Mutt
Professional
- Messages
- 1,056
- Reaction score
- 643
- Points
- 113
It is difficult to find a person who does not know what a SIM card or Subscriber Identity Module is - a subscriber identification module. This piece of plastic with gold-colored contacts on one of the surfaces is the key to the services provided by the mobile operator. And also inside the SIM-card there is a specialized computer with rather complex functionality.
SIM-card is the same processor credit card, but in profile
The SIM card is actually one of the varieties of a more general entity - the processor "smart card" (Smart Card).
Processor in the body of the SIM card.
Such “smart cards” can be used for various purposes:
Subscriber Identity Modules are named differently in different mobile communication systems. In the GSM standards, the name SIM - Subscriber Identity Module was used, which was fixed in everyday life. The identity module used in UMTS (3G) networks is often called USIM - Universal Subscriber Identity Module, which is actually not entirely true! The module itself is called UICC - Universal Integrated Circuit Card - a universal integrated circuit card ("smart card"), and USIM is an application that runs inside UICC and is used to identify and service a subscriber in the UMTS network (3GPP TR 21.905) ...
In CDMA networks, R-UIM - Removable User Identity Module is used to identify subscribers. The word Removable (removable) emphasizes its new status, since earlier, in IS-95 networks (the communication standard on the basis of which CDMA networks worked in the USA, Russia and other countries, for example, SONET in Moscow), elements identifying a subscriber were placed among electronic phone components. It is obvious that the use of R-UIM greatly simplifies the replacement of the phone when it malfunctions or buying a new one, and allows you to use a phone of a different standard in roaming.
But further we will talk about subscriber identification modules used in GSM-UMTS networks, which by tradition we will call SIM or cards.
Let's measure our cards?
Currently, three formats of GSM-UMTS subscriber identification modules have been standardized.
Three formats of subscriber identity modules GSM-UMTS
ID-1 UICC - the very first option - is the size of a regular bank card. Many people remember him from the models of the 90s - Motorola 8900, StarTAC and others. Currently, it is practically not used in new models of mobile terminals due to their large dimensions.
Plug-in UICC is the most widely used format now. Typically, such modules are broken out of ID-1 size cards using notches made during manufacture.
Mini-UICC is a card format that Apple began to use in iPhone 4, iPad, iPad 2. Now other manufacturers of mobile phones and other devices intend to release models into which modules of this format will need to be inserted. This format is sometimes called 3FF, or in common parlance "micro-SIM". And these cards are usually broken out of an ID-1 format card. The reasons for this variety are obvious - to save space inside the phone case.
For reasons of reliability, they try not to make a universal notch, which allows, at the user's choice, to break out of the plastic of an ID-1 card a module of both Plug-in and Mini-UICC sizes - it is very easy to damage the remaining thin jumpers when trying to break a card into a Plug-in format. after which the Plug-in card will not be securely held in the phone.
ID-1 card with "universal" notch for Plug-in and Mini-UICC
And the displacement of the SIM-card in the holder threatens with problems with the operation of the phone. A minimal nuisance - the phone simply does not sense the presence of the SIM and does not register in the network. In the worst case, it can turn out, as if the wires are entangled - voltage hit to the wrong address and a short circuit with unpredictable consequences.
Mobile terminal manufacturers, who are more active or less determined, usually object to the use of adapters that are advertised for use with Mini-UICC cards in phones designed for Plug-in cards. The adapter is slightly thicker than the Plug-in module, and besides, the slots at the junction of the card and the adapter can break the contacts in the phone when the SIM is installed, depriving the user of the chance for warranty repair.
In some devices operating in the mobile network (navigators, devices for monitoring the location of vehicles, etc.), subscriber identification modules can simply be soldered in the form of microchips, but ordinary subscribers usually do not have to deal with such modules.
How many contacts should there be?
In everyday life, there are modules with different patterns of the contact area and a different number of contacts. Some manufacturers use a "branded" contact pad design as their business card.
The standards provide 8 positions for sites through which the modules are connected to mobile terminals, but not all of them are always used. Cards with 6 pins are common, and the rest of the metallized part is usually connected to ground.
Cards with 6 and 8 contacts
Contacts used:
C1 - Vcc - power supply;
C2 - Reset - card control contact;
C3 - CLK - Clock - clock frequency;
C5 - common ("ground");
C6 - Vpp - programming voltage, which is used when writing service information
C7 - I / O - Serial I / O line.
The standards provide for the use of both C4 and C8 contacts in the mode of information exchange with a mobile terminal in USB mode, which provides a higher data transfer rate than through the usual SIM I / O interface.
In practice, now the USB interface mode is not actually used, since equipment with this interface is practically not produced and ordered by consumers, therefore these contacts, even if they are on the card, are connected to ground. In the following, we will discuss the operation through the I / O interface line.
Where did they plug the computer?
Comparing the electronic contents of a SIM with a computer (especially with a pocket one), you can find many elements that are identical in function:
There are also differences - something that is not in the module:
Additional information about the architecture and production of SIM can be found here in this part:
A brief introduction to SIM cards
When to the question "what do you work for?" I answered "as a software developer for SIM-cards", even tech-savvy people were often surprised. Many people think that a SIM card is "something like a flash drive".
In this article I will try to briefly describe what a SIM card (and smart cards in general) is, why it is needed and what is inside it.
