Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it possible to use SIM card cryptographic functions?

All smartcards have embedded crypto capabilities and computation power.

Is is possible to take advantage of this with developed android application? For example, would I be able to sign a file using the public/private key stored on the SIM.

I heard about some standards and norms and initiatives (ETSI-MSS, Mobile PKI) but I do not see any application of such architecture.

Do someone has some clue on this?

like image 522
M'vy Avatar asked Oct 24 '11 14:10

M'vy


2 Answers

No, you cannot access the SIM card directly in Android. All access to telephony-related services takes place in the TelephonyManager API and there is no API exposed to doing and cryptographic operations in the SIM.

like image 61
kroot Avatar answered Nov 15 '22 03:11

kroot


My understanding is that SIM cards do not use standard crypto. The handle certains kinds of authentication and crypto for the network. Given the quality of say A3/5, I'm not sure you would want to. I doubt you can get AES or reven basic RSA out of them

Actually the above statement is somewhat incorrect: apparently there is work either to get SIM cards to have this functionality or to write generic libraries for exposing it. I cannot,however, for the life of me remember the article I read this in.

This appears at least to be a starting point https://stackoverflow.com/a/9364030/980922

like image 33
imichaelmiers Avatar answered Nov 15 '22 04:11

imichaelmiers