27 Feb
2017
27 Feb
'17
5:03 p.m.
Hi all,
I come to all of you as I'm trying to use simtrace to capture the UE-SIM
traffic with a 4G+ SIM card, called "next gen SIM card" (the ones with
NFC). The only thing I see is the ATR, and the mobile never detects the SIM
card. I try also to read the SIM card plugin directly into the SCR3310 card
reader, but the reader didn't recognize the SIM card (no led activity).
At the beginning I thought this must be a new standard for the NFC/SIM
cards, but reading 3GPP TS 31.101 V13.2.0 (2016-06), I understood only
Class B and C operating conditions should be supported by 3G MEs (page 10
of the document), and using transmission protocols T=0 and T=1. So looks
like nothing has change in the protocols/electrical conditions.
I look for 3GPP specs folder searching for something related with this
NFC/SIM (http://www.3gpp.org/DynaReport/31-series.htm), but nothing appear.
Also searching in google about this simcards I just found Orange document
describing the business strategy to use NFC services/wallet;
"On February 21st 2011 many of the world’s leading mobile operators (15 in
total) including Orange announced their collective commitment to SIM-based
mobile NFC and intention to launch commercial mobile NFC services. In
November 2011, the Chinese MNOs increased the momentum of support to SIM
based NFC. In January, GSMA communicated that more than 60 MNOs now support
these initiatives."
Source:
https://www.orange.com/en/content/download/12418/258640/version/1/file/Oran…
But still didn't found any technical spec for this sim cards. Most strange
for me is that plugging this SIM card in an old Samsung Galaxy S3 is
working normally, so ask myself why plugging in SCR3310 reader or simtrace
is not working.
Can anyone help me with this SIM cards specifications? Does anyone been
able to read with SIM readers?
Best Regards,
Pedro
1 Mar
1 Mar
12:02 p.m.
Hi all,
Just to update, I found something interesting, the Single Wire Protocol:
NFC applications on the UICC can communicate to the NFC chip using the SWP
interface. Reading on GSMA docs, I found the ETSI TS 102 613 "UICC -
Contactless Front-end (CLF) Interface". So looks like is not about 3GPP,
but ETSI standards. Also very interesting the GSMA "Requirements for Single
Wire Protocol NFC Handsets":
http://www.gsma.com/digitalcommerce/wp-content/uploads/2012/03/gsmarequirem…
I continue trying to identify why SCR3310 and simtrace aren't able to read
this SIM cards (UICC). Reading simtrace AT91SAM datasheet, it just states
"ISO7816, T0 or T1 protocols for interfacing with smart cards", while
SCR3310 v2 technical specifications are;
-T=1, T=0 protocol support
-ISO 7816 Class A, B and C SmartCard
-and CT-API (through wrapper on top of PC/SC)
I will continue analyzing the ATR for this SIM cards.
Regards,
Pedro
2017-02-27 17:03 GMT+01:00 Pedro Cabrera <pedrocab(a)gmail.com>om>:
Hi all,
I come to all of you as I'm trying to use simtrace to capture the UE-SIM
traffic with a 4G+ SIM card, called "next gen SIM card" (the ones with
NFC). The only thing I see is the ATR, and the mobile never detects the SIM
card. I try also to read the SIM card plugin directly into the SCR3310 card
reader, but the reader didn't recognize the SIM card (no led activity).
At the beginning I thought this must be a new standard for the NFC/SIM
cards, but reading 3GPP TS 31.101 V13.2.0 (2016-06), I understood only
Class B and C operating conditions should be supported by 3G MEs (page 10
of the document), and using transmission protocols T=0 and T=1. So looks
like nothing has change in the protocols/electrical conditions.
I look for 3GPP specs folder searching for something related with this
NFC/SIM (http://www.3gpp.org/DynaReport/31-series.htm), but nothing
appear. Also searching in google about this simcards I just found Orange
document describing the business strategy to use NFC services/wallet;
"On February 21st 2011 many of the world’s leading mobile operators (15 in
total) including Orange announced their collective commitment to SIM-based
mobile NFC and intention to launch commercial mobile NFC services. In
November 2011, the Chinese MNOs increased the momentum of support to SIM
based NFC. In January, GSMA communicated that more than 60 MNOs now support
these initiatives."
Source: https://www.orange.com/en/content/download/12418/258640/
version/1/file/Orange%2BNFC%2Band%2BOrange%2BMoney%2BFact%
2BSheet%2B-%2BFebruary%2B2013.pdf
But still didn't found any technical spec for this sim cards. Most strange
for me is that plugging this SIM card in an old Samsung Galaxy S3 is
working normally, so ask myself why plugging in SCR3310 reader or simtrace
is not working.
Can anyone help me with this SIM cards specifications? Does anyone been
able to read with SIM readers?
Best Regards,
Pedro
1:16 p.m.
I think the best way to analyze this is to understand the exact voltage,
clock rate and Fi/Di values your card is operating on on the working
reader(s). Most likely at least one of the parameters is different on
the non-working readers.
You should be able to figure all the related values out if you talk
CCID directly to the USB device, or extend / "hack up" the ccid driver
you're using. Alternatively, an oscilloscopse should also be able to
tell you related information.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
2 Mar
2 Mar
9:30 p.m.