In fact, a SIM card is a special case of a contact smart card with a microprocessor. In fact, it is a fairly protected microcomputer with a CPU, ROM (optional), RAM and NVRAM (which acts as an analogue of a hard disk in a PC), with hardware random number generators and hardware implementation of crypto algorithms.
To some approximation, the architecture of a microprocessor smart card can be represented as follows:
Smart card architecture.
A little about production
To understand the following material, it seems to me correct to briefly explain the main processes in the production of cards.
1.Chip production
Performer: Chip manufacturer (silicon vendor).
End product: wafer.
The chips are manufactured by several companies, the most common are Samsung, ST Microelectronics, Infinion, SST etc.
The reverse side of the module. The white rectangle in the center is the SIM chip:
2. Module assembly
Performed by the card vendor or third party module assembly plant.
End product: tape with modules (chip + contact pad).
At this stage, the wafer is cut into chips (often the wafers are cut by the chip manufacturer), the chips are attached to the contact pads, then the contacts are unsoldered and the chip is filled with glue (see the previous photo of the back side of the module). This whole construction is called a "module":
3. Card production
Performer: card vendor.
End product: SIM card.
The modules are removed from the tapes, attached to the plastic base of the card, then the file system, applications are loaded, then the card is personalized - loading data unique for each card (different IDs, keys, etc.) and applying them to the card itself (for example, ICCID and PIN codes in case with SIM cards).
Types of cards
According to the type of memory used, SIM cards have recently been divided into 2 groups: cards that use ROM and EEPROM, and cards that use Flash memory.
In the first type of cards, the operating system (OS) and constantly used and little-changed applications are placed in ROM by the chip manufacturer (the first stage of production). The production cycle in this case is very long and the interval between the OS release and the shipment of the first chips takes 2-3 months. EEPROM is used by the card manufacturer to load the file system (FS) and applications.
In the case of a Flash card, OS, FS and applications are stored on Flash memory. Using Flash allows you to load the OS during module assembly or during card production (steps 2 and 3). At the moment, cards using flash memory have practically displaced ROM from the SIM card market. Flash chips are cheaper and make OS changes fairly easy. It is also easier for a card manufacturer to plan an order for chips, since there is no need to order chips with specific OS versions, but simply chips with different memory sizes are ordered, and the required OS is loaded for a specific customer - operator. Since the forecast for the purchase of chips is usually made only once a year, this greatly simplifies planning.
Java on cards
Yes, I was not mistaken. By software "stuffing" smart cards are divided into 2 large groups - native and javacard.
Native cards
Software for native cards is written in C. Applications (if required by the manufacturer) are usually tightly integrated with the OS and loaded simultaneously with the OS onto the card. You cannot install any applications developed by another company on a native card. Additional functionality requested by the operator often has to be added to the OS code. Due to the use of C and the simplicity of the OS, the dimensions of the OS itself are quite small (for SIM cards, about 10-20 Kbytes). Therefore, native cards are currently used in the low-cost segment, where the operator wants nothing on the card, except for a simple menu.
Javacard
During the Java era, Sun Microsystems wrote the javacard specifications. The idea behind javacard was to make it possible to install applications (applets) on cards from different manufacturers (and on different chips). In 1996, the smart card division of Shlumberger Corporation (later renamed Axalto, now Gemalto) introduced the first javacard. The idea is quite simple. In addition to the OS, the card contains a Java virtual machine. The developed application is compiled into bytecode and loaded onto the card. In this case, applications are loaded after the OS is loaded (during the production of the card), also, if the card contains the Remote Applet Manager, the javacard applet can be installed after the card is issued via the CMC.
The javacard development language is a heavily stripped-down Java. It is much more stripped down than in J2ME. Of the primitives, only boolean, byte, shortint is optionally supported (but practically not used for the sake of compatibility, since it is not supported by all manufacturers). Not the usual type of classes String(generally from java.langmigrated only Object, Throwableand a few Exceptions), there is no multithreading, no garbage collector'a. The disadvantages of javacard, in my opinion, are the speed of work and large memory requirements (both RAM and EEPROM / Flash). Java cards are more expensive due to more expensive chips and more complex software structure.
Applications
In the previous text, applications were often mentioned, but a person who is not familiar with smart cards often does not understand what kind of applications may be on the card.
First, the main functionality of the card can be moved into a separate application. For example, there might be a SIM applet written in java that implements all the functionality of a SIM. There may be an R-UIM application (R-UIM cards are used in CDMA networks). This can be a Visa or Mastercard application that turns a smart card into a bank card. Basically, when using java, you can leave memory management, I / O and the Java machine in the OS. At the same time, if the manufacturer needs to produce SIM cards, the SIM applet is loaded, if it is necessary to make a Visa, the Visa application is loaded.
Secondly, there is a class of applications on cards - microbrowsers. These are bytecode interpreters for building a SIM menu. This is not java bytecode, but bytecode understandable by the installed browser. In this case, the menu is most often developed in an xml-like markup language, converted to bytecode and loaded into the browser. At the moment, the most widespread browsers are S @ T from Simalliance and WIB from Smarttrust. Both organizations do not develop browsers, they write specifications and certify browsers written against those specifications.
Thirdly, it can be SIM menus developed in java (without using browsers), or just some kind of background applet. For example, it might be an applet that keeps track of which phone you are using. If you inserted the card into a new phone, the SIM sends the IMEI of the new phone to the operator, and that, in turn, sends you the wap / gprs settings for your model.
