UICC, SIM & USIM - Blue Security Blog

Some people started asking me questions about “SIM cards”, like what the difference between USIM and SIM? What data can be found on the SIM? Or what are those APDU that been transfered between the ME to the UICC?

In this article I’ll explain what are UICC, SIM and USIM, and hopefully will answer those questions and (maybe) future questions.

What’s the difference?

According to Wikipedia, UICC is :

The Universal Integrated Circuit Card (UICC) is the smart card used in mobile terminals in GSM and UMTS networks. The UICC ensures the integrity and security of all kinds of personal data, and it typically holds a few hundred kilobytes. With the advent of more services, the storage space will need to be larger.

So the UICC is a smart card (Java card) used by our mobiles to ensures the integrity and security of personal data (like the ciphering key – Kc) while making operations with the GSM or UMTS network.

Like every Java card, the UICC has a mini OS. The OS created by the Global Platform group and called OPEN. The ME can interact with the OPEN using the Open Mobile API. With this API, the ME may transmit APDU to the UICC, open/close logical channels, get the ATR value and more.

Because of the OS of the UICC, applets can be installed on the UICC. 2 of those (possible) installed applets are the SIM and the USIM.

The SIM (or the GSM application) is an old applet which make operations with the GSM network. The SIM is pretty old, thus it’s not likely that it will be installed on new UICC.

The USIM is the “improved SIM” applet. It can operates in both GSM and UMTS (and even LTE). Usually, the USIM applet will be the only applet installed on the UICC.

SUM UP

• UICC – The Java card (the hardware).
• SIM – An applet on the UICC used with GSM networks only.
• USIM – An applet on the UICC used with any network type.

UICC

As mentioned above, the UICC is a Java card. It can “hold” applets on it and has an OS.

The UICC’s OS provides memory management, security handling and data transportation for the installed applets (e.g SIM).

The main application of the OS is the Card Manager. This application acts as the card administrator. It responsible for the environment runtime, security management, memory management and basically everything going on with the UICC. Every APDU get to the Card Manager first, before continuing to the wanted applet.

The OS has special security management applications called Security Domains (SD). Those domains provides security handling for the regions of the memory or for applications and acts as the on-card representatives of off-Card Authorities (e.g the network operator). There are 3 types of SDs :

• The ISD (Issuer Security Domain) – is the primary, mandatory on-card representative of the Card Administrator (the ISD is part of the Card Manager).
• Supplementary Security Domains – optional. On-card representatives of Application Providers or the Card Issuer.
• Controlling Authority Security Domains – A Controlling Authority may exist whose role is to enforce the security policy on all application code loaded to the card.

For more information : http://www.win.tue.nl/pinpasjc/docs/GPCardSpec_v2.2.pdf

SIM

The SIM (as mentioned above) is an application on the UICC – previously the UICC was called SIM card, because this was the only application available on the smart card.

The SIM application consists of file system and GSM specific operations (e.g generating ciphering keys). The SIM’s file system contains files (EF) and directories (MF or DF).

The EF (Elementary File) composed of a header and a body. The header contains information about the file, like file ID, size of the file, access permissions and etc. The structure of the body part, can be 1 of the following :

• Transparent EF – consists a sequence of bytes.
• Linear Fixed EF – consists a sequence of records (no more than 255 records).
• Cyclic EF – consists a sequence of records, but the last record linked to the first record (makes a cycle – like a cyclic linked list in programming).

The DF (Dedicated File) is a functional grouping of files consisting of itself and all those files  which contain this DF in their parental hierarchy (that is to say it consists of the DF and its complete “subtree”). A DF “consists” only of a header part.

The MF is the “top-level” DF. It contains DFs and EFs. It implicit selected after the SIM application is loaded.

Every file has its own specific access condition for each command. The relevant access condition of the last selected file shall be fulfilled before the requested action can take place. For each file the access conditions for the commands READ and SEEK are identical, and the access conditions for the commands SELECT and STATUS are ALWays.

The access condition levels defined in the following table :

+--------+------------------+--------------------------------+ | Level  | Access Condition | Meaning                        | +--------+------------------+--------------------------------+ | 0      | ALWays           | No restriction.                | | 1      | CHV1             | The CHV1 verified or disabled. | | 2      | CHV2             | The CHV2 verified or disabled. | | 3      | RFU              |                                | | 4 - 14 | ADM              | Allocated by the admin.        | | 15     | NEVer            | Can't be performed.            | +--------+------------------+--------------------------------+

The SIM application communicates through a terminal with the ME or via SMS (or other bearers) with the network. In all communication methods, the SIM uses an “API”, which constructed by the APDU.

I wrote an explanation about the SIM APDU in this link.

USIM

The USIM is like the SIM – an application on the UICC. However, it provides much more flexibility and features than the SIM.

The USIM also consists of a file system, which is like the SIM which different structure (file’s hierarchy position). In addition the USIM file system introduced the ADF (Application Dedicated File), which is like a simple DF but related to an application (usually SIM or USIM).

In addition, the USIM also introduced the TLV (Tag Length Value) responses and structure. The TLV is (as the name applies) consists the tag, the length and the value of the information element needed to be pass as a response or saved as data. The TLV looks like the following :

+-----+-------+--------------------------+ | tag | lgth  | Value (the size is lgth) | +-----+-------+--------------------------+

Like the SIM application, the USIM communicates through a terminal with the ME or via SMS (or other bearers) with the network. In all communication methods, the SIM uses an “API”, which constructed by the APDU.

I wrote an explanation about the USIM APDU in this link.

Notes

• ME – Mobile Equipment.
• UICC – Universal Integrated Circuit Card.
• SIM – Subscriber Identity Module.
• USIM – Universal Subscriber Identity Module.
• APDU – Application Protocol Data Unit.
• Applet – A small application.
• The UICC is a Java card. Thus, all the applets installed in the UICC are Java applets.

Resources

• http://www.win.tue.nl/pinpasjc/docs/GPCardSpec_v2.2.pdf
• http://www.etsi.org/deliver/etsi_gts/11/1111/05.03.00_60/gsmts_1111v050300p.pdf
• http://www.etsi.org/deliver/etsi_ts/131100_131199/131102/04.15.00_60/ts_131102v041500p.pdf
• https://en.wikipedia.org/wiki/Universal_Integrated_Circuit_Card

לשתף

• X
• Facebook

Like Loading...

Related