Dan Griffin's Blog
Comments on security, PKI, smart cards, cryptography, and entrepreneurship.
Cell phone forensics
December 17, 2007
Saw a cool talk recently on cell phone forensics. One interesting takeaway was the claim that GSM phones leave the user access PIN for the SIM card stored in memory. Thus, for example, if a forensic analyst can obtain access to an unlocked, powered-on phone, imaging the device is likely to recover the PIN.
But that means that a bad guy can do the same thing, for example, with a phone stolen out your pocket. Recover the PIN, take the SIM, and now they can make calls as you in via any GSM phone. Of course, once they stole your unlocked phone they get to make calls as you anyway, but obtaining the PIN is an interesting twist.
Microsoft ran into a similar problem with smart card applications on Windows. Namely, if the user is repeatedly performing actions which require privileged access to the smart card, then having to retype the PIN each time is a real bummer. An example would be an organization that requires digitally signed email, and the signature certificate is card-based.
The fix, then, was to create an in-process PIN cache. That is, a copy of the user PIN that can be sent to the card instead of prompting the user to manually type it in again. Nervous yet?
I’ll say up front that there are tons of ways to get that wrong, and many vendors have done just that, so please don’t try to implement your own. I’ll also state that, for one thing, this is definitely a situation in which a tradeoff between security and usability has been made, and for another thing, security-sensitive applications can opt out of the PIN cache behavior. That is, those apps can force a re-prompt. Finally, in any case, the in-memory PIN is encrypted, although a short-lived plaintext copy must be made when the card is requesting authentication. The goal is to keep the plaintext PIN out of the page file.
The point is that GSM phone vendors might wish to figure out a way to protect the SIM PIN. Perhaps an encrypted channel between the key pad and the SIM card. That would be pretty cool!
Anyway, here are some links from the forensics talk:
Permalink |1 Comment »
RSS feed for comments on this post. TrackBack URL
Ah, I assume this was at the Seattle InfraGard meeting?
Comment by planetheidi — December 18, 2007 @ 1:11 pm