File system
SIM cards have a file system, just like desktop computers. There are 2 types of files - DF (Dedicated file - analogue of a folder) and EF (Elementary file - analogue of a regular file). The root DF file is called MF (Master File).
The file system of the SIM card stores secret keys, an address book, a list of recent SMS, the name of the operator, networks preferred in roaming, networks prohibited for use, etc. Naturally, there are levels of access to files. Keys often have NEVER as read access, which makes them impossible to read from the outside.
What is all this for?
SIM-menus and other "non-system" applications are simply value added services. The main purpose of the card is to identify and authenticate the subscriber in the network.
For this, the card has IMSI (International Mobile Subscriber Identity) - a unique SIM card identifier and a 128-bit Ki key.
Below is the procedure for authenticating in the GSM network and generating the session key Kc.
Authentication takes place using the A3 algorithm, generation of Kc - A8. The Authentication Center (AuC) generates a 128-bit pseudo-random RAND sequence upon request for card authentication and sends it to the SIM card. Further, knowing the IMSI of the card, AuC uses the Ki key associated with this IMSI and the RAND data as input to the A3 and A8 algorithms. The card performs the same calculations at the same time. The result of calculations of the A3 Signed Response (SRES) algorithm is sent by the card to the AuC, where the received SRES is compared with the calculated on the AuC. If the results match, the authentication procedure is considered successful. The Kc key obtained using the A8 algorithm is subsequently used to encrypt traffic between the phone and the network.
Card cloning programs exploit a vulnerability in the old version of the A8 algorithm (COMP128-1). Currently, COMP128-2 and COMP128-3 are widely used in GSM networks. The vulnerability was found back in 1999, but some GSM operators have not switched to using algorithms 2 and 3 (vulnerabilities in which have not been found at the moment).
Epilogue
In this article, I tried to tell you rather succinctly what a SIM card is. I hope I got it. Almost everything described above, with the exception of the authentication procedure, applies to both USIM cards used in 3G networks (UMTS) and R-UIM cards (CDMA networks). If you have any comments or questions, please write.
Related links:
→ www.3gpp.org
→ www.3gpp2.org
→ Java Card Technology
The amount of memory that can be used to store information in a SIM varies and gradually grows as technology advances. Several years ago, there was an outbreak of euphoria from the emergence of technology that allows you to place gigabytes of information in a SIM. It was then, after a heated discussion in the industry and two rounds of voting in the GSM Association, that the USB standard was chosen for working with large amounts of information. But then the euphoria subsided, and now there are not so many mobile terminals on the market that can work with such SIMs, and SIMs themselves with a gigabyte memory capacity are not in great demand among operators.
Can you store HD movies on SIM cards?
Why do we need large amounts of SIM-cards memory and what amounts of memory are really needed?
SIM memory is used for several purposes:
Who rules whom?
In addition to the fact that the phone or other mobile terminal provides the SIM card with power and a clock signal, it is fully responsible for the exchange of information between devices - the phone always acts as the master, and the card always acts as the slave.
The phone sends commands / requests to the SIM, and the SIM only responds to them, accompanying the responses with information about the response status.
In the status information, the card can confirm that the command was completed successfully, ask for additional time to prepare a response, report various types of errors, or inform that it has special information for the phone, which it can receive by sending a special request for selection in the next command ...
This mechanism for transferring information from card to phone is commonly referred to as SIM (or Card) Application Toolkit, STK. It is used to implement various services based on application programs (usually written in JavaCE - Java Card Edition) that are executed inside the SIM. In the menu of phones with installed SIM-cards of the main operators, you can find items and whole menu trees formed on the basis of information provided by applications that work in SIM-cards.
The operation of real-time services is based on the same technology, for example, constantly providing information about the current balance.
It is possible to organize roaming for small companies using the switching of two IMSIs in one card - one corresponding to their network, and the other provided "on loan" by another operator - "big brother". For example, Beeline networks operating in the CIS countries use the Dual IMSI mechanism to provide roaming services to their subscribers. Their SIM-cards contain one IMSI of their network, and the other IMSI corresponding to the Russian Beeline network. In the Russian network "Beeline" these IMSIs are reserved in HLR for the provision of roaming services to "subsidiaries" and communication channels with them are organized. A Beeline subscriber from a subsidiary company, being, for example, in a European country, using the STK menu switches the SIM mode to roaming. As a result, a phone with such a SIM card is presented to the roaming network, as belonging to a subscriber of the Russian network "Beeline". Then everything happens as usual, only the network organizes the transfer of information on behalf of the "subsidiary" network.
Even a WEB server can be organized inside the SIM! So, if someone is confused by the "slavery position" of SIM, he may well consider it a server.
How does it turn on and why does it load the book slowly?
After turning on and starting the operating system, the phone supplies the SIM with the Vcc supply voltage. The standards provide for three ratings of SIM supply voltages - 5V, 3V and 1.8V.
Previously, cards were issued that could only operate at 5V. After the advent of phones that applied a voltage of no more than 3V to the card, these old SIMs were gradually replaced by new ones, capable of operating from a voltage of 3V, which also withstand work in phones providing 5V.
Since phones that provide SIM cards with a voltage of only 1.8V have not yet been encountered, modern SIM cards do not create compatibility problems due to supply voltages.
