Bastien Baranoff wrote:
> Hello all, the attack : you generate the rainbow tables for each possibles ki
> with a given rand set, send this rand (which is not random ;) the phone
> respond with sres you make the operation for 3 or 4 rand and meaningly
> decrease the possibility of ki. Do you think it is realisable ?
Someone please correct me if I'm wrong on this detail, but it is my
understanding that no mainstream commercial operator today (outside of
personal enthusiast tinkerers in Osmocom and similar communities)
issues native 2G SIM cards any more - instead all of their current SIM
cards are actually USIM/ISIM, and if GSM 11.11 SIM operation is
supported at all, it is only provided as a backward compatibility
mode. I reason that these "modern" SIMs must be using Milenage in
their native 3G/4G mode, thus their secret key material is not classic
Ki, but K/Ki (128 bits) plus OPc (another 128 bits), for a total of
256 bits of secret key material.
What happens when these "modern" SIMs are accessed via GSM 11.11 SIM
protocol, or when 2G authentication is requested in a USIM session?
I find it doubtful that they switch to COMP128 (any version) in this
mode, instead I reason that they use 2G mode of Milenage, which still
uses both K/Ki and OPc - thus the secret key material used even for 2G
Kc and SRES generation from RAND is still 256 bits rather than 128.
Again, someone please correct me if my reasoning is wrong here.
M~
Hi Osmocom and FreeCalypso communities,
I would like to disclose my recent discovery, which so far was
discussed within a small group of Osmocom members and with Mychaela
Falconia.
==== A bit of history ====
There exists a tool for flashing old Sony Ericsson phones called
pstool (search for 'PSTool_SE_ODM_free' in your favorite search
engine). It's a Windows executable with a custom GUI, and with some
additional clarifications specifically for "big Russian specialists"
:P
Unlike the more famous SETool2 Lite, which does support a wide range
of phones based on SEMC's own A1 DB2xxx and A2 DB3xxx chipsets, the
pstool is limited to only a few phone models (all listed in GUI):
* J100i, J110i, J120i,
* K200i, K220i.
Among them is Sony Ericsson J100i [1], a Calypso based phone designed
by Compal, on which you can already run custom OsmocomBB or
FreeCalypso firmware. Both J110i and J120i are likely variants of
J100i with some minor differences (correct me if I am wrong).
[1] https://osmocom.org/projects/baseband/wiki/SonyEricssonJ100i
My curiosity was piqued when I saw K200i/K220i in the dropdown list of
the pstool. I ordered a few phones on a local advertising site
assuming that they may also be based on Calypso. And... yes, they are!
==== Hardware ====
For those who are interested to see the inside, here are some photos:
https://people.osmocom.org/fixeria/dump/se_k200i/board/
Some highlights (from Mychaela's E-mail):
* Calypso 751992A (C035, final DSP ROM version 3606, full 512 KiB IRAM),
* RF: Familiar Iota TWL3025 ABB and Rita, PA SKY77318,
* Flash: SPANSION S71PL129NB0HFW4B (16 MiB NOR + 4 Mib XRAM),
* Winbond W56932DYX - probably a ringtone melody player?
According to [2], K220i is identical to K200i with the only difference
that the former has an FM radio receiver. If anyone has a K220i, I
would be interested to see the board photos though.
[2] https://mobile-review.com/review/sonyericsson-k200.shtml
==== Software ====
I was able to get the FreeCalypso loadagent running:
https://people.osmocom.org/fixeria/dump/se_k200i/info.txt
and managed to dump the raw flash contents:
https://people.osmocom.org/fixeria/dump/se_k200i/K200i-fc-flash1.binhttps://people.osmocom.org/fixeria/dump/se_k200i/K200i-fc-flash2.bin
The DSP ROM is a well-known version 3606:
https://people.osmocom.org/fixeria/dump/se_k200i/dspromdump.txt
I was also able to get unmodified OsmocomBB layer1 firmware (the J100i
variant) running and even got the basic Rx functionality working:
* cell_log is able to find cells,
* ccch_scan happily decodes BCCH/AGCH/PCH messages.
What's really nice about the K200i is that (unlike the J100i) it has
the Calypso boot ROM unlocked, just like Pirelli DP-L10 [3]. This
makes it impossible to brick the phone by erasing the flash.
[3] https://osmocom.org/projects/baseband/wiki/PirelliDPL10
==== Summary ====
At the moment of writing this announcement, K200i is neither supported
by OsmocomBB nor by FreeCalypso. The big problem here is that we could
not find the board schematics, so we don't have sufficient knowledge
on how the RFFE control signals are routed. Figuring this out (be it
hw-based or fw-based approach) is quite a big effort, and I doubt
there will be a commercial interest to sponsor this.
In any case, I believe it's a nice *potential* target, so I created a
wiki page [4] with all the relevant information about K200i.
[4] https://osmocom.org/projects/baseband/wiki/SonyEricssonK200i
Now I am giving the podium to Mychaela, I am sure she has more to say :P
Best regards,
Vadim.
Dear Osmocom community,
your input is required in order to tune the re-launch of the OsmoDevCall
talk series. One of the complaints before the suspension in Summer this year
was that the "Friday night 8pm CEST" timeslot was not exactly ideal for several
people.
Finding a common denominator might be difficult, given that Osmocom is a dayjob
for some, a hobby for most, and we're of course not all in the same time zone
or even continent.
So let's try to run a couple of polls to figure out:
* What is the best day of the week for OsmoDevCall?
https://bitpoll.de/poll/CEQnaQKEvO/
* What is the best time of day for OsmoDevCall?
https://bitpoll.de/poll/59dgmzOocT/
* What is the best frequency of OsmoDevCall
https://bitpoll.de/poll/8jyuRJB6Hb/
The polls are open until October 21st, 2021. I would appreciate a high turn-out
so we have a good representation across our community to make an educated decision
about the schedule of futur events.
Can't wait to re-start OsmoDevCall!
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
