.de/git/681e0e7a3a9c7c9c6b8bb298 synced 2026-02-04 11:07:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update on Overleaf.

Browse Source
This commit is contained in:
nb72soza Bittner
2025-06-13 12:12:51 +00:00
committed by node
parent 4db2ade0ab
commit d957b8fcef
2 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Chapters/RelatedWork.tex
View File

@@ -27,7 +27,7 @@ The ecosystem surrounding \gls{esim} and \gls{euicc} technology is supported by
The \texttt{pySim} suite comprises five primary scripts: \texttt{pySim-shell}, \texttt{pySim-read}, \texttt{pySim-prog}, \texttt{pySim-trace}, and \texttt{pySim-smdpp}. Among these, \texttt{pySim-shell} is the core component, offering an interactive shell interface to navigate the \gls{sim} card file system and issue application-specific commands. It supersedes the legacy \texttt{pySim-read} script, which only supports a limited subset of shell commands and is primarily used to extract commonly accessed data fields from \gls{sim} cards.
The \texttt{pySim-trace} script provides a tracing utility and protocol decoder for \gls{sim} card-related communication. It integrates with \texttt{simtrace2} to intercept and decode communication between a user device and the \gls{sim} card. This functionality is limited to passive recording; it does not support active injection or modification of messages.
The \texttt{pySim-trace} script provides a tracing utility and protocol decoder for \gls{sim} card-related communication. It integrates with \texttt{simtrace2} to intercept and decode communication between a user device and the \gls{sim} card. This functionality is limited to passive recording and does not support active injection or modification of messages.
The \texttt{pySim-smdpp} script serves as a proof-of-concept implementation of the \gls{sgp22} \gls{smdpp} server component. Notably, \texttt{pySim} does not implement the full \gls{sgp22} protocol stack on the client side (i.e., communication between the \gls{euicc} and the \gls{smdpp} server); its \gls{sgp22} functionality is restricted to the server role only.
@@ -47,7 +47,7 @@ While \texttt{pySim} provides useful standalone utilities, its usability as a ge
\texttt{SIMtrace2} is a system developed by the osmocom~\cite{osmocom_simtrace_nodate} project that combines hardware, firmware, and software components to enable the monitoring and emulation of communication between a \gls{sim} card and \gls{ue}, such as a mobile phone~\cite{osmocom_simtrace_nodate}.
The primary use case of \texttt{SIMtrace2} is passive tracing of the communication between a \gls{sim} card and its host device. For this purpose, it supports multiple firmware variants, the most relevant being the \texttt{trace} and \texttt{emulate} firmware. The \texttt{trace} firmware allows passive sniffing of \gls{apdu}-level communication, operating without interfering with the ongoing exchange. It supports the \gls{t0} protocol and transmits the captured data as \gls{udp} packets to a specified socket. These packets can be analyzed using tools such as \texttt{Wireshark}for which Osmocom provides a dedicated dissector~\cite{welte_wireshark_nodate}or through \texttt{pySim-trace}~\cite{welte_pysim_2024}.
The primary use case of \texttt{SIMtrace2} is passive tracing of the communication between a \gls{sim} card and its host device. For this purpose, it supports multiple firmware variants, the most relevant being the \texttt{trace} and \texttt{emulate} firmware. The \texttt{trace} firmware allows passive sniffing of \gls{apdu}-level communication, operating without interfering with the ongoing exchange. It supports the T0 protocol and transmits the captured data as \gls{udp} packets to a specified socket. These packets can be analyzed using tools such as \texttt{Wireshark}, for which Osmocom provides a dedicated dissector~\cite{welte_wireshark_nodate}, or through \texttt{pySim-trace}~\cite{welte_pysim_2024}.
The \texttt{emulate} firmware, on the other hand, provides \gls{sim} card emulation capabilities. This mode is used to simulate a \gls{sim} card that is not physically present in the device, such as in scenarios involving remote \gls{sim} access or when using a smart card reader. Notably, this emulation capability has also been employed by projects such as \textit{Simurai} for malicious card emulation and fuzzing purposes~\cite{lisowski_simurai_2024}.