After the power supply voltage is applied to the phone, a clock signal is supplied, and after a stable mode is established, the voltage on the Reset contact rises. This serves as a signal for the SIM card to start working with it, to which it responds with a sequence of bytes called ATR (Answer To Reset).
The ATR bytes contain basic information about the capabilities of the card and the supported communication protocols. In particular, they can tell the phone about possible options for speeding up the exchange of information through the interface by increasing the clock frequency and information transfer rate.
After reading the information from the ATR, the phone can start the PPS (Protocol and Parameter Selection) procedure for negotiating the communication mode between the phone and the card. If the phone is not able to find an option that is acceptable both for it and for the SIM, then communication with the card will continue in the default mode (at a speed of 9600 bps).
In such cases, subscribers often complain about the too long duration of reading the phone book from the SIM card into the phone, for some reason reproaching the operator who issued the SIM card.
"Hello, who are you?"
During the activation process, the SIM card and the mobile terminal (phone) exchange "business cards". The phone reads from a SIM file containing SST - SIM Service Table - a certain way coded information about those STK functions that the SIM is able to perform. In turn, the phone sends to the SIM-card TERMINAL PROFILE - in a certain way coded information about what functions of communication with the SIM it can support. As a result, both parties receive information about the partner's abilities and can interact correctly when implementing STK-based services.
File system and security
SIM has a multi-level hierarchical file structure with access control.
Access to files is regulated by the need for the user to present different types of access codes in advance.
Some of these access codes are well known - these are Personal Identification Numbers - PIN (aka PIN1) and PIN2. Other codes are used for administrative access to service files.
What does this distinction give? Activated PIN request allows you to secure money on your personal account associated with a SIM card from unauthorized use by unauthorized persons.
Another important security technique is, for example, the impossibility of reading information from some files, for example, reading the Ki key, which is used in various cryptographic algorithms when authenticating a subscriber and generating traffic encryption keys.
Why reading instructions is helpful
Several years ago, at a roundtable on the prospects of smartphones organized by one of the manufacturers, one of the participants complained to me that Beeline did not have a service that would be very useful for parents. He wanted parents to be able to limit the ability for their children to call only a certain set of phone numbers - home, parents, grandparents, and the child should not call the other numbers.
Imagine his surprise when I showed him the work of the FDN function - Fixed Dialing Numbers, which is implemented by the joint actions of the phone and the SIM card. The authorized numbers using the phone are simply written into a specific file of the SIM card, and access to change this list is blocked using PIN2. After that, a phone with such a SIM will refuse to call numbers not listed in the FDN list.
However, it should be noted that not all phones support this service.
Wash your hands before eating
The skin of the fingers is coated with organic fatty acids, which, on contact, corrode metal parts. Small details are just about the contacts of the SIM card.
The photo shows a laser pointer, the surface of which, after rather rare use, has lost several layers of metal coating - chrome plating and copper plating just because of these fatty acids! As you know, "radio engineering is the science of contacts," and SIM has a lot of them!
Laser pointer damaged by fatty acids on fingers
A similar fate should not befall the contacts of the SIM card, and for this you need to protect the SIM contacts from contamination by all means, and try not to touch them with your fingers!
If there is a problem with the contacts between the phone and the SIM, then careful cleaning of the contacts with a soft eraser can help. Just do not need to remove the crumbs from the contacts with your fingers after the cleaning operation, otherwise all the problems will start all over again! Better to just blow them off or gently rinse them off with rubbing alcohol.
To change or not to change?
Once a subscriber came to the Beeline office, who was sent from the phone repair service to change the SIM card, because his completely new phone turned off spontaneously during a call, checking balance, sending SMS.
I had to explain to him that turning off the phone has nothing to do with the operability of the SIM. With the help of an eraser, I carefully cleaned the contacts on the battery and in the phone, after which the phone began to function normally. Along the way, I read a small lecture on hygiene to the subscriber.
Of course, the situation is not so obvious in all cases, and it is not easy to determine who is to blame - the phone or the SIM for the fact that the services do not work - because their communication is almost intimate. It is especially important to understand the causes of conflicts when developing new services using STK or when detecting problems of SIM incompatibility with some models of phones or other mobile terminals.
In such cases, an invaluable service is provided by the analyzer of information exchange protocols on the SIM-terminal interface:
Analyzer of information exchange protocols between SIM and mobile terminal.
Instead of a SIM card, a special probe is inserted into the terminal, and the SIM is connected via a flexible cable. During operation, all information about events occurring on the interface is recorded in the memory of a computer connected to the analyzer.
Comparison of the collected information with the requirements of standards allows to unambiguously and convincingly establish the party guilty in the conflict.
Of course, only some of the features of SIM-cards and their work in phones are touched upon in the material, but if there is interest in this topic, just ask questions, I will answer in detail.
Thank you for your attention!
SIM-card is the same processor credit card, but in profile
The SIM card is actually one of the varieties of a more general entity - the processor "smart card" (Smart Card).
Processor in the body of the SIM card.
Such “smart cards” can be used for various purposes:
- Identification of mobile subscribers.
- Providing access to encrypted content of various pay systems, for example, television.
- Like bank cards
- To identify the user who is granted access to corporate networks, etc.
