1. 1 Extending the GSM/3G Key Infrastructure DIMACS Workshop on Mobile and Wireless Security November 3, 2004 Scott B. Guthery CTO, Mobile-Mind Sguthery@mobile-mind.com Mary J. Cronin Professor of Management Boston College Cronin@bc.edu

2. 2 Outline SIM for Mobile Network Authentication SIM for Internet Authentication SIM for Local Authentication

3. 3 Subscriber Identity Module Integral part of GSM security from the start Holds secret key Ki –other copy held by subscriber’s network operator 8-bit processor, 8KB EEPROM, file system, cryptographic algorithms Identity token with a wireless connection to an authentication and billing service

4. 4 GSM/3G Authentication Roaming is the stepping off point for extending the GSM/3G key infrastructure Visited network authenticates without being in possession of Ki SIM 1) Identity 3) Challenge & Response 4) Challenge 5) Response Visited Network Home Network 2) Identity Ki

5. 5 SIM for Internet Authentication EAP-SIM uses SIM for Internet authentication –visited network is an EAP authenticator –draft-haverinen-pppext-eap-sim-14.txt Uses GSM/3G authentication but generates a stronger session key SIM EAP Authenticator Home Network Ki Internet Service

6. 6 SIM Toolkit SIM gives commands to the handset –display text, get key hit, send SMS, block call Operator controls loading of applications –GlobalPlatform architecture used to manage keys for non-operator applications Application 1 Application 2 Application 3 Handset STK

7. 7 SIM for Local Authentication SIM-based authentication and authorization –visited network is a merchant or a door SIM-based cryptographic services – session keys, certificates, signing, tickets, etc. Operator SIM Handset Local Connections (IR, Bluetooth, etc.) Other SIM 3G Network

8. 8 User-Equipment Split SIM is in the device needing signing and authentication services All that’s left of the mobile communication network is the extended key infrastructure SIM A SIM B SIM C Network Operator Handset

9. 9 Business Models for SIM Security Extension Theory, Reality and Lessons Learned Theory: Compelling business and revenue opportunities based on leveraging SIM security –Enormous global installed base of active SIM cards Over 800 million GSM and 3G handsets and subscribers –Well-established international standards for SIM applications and key infrastructure Well documented architecture and tools for development using SIM Application Toolkit and Java Card™ platform –Multiple business models from different industries (banking, retail, media, IT, health, etc.) in search of strong mobile security solution will embrace the SIM

10. 10 Three Potential Business Cases SIM-hosted and authenticated non-telephony m- commerce applications and services –Allow trusted third parties to load applications onto the SIM card and share the existing key infrastructure to authenticate customers and authorize transactions via the wireless public network SIM-enabled use of mobile handset for authenticated and authorized transactions via the wireless public network Embedded SIMs for authorization of users or devices attached to any network, particularly WiFi

11. 11 SIM-Hosted M-Commerce Applications Business Model: Multiple applications are stored on a single SIM card to allow subscriber to conduct secure banking, make and pay for purchases, download and store value, tickets, etc to the SIM –Third party consumer and enterprise applications both supported SIM application provider gets share of projected $60 billion plus in m-commerce transactions Reality as of 2004 –Technical requirements are in place Almost all recent SIMs are multi-application Java Card™ SIMs Over 260 million of them are Global Platform compliant –SIM-hosted applications have been scarce Limited to small mobile banking pilots in Europe and Asia Majority of booming m-commerce business has moved to handset downloads and back end server-based security systems

12. 12 SIM-Enabled Security for Mobile Devices Business Model: Dual-slot handsets provide external slot for smart card to conduct secure transactions and move value via the SIM, making the mobile a cash dispenser, a ticket, a POS, etc. –1999 launch of dual slot phones to great fanfare Datamonitor projected over 32 million such phones in use by 2003 All major handset makers announced plans to manufacture them Reality as of 2004 –Dual slot phones are hard to find collectors’ items –Revival of the model via “add-on” module for standard GSM phone to create a mobile POS for developing markets Way Systems has some initial traction with this approach for China

13. 13 SIM Authentication in Non-Telephony Networks Business Model: Embed SIM in WiFi and other networked devices or provide SIM-USB token to subscribers for authentication and payment for WiFi access and roaming –One solution for problems with 802.11 security –Potential for portability and roaming on different networks –Possible integration with wireless subscriber accounts Reality as of 2004 –WLAN Smart Card Consortium attempting to define standards –Commercial deployments increasing but still in early stages Transat solution launches with 3,500 hotspots in the UK (4/04) Orange implements in Switzerland (3/04) Tartara demonstrates solution with Verisign (3/04) TSI demonstrates solution with Boingo Wireless (5/04)

14. 14 Conclusion: Still Searching for Clear Business Case for SIM Extension Limited applications to date outside of wireless telephony and some notable business failures such as dual-slot handsets –The combined business drivers of a billion SIMs, a rapidly growing m-commerce market and unsolved mobile security issues continue to bring new players and approaches to the table Lesson learned: Wireless carriers have made controlling and guarding the SIM key infrastructure a priority over increasing revenues through extension –Carriers have the ability to cut off third party access to the SIM platform –WiFi and non-telephony network authentication looks like a good match for the SIM key infrastructure, but long-term models may require wireless carrier participation