Hi All,
Just found this project which seems to be quite interesting to me. Tried to read through all the information on the project page before asking, but not everything is clear yet :)
So what I would like to achieve is basically the man-in-the-middle (mitm) mode. I do not actually need to modify any communication on its way, all I would like to do is to have: a) the sim card in a reader connected to host (A), while b) the gsm module is connected to an other host (B) and relaying their communication back and forth through some IP network.
I guess I would need two pieces of simtrace hardware for that, as well as firmware and software modifications.
Now the questions :) - Do you think this could work with the current hw/fw design? - Has anyone done something similar in the past? - What would be the maximum network delay allowed? - Do you know of any alternative solutions for my needs?
Would be great to hear from you.
Thanks, Balazs
ps: I would also be willing to pay for professional consultancy services on this topic.
Hi Balazs,
your e-mail was in the moderator queue for more than a month, my apologies for this.
It's a members only list and I guess we don't have that many non-member posts on this list so it gets looked at only very infrequently
On Tue, Aug 15, 2017 at 10:59:30PM +0200, pozsy@uhulinux.hu wrote:
Just found this project which seems to be quite interesting to me. Tried to read through all the information on the project page before asking, but not everything is clear yet :)
So what I would like to achieve is basically the man-in-the-middle (mitm) mode. I do not actually need to modify any communication on its way, all I would like to do is to have: a) the sim card in a reader connected to host (A), while b) the gsm module is connected to an other host (B) and relaying their communication back and forth through some IP network.
This is supported in the simtrace2.git firmware tree, which unfortunately still only works with the sysmoQMOD board at this point. It's on the todo list to port this to a new simtrace board version with a SAM3 microcontroller, and not the old SAM7 as on the existing simtrace boards. But given my limited spare time and many projects, this has not yet been a priority :/
I guess I would need two pieces of simtrace hardware for that,
Actually, only one. The card reader is a standard card reader supported by pcsc_lite attached to a Linux machine. A proof-of-concept host utility is provided in the "host" subdirectory, see https://git.osmocom.org/simtrace2/tree/host
- Do you think this could work with the current hw/fw design?
simtrace2.git firmware *could* be ported to the old SAM7 based hardware, but it would be a significant porting effort. The advantage of the new SAM3 based design is that the processor is much more powerful, and that it supports more USB endpoints, so that we can expose a USB-CCID compliant card reader device for the SIM slot at the same time as we can export the "sim card emulation" part towards the phone/modem.
This is of course only relevant if you want to do local MITM, with no network in between.
- What would be the maximum network delay allowed?
Completely uncriticial. In fact, the card emulation code of the firmware (see https://git.osmocom.org/simtrace2/tree/firmware/libcommon/source/card_emu.c) implements waiting time extension as per ISO7816-3 if the answer from the remote card (or host PC) takes longer than expected.
In the real world, what's most critical is the authentication requests. As far as I remember, about four seconds are acceptable for the authentication procedure as per the default timers specified for the VLR/MSC in the GSM specs.
- Do you know of any alternative solutions for my needs?
see above.
ps: I would also be willing to pay for professional consultancy services on this topic.
sysmocom can provide any related engineering/development/consulting services, but by all means we don't want to discourage others to provide related services, too.
-
Harald Welte -
pozsy@uhulinux.hu