Subscriber Identity Modules are named differently in different mobile communication systems. In the GSM standards, the name SIM - Subscriber Identity Module was used, which was fixed in everyday life. The identity module used in UMTS (3G) networks is often called USIM - Universal Subscriber Identity Module, which is actually not entirely true! The module itself is called UICC - Universal Integrated Circuit Card - a universal integrated circuit card ("smart card"), and USIM is an application that runs inside UICC and is used to identify and service a subscriber in the UMTS network (3GPP TR 21.905) ...
In CDMA networks, R-UIM - Removable User Identity Module is used to identify subscribers. The word Removable (removable) emphasizes its new status, since earlier, in IS-95 networks (the communication standard on the basis of which CDMA networks worked in the USA, Russia and other countries, for example, SONET in Moscow), elements identifying a subscriber were placed among electronic phone components. It is obvious that the use of R-UIM greatly simplifies the replacement of the phone when it malfunctions or buying a new one, and allows you to use a phone of a different standard in roaming.
But further we will talk about subscriber identification modules used in GSM-UMTS networks, which by tradition we will call SIM or cards.
Let's measure our cards?
Currently, three formats of GSM-UMTS subscriber identification modules have been standardized.
Three formats of subscriber identity modules GSM-UMTS
ID-1 UICC - the very first option - is the size of a regular bank card. Many people remember him from the models of the 90s - Motorola 8900, StarTAC and others. Currently, it is practically not used in new models of mobile terminals due to their large dimensions.
Plug-in UICC is the most widely used format now. Typically, such modules are broken out of ID-1 size cards using notches made during manufacture.
Mini-UICC is a card format that Apple began to use in iPhone 4, iPad, iPad 2. Now other manufacturers of mobile phones and other devices intend to release models into which modules of this format will need to be inserted. This format is sometimes called 3FF, or in common parlance "micro-SIM". And these cards are usually broken out of an ID-1 format card. The reasons for this variety are obvious - to save space inside the phone case.
For reasons of reliability, they try not to make a universal notch, which allows, at the user's choice, to break out of the plastic of an ID-1 card a module of both Plug-in and Mini-UICC sizes - it is very easy to damage the remaining thin jumpers when trying to break a card into a Plug-in format. after which the Plug-in card will not be securely held in the phone.
ID-1 card with "universal" notch for Plug-in and Mini-UICC
And the displacement of the SIM-card in the holder threatens with problems with the operation of the phone. A minimal nuisance - the phone simply does not sense the presence of the SIM and does not register in the network. In the worst case, it can turn out, as if the wires are entangled - voltage hit to the wrong address and a short circuit with unpredictable consequences.
Mobile terminal manufacturers, who are more active or less determined, usually object to the use of adapters that are advertised for use with Mini-UICC cards in phones designed for Plug-in cards. The adapter is slightly thicker than the Plug-in module, and besides, the slots at the junction of the card and the adapter can break the contacts in the phone when the SIM is installed, depriving the user of the chance for warranty repair.
In some devices operating in the mobile network (navigators, devices for monitoring the location of vehicles, etc.), subscriber identification modules can simply be soldered in the form of microchips, but ordinary subscribers usually do not have to deal with such modules.
How many contacts should there be?
In everyday life, there are modules with different patterns of the contact area and a different number of contacts. Some manufacturers use a "branded" contact pad design as their business card.
The standards provide 8 positions for sites through which the modules are connected to mobile terminals, but not all of them are always used. Cards with 6 pins are common, and the rest of the metallized part is usually connected to ground.
Cards with 6 and 8 contacts
Contacts used:
C1 - Vcc - power supply;
C2 - Reset - card control contact;
C3 - CLK - Clock - clock frequency;
C5 - common ("ground");
C6 - Vpp - programming voltage, which is used when writing service information
C7 - I / O - Serial I / O line.
The standards provide for the use of both C4 and C8 contacts in the mode of information exchange with a mobile terminal in USB mode, which provides a higher data transfer rate than through the usual SIM I / O interface.
In practice, now the USB interface mode is not actually used, since equipment with this interface is practically not produced and ordered by consumers, therefore these contacts, even if they are on the card, are connected to ground. In the following, we will discuss the operation through the I / O interface line.
Where did they plug the computer?
Comparing the electronic contents of a SIM with a computer (especially with a pocket one), you can find many elements that are identical in function:
- Processor (CPU);
- Random access memory (RAM, RAM);
- Permanent memory for storing the operating system ROM (ROM);
- Memory for storing user information;
- File system;
- I / O controller.
There are also differences - something that is not in the module:
- Human interface elements that the module simply does not need.
- Power supply (using terminal power)
- Clock generator (similarly, supply from the terminal).
Additional information about the architecture and production of SIM can be found here in this part:
A brief introduction to SIM cards
When to the question "what do you work for?" I answered "as a software developer for SIM-cards", even tech-savvy people were often surprised. Many people think that a SIM card is "something like a flash drive".
In this article I will try to briefly describe what a SIM card (and smart cards in general) is, why it is needed and what is inside it.
In fact, a SIM card is a special case of a contact smart card with a microprocessor. In fact, it is a fairly protected microcomputer with a CPU, ROM (optional), RAM and NVRAM (which acts as an analogue of a hard disk in a PC), with hardware random number generators and hardware implementation of crypto algorithms.
To some approximation, the architecture of a microprocessor smart card can be represented as follows:
Smart card architecture.
A little about production
To understand the following material, it seems to me correct to briefly explain the main processes in the production of cards.
1.Chip production
Performer: Chip manufacturer (silicon vendor).
