Zhonglin Ding, Yang Hu, Wei Luo, Zhongming Huang, Lei Zhang, Zhongyuan Qin
{"title":"基于SPIN的嵌入式SIM远程调配协议的安全性分析","authors":"Zhonglin Ding, Yang Hu, Wei Luo, Zhongming Huang, Lei Zhang, Zhongyuan Qin","doi":"10.1145/3507509.3507515","DOIUrl":null,"url":null,"abstract":"Abstract: With the advent of the 5G era, embedded SIM (eSIM) technology has been created to meet the needs of M2M technology. In earlier years, the GSMA provided a detailed description of the architecture and configuration protocol of the eSIM over-the-air writing technology. The remote configuration protocol of eSIM cards is divided into the processes of configuration file download, installation, activation, de-activation, and deletion. In this protocol, there are attacks such as identity impersonation threats, tampering threats, denial of service and eavesdropping threats, etc. This paper analyzes the security of key session establishment during the download and the installation of configuration files. And it uses a four-channel parallel method to simulate the session establishment process. The attacker is modeled based on the Dolev-Yao model. Through the test of the SPIN model detection tool, it is found that the attacker can intercept information from eSIM and SM-DP during the establishment of the key session. However, because the attacker lacks the key, he cannot obtain valid information from the obtained ciphertext. Therefore, the attacker cannot forge or modify the message. Our work proves the security of the eSIM system.","PeriodicalId":280794,"journal":{"name":"Proceedings of the 2021 11th International Conference on Communication and Network Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Security Analysis of Embedded SIM Remote Provisioning Protocol Using SPIN\",\"authors\":\"Zhonglin Ding, Yang Hu, Wei Luo, Zhongming Huang, Lei Zhang, Zhongyuan Qin\",\"doi\":\"10.1145/3507509.3507515\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract: With the advent of the 5G era, embedded SIM (eSIM) technology has been created to meet the needs of M2M technology. In earlier years, the GSMA provided a detailed description of the architecture and configuration protocol of the eSIM over-the-air writing technology. The remote configuration protocol of eSIM cards is divided into the processes of configuration file download, installation, activation, de-activation, and deletion. In this protocol, there are attacks such as identity impersonation threats, tampering threats, denial of service and eavesdropping threats, etc. This paper analyzes the security of key session establishment during the download and the installation of configuration files. And it uses a four-channel parallel method to simulate the session establishment process. The attacker is modeled based on the Dolev-Yao model. Through the test of the SPIN model detection tool, it is found that the attacker can intercept information from eSIM and SM-DP during the establishment of the key session. However, because the attacker lacks the key, he cannot obtain valid information from the obtained ciphertext. Therefore, the attacker cannot forge or modify the message. Our work proves the security of the eSIM system.\",\"PeriodicalId\":280794,\"journal\":{\"name\":\"Proceedings of the 2021 11th International Conference on Communication and Network Security\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2021 11th International Conference on Communication and Network Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3507509.3507515\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 11th International Conference on Communication and Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3507509.3507515","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security Analysis of Embedded SIM Remote Provisioning Protocol Using SPIN
Abstract: With the advent of the 5G era, embedded SIM (eSIM) technology has been created to meet the needs of M2M technology. In earlier years, the GSMA provided a detailed description of the architecture and configuration protocol of the eSIM over-the-air writing technology. The remote configuration protocol of eSIM cards is divided into the processes of configuration file download, installation, activation, de-activation, and deletion. In this protocol, there are attacks such as identity impersonation threats, tampering threats, denial of service and eavesdropping threats, etc. This paper analyzes the security of key session establishment during the download and the installation of configuration files. And it uses a four-channel parallel method to simulate the session establishment process. The attacker is modeled based on the Dolev-Yao model. Through the test of the SPIN model detection tool, it is found that the attacker can intercept information from eSIM and SM-DP during the establishment of the key session. However, because the attacker lacks the key, he cannot obtain valid information from the obtained ciphertext. Therefore, the attacker cannot forge or modify the message. Our work proves the security of the eSIM system.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
