SIM-Max Tech's Super-SIM

Mad mad at
Tue Mar 8 18:01:43 CET 2011

 On Tue, 8 Mar 2011 16:31:47 +0100, Alfonso De Gregorio wrote:
>> Actually comp128-2 has a 54bit Kc it seems.
> Have you observed a COMP128-2 implementation returning a 54bit long
> Kc?, or have you heard about this from somebody else?
> Can you please disclose more about the SIM model and the operator
> running this A3/A8 implementation?

 Interesting question, how do we know if it's comp128-2 what is being
 used by a specific operator?
 They can use whatever algo they want - or their equipment vendor 
 - in their sims and auth infrastructure producing deliberately weakened

> One more weakened key derivation function (after the first version)
> would be interesting per se. Still, it would be even more interesting
> to give a closer look at this obscure cipher we carry in our
> pockets...

 No question, there still are given out sims weakening the anyway broken
 Interestingly I observed that operators have mixed occurrence of weak 
 one and non-weak Kcs for another sim.
 Another possibility is that they are able to determine that for all 
 by choice of the RAND the network sends. So some people, contract-wise,
 phone-wise or regions could be easier tapped than others.
 But it's just speculation...

 The most promising approach after (really) good cryptologists looking 
 in- and output is to open up and grinding down a sim chip and taking
 pictures to reconstruct its logic, as it has been done with mifare etc.
 Aren't there people reading this who are experienced in the latter?


More information about the baseband-devel mailing list