End product: wafer.
The chips are manufactured by several companies, the most common are Samsung, ST Microelectronics, Infinion, SST etc.
The reverse side of the module. The white rectangle in the center is the SIM chip:
2. Module assembly
Performed by the card vendor or third party module assembly plant.
End product: tape with modules (chip + contact pad).
At this stage, the wafer is cut into chips (often the wafers are cut by the chip manufacturer), the chips are attached to the contact pads, then the contacts are unsoldered and the chip is filled with glue (see the previous photo of the back side of the module). This whole construction is called a "module":
3. Card production
Performer: card vendor.
End product: SIM card.
The modules are removed from the tapes, attached to the plastic base of the card, then the file system, applications are loaded, then the card is personalized - loading data unique for each card (different IDs, keys, etc.) and applying them to the card itself (for example, ICCID and PIN codes in case with SIM cards).
Types of cards
According to the type of memory used, SIM cards have recently been divided into 2 groups: cards that use ROM and EEPROM, and cards that use Flash memory.
In the first type of cards, the operating system (OS) and constantly used and little-changed applications are placed in ROM by the chip manufacturer (the first stage of production). The production cycle in this case is very long and the interval between the OS release and the shipment of the first chips takes 2-3 months. EEPROM is used by the card manufacturer to load the file system (FS) and applications.
In the case of a Flash card, OS, FS and applications are stored on Flash memory. Using Flash allows you to load the OS during module assembly or during card production (steps 2 and 3). At the moment, cards using flash memory have practically displaced ROM from the SIM card market. Flash chips are cheaper and make OS changes fairly easy. It is also easier for a card manufacturer to plan an order for chips, since there is no need to order chips with specific OS versions, but simply chips with different memory sizes are ordered, and the required OS is loaded for a specific customer - operator. Since the forecast for the purchase of chips is usually made only once a year, this greatly simplifies planning.
Java on cards
Yes, I was not mistaken. By software "stuffing" smart cards are divided into 2 large groups - native and javacard.
Native cards
Software for native cards is written in C. Applications (if required by the manufacturer) are usually tightly integrated with the OS and loaded simultaneously with the OS onto the card. You cannot install any applications developed by another company on a native card. Additional functionality requested by the operator often has to be added to the OS code. Due to the use of C and the simplicity of the OS, the dimensions of the OS itself are quite small (for SIM cards, about 10-20 Kbytes). Therefore, native cards are currently used in the low-cost segment, where the operator wants nothing on the card, except for a simple menu.
Javacard
During the Java era, Sun Microsystems wrote the javacard specifications. The idea behind javacard was to make it possible to install applications (applets) on cards from different manufacturers (and on different chips). In 1996, the smart card division of Shlumberger Corporation (later renamed Axalto, now Gemalto) introduced the first javacard. The idea is quite simple. In addition to the OS, the card contains a Java virtual machine. The developed application is compiled into bytecode and loaded onto the card. In this case, applications are loaded after the OS is loaded (during the production of the card), also, if the card contains the Remote Applet Manager, the javacard applet can be installed after the card is issued via the CMC.
The javacard development language is a heavily stripped-down Java. It is much more stripped down than in J2ME. Of the primitives, only boolean, byte, shortint is optionally supported (but practically not used for the sake of compatibility, since it is not supported by all manufacturers). Not the usual type of classes String(generally from java.langmigrated only Object, Throwableand a few Exceptions), there is no multithreading, no garbage collector'a. The disadvantages of javacard, in my opinion, are the speed of work and large memory requirements (both RAM and EEPROM / Flash). Java cards are more expensive due to more expensive chips and more complex software structure.
Applications
In the previous text, applications were often mentioned, but a person who is not familiar with smart cards often does not understand what kind of applications may be on the card.
First, the main functionality of the card can be moved into a separate application. For example, there might be a SIM applet written in java that implements all the functionality of a SIM. There may be an R-UIM application (R-UIM cards are used in CDMA networks). This can be a Visa or Mastercard application that turns a smart card into a bank card. Basically, when using java, you can leave memory management, I / O and the Java machine in the OS. At the same time, if the manufacturer needs to produce SIM cards, the SIM applet is loaded, if it is necessary to make a Visa, the Visa application is loaded.
Secondly, there is a class of applications on cards - microbrowsers. These are bytecode interpreters for building a SIM menu. This is not java bytecode, but bytecode understandable by the installed browser. In this case, the menu is most often developed in an xml-like markup language, converted to bytecode and loaded into the browser. At the moment, the most widespread browsers are S @ T from Simalliance and WIB from Smarttrust. Both organizations do not develop browsers, they write specifications and certify browsers written against those specifications.
Thirdly, it can be SIM menus developed in java (without using browsers), or just some kind of background applet. For example, it might be an applet that keeps track of which phone you are using. If you inserted the card into a new phone, the SIM sends the IMEI of the new phone to the operator, and that, in turn, sends you the wap / gprs settings for your model.
File system
SIM cards have a file system, just like desktop computers. There are 2 types of files - DF (Dedicated file - analogue of a folder) and EF (Elementary file - analogue of a regular file). The root DF file is called MF (Master File).
The file system of the SIM card stores secret keys, an address book, a list of recent SMS, the name of the operator, networks preferred in roaming, networks prohibited for use, etc. Naturally, there are levels of access to files. Keys often have NEVER as read access, which makes them impossible to read from the outside.