Before proceed with oscilloscope, I do a last test using simtrace and a
Samsung Galaxy S3 with this UICC and surprisingly it works, so I have the
ATR APDU: 3b 9f 96 c0 0a 3f c7 a0 80 31 e0 73 fe 21 1b 65 d0 01 74 0e a1
81 0f 9c
From there; Fi=512, Di=32, Protocol T=0, class accepted
by the card: A, B
and C (
https://smartcard-atr.appspot.com/parse?ATR=3b9f96c00a3fc7a08031e073fe211b6…
)
After this, I test over and over again with the same UICC card and an
iPhone6 but never got ATR response, just got "ATR APDU: " and iPhone don't
recognize SIM card. SCR3310 reader never recognizes the card, always "Card
state: Card inserted, Unresponsive card" response.
I test simtrace/iPhone6 and SCR reader using same UICC type from other
operator with same results (but working with simtrace/S.Galaxy S3)
Regards,
Pedro
2017-03-01 13:16 GMT+01:00 Harald Welte <laforge(a)gnumonks.org>rg>:
I think the best way to analyze this is to understand
the exact voltage,
clock rate and Fi/Di values your card is operating on on the working
reader(s). Most likely at least one of the parameters is different on
the non-working readers.
You should be able to figure all the related values out if you talk
CCID directly to the USB device, or extend / "hack up" the ccid driver
you're using. Alternatively, an oscilloscopse should also be able to
tell you related information.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org>
http://laforge.gnumonks.org/
============================================================
================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch.
A6)
17 Mar
17 Mar
2:45 a.m.
Hi,
I've been testing the NFC sim with oscilloscope with this results:
- I use the new Omnikey 3121 reader, it was able to read the sim card. Vcc
= 5V, Vpp = 3V, CLK = 5 Mhz.
- I try again to read same sim card with SCR 3310, but no way to do it; no
green LED, Vcc = 0. I check with an old GRcard SIM, Vcc = 5V, Vpp = 0V, CLK
= 5Mhz.
As SCR 3310 reader is unable to read this NFC sim cards, could be because
are not implementing OpenCard Framework API (implemented only by Omnikey
reader) ?
After test with both readers, I get back to iPhone:
- Using the sim card without simtrace: Vcc = 1.8V, Vpp = 0V and 5Mhz CLK.
- simtrace w/ iPhone SE:
* only 2 times wasn't unable to recognize the sim card ("NO SIM
card" message), that I guess could be mechanical problems due to wires,
cables and so on.
* when was able to read the sim, Vcc is always 3V (as in specs), Vpp
= 0V and CLK 5 Mhz, but never was able to trace; or just nothing after "ATR
APDU:" or gets stuck after a few very strange lines in which bytes CLA
doesn't make sense:
APDU: 00 00 04 b0 00 ff ff
APDU: 02 90 00 *00 a4 00 04*
APDU: *02 a4 6f 07* 61 22 00
APDU: c0 00 00 22 c0 62 20
Looks like order or synchronization is lost, as you can see a regular APDU
highlighted between two lines. Could be this issue related with the T=0
implementation?: "*Unfortunately, the Rx Timeout feature of the USART is
not working in T=0 mode, so I had to re-implement Rx timeout (waiting time)
handling by means of the TC (timer/counter) block 0. Due to technical
limitations, we will wait up to one byte (12 etu) more than we should*."
Regards,
Pedro
2017-03-02 21:30 GMT+01:00 Pedro Cabrera <pedrocab(a)gmail.com>om>:
Before proceed with oscilloscope, I do a last test
using simtrace and a
Samsung Galaxy S3 with this UICC and surprisingly it works, so I have the
ATR APDU: 3b 9f 96 c0 0a 3f c7 a0 80 31 e0 73 fe 21 1b 65 d0 01 74 0e a1
81 0f 9c
From there; Fi=512, Di=32, Protocol T=0, class accepted by the card: A, B
and C (https://smartcard-atr.appspot.com/parse?ATR=
3b9f96c00a3fc7a08031e073fe211b65d001740ea1810f9c)
After this, I test over and over again with the same UICC card and an
iPhone6 but never got ATR response, just got "ATR APDU: " and iPhone don't
recognize SIM card. SCR3310 reader never recognizes the card, always "Card
state: Card inserted, Unresponsive card" response.
I test simtrace/iPhone6 and SCR reader using same UICC type from other
operator with same results (but working with simtrace/S.Galaxy S3)
Regards,
Pedro
2017-03-01 13:16 GMT+01:00 Harald Welte <laforge(a)gnumonks.org>rg>:
I think the best way to analyze this is to
understand the exact voltage,
clock rate and Fi/Di values your card is operating on on the working
reader(s). Most likely at least one of the parameters is different on
the non-working readers.
You should be able to figure all the related values out if you talk
CCID directly to the USB device, or extend / "hack up" the ccid driver
you're using. Alternatively, an oscilloscopse should also be able to
tell you related information.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org>
http://laforge.gnumonks.org/
============================================================
================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch.
A6)
3132
days inactive
3150
days old
4 comments
2 participants
participants (2)
-
Harald Welte -
Pedro Cabrera