iPhone could be susceptible to SIM card attack, still waiting on clarification

iPhone could be susceptible to SIM card attack

At this year's Black Hat USA security conference cryptographer and security researcher Karsten Nohl will be presenting his findings on SIM card insecurities. While Nohl's research revealed that about one-quarter of the tested SIM cards were vulnerable to an attack that exploits an outdated encryption standard, it's unclear at this point exactly who should be worried.

Nohl isn't revealing the full details until his talk on August 3rd, but when asked specifically about iPhones, he told iMore:

No devices can be ruled out.

Of course, that doesn't provide a lot of clarity as to who should worry. Since the exploit is dependent on the SIM cards in use, not the device, the vulnerabilities that Nohl identified depend on carrier and which SIM cards they provide, not necessarily the devices they're put in.

The good news is that Nohl has already shared his findings with the GSM Association, who then passed the findings on to cellular network operators and SIM card manufacturers who could be vulnerable. The exploit relies on an old encryption algorithm, DES, still used on some SIM cards. Carriers who haven't done so already will need to update to Triple DES or AES, newer, more secure standards that is not susceptible to the same attack.

For now, people should try not to worry, as there are no signs that this vulnerability is being exploited in the wild. Once Nohl gives his presentation we should know more about which users might be affected and hopefully carriers are already in the process of updating any outdated SIMs they might have.

Nick Arnott

Security editor, breaker of things, and caffeine savant. QA at Double Encore. Writes on neglectedpotential.com about QA & security, and as @noir on Twitter about nothing in particular.

More Posts



← Previously

Deal of the Day: 37% off the Incipio Feather Hard Case for iPad mini

Next up →

Keep all your tasks and todo lists in sync across multiple platforms and browsers with Todoist

There are 10 comments. Add yours.

kch50428 says:

Can one tell by looking at a SIM if it uses Triple-DES?

Nick Arnott says:

Unfortunately no. Though probably the older the SIM card, the more likely it is that it's using DES. You could always try checking with your carrier, but not sure how successful that will be.

kch50428 says:

When it comes to a specific technical question like "What encryption is used on your LTE SIM cards?" I fear that carrier support would be unable to answer, given that in past dealings on something this technical, I've been left with the impression they'd be hard pressed to find their own arse even if given a flashlight and map...

chazvanhouten says:

I thought this was a risk for any phone with a SIM card and not specifically just the iPhone ?

Nick Arnott says:

You are correct. Sorry, I may not have been clear about that. Because so little information has been shared about who is affected, I was specifically wondering if iPhone users also needed to be worried (along with everybody else) or not. I wondered if, for example, based on the carriers that iPhone is on or the age of the hardware, the attack could be ruled out for iPhones. After reaching out to Nohl I found out that this is not the case, and that iPhone users could potentially be susceptible along with everybody else.

fasferraz says:

If your sim card is LTE ready (meaning that is a USIM) it uses recent and strong algorithms.
So iphone 5 users with nano SIM should be safe. As far as i know, all nano SIM cards are USIMs (since they are used with LTE phones).

SIM cards cannot be used with LTE, only USIM.

Nick Arnott says:

Thanks for this info fasferraz. Very good to know.

dalvik says:

i have a question... I initially opted out of texting feature with my plan, as I understand this exploit works only with sms ? does that mean now I should not worry about this at all?

Nick Arnott says:

While the exploit is performed via SMS, it's not a normal kind of SMS that you would receive from a friend or family member. It's an SMS sent to your device by your carrier that you would never actually see appear on your phone.

dalvik says:

oh i see now.... thanks for your reply!