What is all this for?
SIM-menus and other "non-system" applications are simply value added services. The main purpose of the card is to identify and authenticate the subscriber in the network.
For this, the card has IMSI (International Mobile Subscriber Identity) - a unique SIM card identifier and a 128-bit Ki key.
Below is the procedure for authenticating in the GSM network and generating the session key Kc.
Authentication takes place using the A3 algorithm, generation of Kc - A8. The Authentication Center (AuC) generates a 128-bit pseudo-random RAND sequence upon request for card authentication and sends it to the SIM card. Further, knowing the IMSI of the card, AuC uses the Ki key associated with this IMSI and the RAND data as input to the A3 and A8 algorithms. The card performs the same calculations at the same time. The result of calculations of the A3 Signed Response (SRES) algorithm is sent by the card to the AuC, where the received SRES is compared with the calculated on the AuC. If the results match, the authentication procedure is considered successful. The Kc key obtained using the A8 algorithm is subsequently used to encrypt traffic between the phone and the network.
Card cloning programs exploit a vulnerability in the old version of the A8 algorithm (COMP128-1). Currently, COMP128-2 and COMP128-3 are widely used in GSM networks. The vulnerability was found back in 1999, but some GSM operators have not switched to using algorithms 2 and 3 (vulnerabilities in which have not been found at the moment).
Epilogue
In this article, I tried to tell you rather succinctly what a SIM card is. I hope I got it. Almost everything described above, with the exception of the authentication procedure, applies to both USIM cards used in 3G networks (UMTS) and R-UIM cards (CDMA networks). If you have any comments or questions, please write.
Related links:
→ www.3gpp.org
→ www.3gpp2.org
→ Java Card Technology
The amount of memory that can be used to store information in a SIM varies and gradually grows as technology advances. Several years ago, there was an outbreak of euphoria from the emergence of technology that allows you to place gigabytes of information in a SIM. It was then, after a heated discussion in the industry and two rounds of voting in the GSM Association, that the USB standard was chosen for working with large amounts of information. But then the euphoria subsided, and now there are not so many mobile terminals on the market that can work with such SIMs, and SIMs themselves with a gigabyte memory capacity are not in great demand among operators.
Can you store HD movies on SIM cards?
Why do we need large amounts of SIM-cards memory and what amounts of memory are really needed?
SIM memory is used for several purposes:
- Storage of information that is vital for the phone to work with this SIM in the mobile network. For example, this is IMSI - International Mobile Subscriber Identity - a sequence of numbers that not only identifies a specific SIM and its owner, but also indicates which operator from which country issued it. This information helps in roaming to quickly figure out where to find out what services the phone can provide with this card, because the first three digits of the IMSI are the country code, and the next two digits are the network code (in the Americas, the network code consists of three digits). This Ki is a secret key that provides an opportunity for the network to verify that this is indeed its "own" SIM-card, and not some fraudster uses someone else's IMSI to gain access to services. Plus files for storing other service information.
- Storing user information. Usually the cards contain a phone book, received SMS-ki. In cards for the UMTS network, the phone book can have significantly more functionality than just a list of names and their corresponding phone numbers. You can bind multiple numbers to a name, add an email address and other information. However, due to the development of the same functions in the phones themselves, these SIM capabilities are practically not used.
- Placement of application files that can run in the SIM-embedded virtual Java machine and provide some services. If the operator actively uses services based on applications running in the SIM card, then this part may occupy the most significant part of the card memory.
Who rules whom?
In addition to the fact that the phone or other mobile terminal provides the SIM card with power and a clock signal, it is fully responsible for the exchange of information between devices - the phone always acts as the master, and the card always acts as the slave.
The phone sends commands / requests to the SIM, and the SIM only responds to them, accompanying the responses with information about the response status.
In the status information, the card can confirm that the command was completed successfully, ask for additional time to prepare a response, report various types of errors, or inform that it has special information for the phone, which it can receive by sending a special request for selection in the next command ...
This mechanism for transferring information from card to phone is commonly referred to as SIM (or Card) Application Toolkit, STK. It is used to implement various services based on application programs (usually written in JavaCE - Java Card Edition) that are executed inside the SIM. In the menu of phones with installed SIM-cards of the main operators, you can find items and whole menu trees formed on the basis of information provided by applications that work in SIM-cards.
The operation of real-time services is based on the same technology, for example, constantly providing information about the current balance.
It is possible to organize roaming for small companies using the switching of two IMSIs in one card - one corresponding to their network, and the other provided "on loan" by another operator - "big brother". For example, Beeline networks operating in the CIS countries use the Dual IMSI mechanism to provide roaming services to their subscribers. Their SIM-cards contain one IMSI of their network, and the other IMSI corresponding to the Russian Beeline network. In the Russian network "Beeline" these IMSIs are reserved in HLR for the provision of roaming services to "subsidiaries" and communication channels with them are organized. A Beeline subscriber from a subsidiary company, being, for example, in a European country, using the STK menu switches the SIM mode to roaming. As a result, a phone with such a SIM card is presented to the roaming network, as belonging to a subscriber of the Russian network "Beeline". Then everything happens as usual, only the network organizes the transfer of information on behalf of the "subsidiary" network.
Even a WEB server can be organized inside the SIM! So, if someone is confused by the "slavery position" of SIM, he may well consider it a server.
How does it turn on and why does it load the book slowly?
After turning on and starting the operating system, the phone supplies the SIM with the Vcc supply voltage. The standards provide for three ratings of SIM supply voltages - 5V, 3V and 1.8V.
Previously, cards were issued that could only operate at 5V. After the advent of phones that applied a voltage of no more than 3V to the card, these old SIMs were gradually replaced by new ones, capable of operating from a voltage of 3V, which also withstand work in phones providing 5V.
Since phones that provide SIM cards with a voltage of only 1.8V have not yet been encountered, modern SIM cards do not create compatibility problems due to supply voltages.
After the power supply voltage is applied to the phone, a clock signal is supplied, and after a stable mode is established, the voltage on the Reset contact rises. This serves as a signal for the SIM card to start working with it, to which it responds with a sequence of bytes called ATR (Answer To Reset).
The ATR bytes contain basic information about the capabilities of the card and the supported communication protocols. In particular, they can tell the phone about possible options for speeding up the exchange of information through the interface by increasing the clock frequency and information transfer rate.
After reading the information from the ATR, the phone can start the PPS (Protocol and Parameter Selection) procedure for negotiating the communication mode between the phone and the card. If the phone is not able to find an option that is acceptable both for it and for the SIM, then communication with the card will continue in the default mode (at a speed of 9600 bps).
In such cases, subscribers often complain about the too long duration of reading the phone book from the SIM card into the phone, for some reason reproaching the operator who issued the SIM card.
"Hello, who are you?"
During the activation process, the SIM card and the mobile terminal (phone) exchange "business cards". The phone reads from a SIM file containing SST - SIM Service Table - a certain way coded information about those STK functions that the SIM is able to perform. In turn, the phone sends to the SIM-card TERMINAL PROFILE - in a certain way coded information about what functions of communication with the SIM it can support. As a result, both parties receive information about the partner's abilities and can interact correctly when implementing STK-based services.
File system and security
SIM has a multi-level hierarchical file structure with access control.
Access to files is regulated by the need for the user to present different types of access codes in advance.
Some of these access codes are well known - these are Personal Identification Numbers - PIN (aka PIN1) and PIN2. Other codes are used for administrative access to service files.
What does this distinction give? Activated PIN request allows you to secure money on your personal account associated with a SIM card from unauthorized use by unauthorized persons.
Another important security technique is, for example, the impossibility of reading information from some files, for example, reading the Ki key, which is used in various cryptographic algorithms when authenticating a subscriber and generating traffic encryption keys.
Why reading instructions is helpful
Several years ago, at a roundtable on the prospects of smartphones organized by one of the manufacturers, one of the participants complained to me that Beeline did not have a service that would be very useful for parents. He wanted parents to be able to limit the ability for their children to call only a certain set of phone numbers - home, parents, grandparents, and the child should not call the other numbers.
Imagine his surprise when I showed him the work of the FDN function - Fixed Dialing Numbers, which is implemented by the joint actions of the phone and the SIM card. The authorized numbers using the phone are simply written into a specific file of the SIM card, and access to change this list is blocked using PIN2. After that, a phone with such a SIM will refuse to call numbers not listed in the FDN list.
However, it should be noted that not all phones support this service.
Wash your hands before eating
The skin of the fingers is coated with organic fatty acids, which, on contact, corrode metal parts. Small details are just about the contacts of the SIM card.
The photo shows a laser pointer, the surface of which, after rather rare use, has lost several layers of metal coating - chrome plating and copper plating just because of these fatty acids! As you know, "radio engineering is the science of contacts," and SIM has a lot of them!
Laser pointer damaged by fatty acids on fingers
A similar fate should not befall the contacts of the SIM card, and for this you need to protect the SIM contacts from contamination by all means, and try not to touch them with your fingers!
If there is a problem with the contacts between the phone and the SIM, then careful cleaning of the contacts with a soft eraser can help. Just do not need to remove the crumbs from the contacts with your fingers after the cleaning operation, otherwise all the problems will start all over again! Better to just blow them off or gently rinse them off with rubbing alcohol.
To change or not to change?
Once a subscriber came to the Beeline office, who was sent from the phone repair service to change the SIM card, because his completely new phone turned off spontaneously during a call, checking balance, sending SMS.
I had to explain to him that turning off the phone has nothing to do with the operability of the SIM. With the help of an eraser, I carefully cleaned the contacts on the battery and in the phone, after which the phone began to function normally. Along the way, I read a small lecture on hygiene to the subscriber.
Of course, the situation is not so obvious in all cases, and it is not easy to determine who is to blame - the phone or the SIM for the fact that the services do not work - because their communication is almost intimate. It is especially important to understand the causes of conflicts when developing new services using STK or when detecting problems of SIM incompatibility with some models of phones or other mobile terminals.
In such cases, an invaluable service is provided by the analyzer of information exchange protocols on the SIM-terminal interface:
Analyzer of information exchange protocols between SIM and mobile terminal.
Instead of a SIM card, a special probe is inserted into the terminal, and the SIM is connected via a flexible cable. During operation, all information about events occurring on the interface is recorded in the memory of a computer connected to the analyzer.
Comparison of the collected information with the requirements of standards allows to unambiguously and convincingly establish the party guilty in the conflict.
Of course, only some of the features of SIM-cards and their work in phones are touched upon in the material, but if there is interest in this topic, just ask questions, I will answer in detail.
Thank you for your attention!
