Smartcards in Romania
 

1. Telecards

2. GSM SIM cards

3. NOKIA 5110 / 6110 information


 

1.Telecards

short description: in Romania they have a eeprom memory of 512 bites;
a good description is in the file:  7816.txt

reading/writing: such a card is very simple; you can do it with the paralel port of your PC and the programm:  card1.cpp / card1.exe
content of a recent card : E8 2B 17 0E A4 B8 DC 02 00 00 00 00 00 FE FF FF ....  FF

emulation:
IS it possible in Romania? yes it is , yes it is!
 go to  https://members.tripod.com/~cartela  and find more about it

In Romania is only one telecom operator: Romtelecom who has the monopol; that is not a good thing;
 

2.GSM SIMs:

short description: they are microcontrollers with own operating system and a hierarhical file structure; type of data transmission: serial asynnchronous transmission: characters  transmitted on the I/O line in half duplex mode; each character includes an 8bit byte; some data like Ki ( which is the subscriber authentication key; the cryptographic key used by authentication algorithm A3 and cipher key generator A8) is not easy accesible;
a beginer introduction in smartcards:  smartcrd.txt;
their standard is ISO 7816-3:   7816p13.zip
another description :  tech1.htm
and for GSM SIMs: sim.zip

reading/writing:
                - hardware:  it can be done with your serial port of a PC and an Pheonix adaptor
                - software:  with the following program you can read ALL the data from a GSM SIM including Ki extraction  http://www.net.yu/~dejan/ 
                   WinExplorer 3.6 :  winexp36.zip is a very good program who helps you to read informations from any smartcard (including GSM sims); it uses script files which contains the commands for the card;

In Romania there are two GSM  operators Mobifon (CONNEX GSM) and MobilRom (Dialog)

CONNEX’s sims use direct convention for data transmission
Dialog’s sims use inverse convention

emulation:
Is it possible in Romania?

with PC and a Motorola phone: go to  http://www.tele-servizi.com/Janus/motpages.html  and find more about it

with a Gold Wafer Card (which contain a 16f84 microcontroller and a 24c16 2ko eeprom memory) and a Nokia phone: go to   http://simpic.tele-servizi.com/   and find more about it

this emulation won’t help you to make free phone calls!

 http://www.microchip.com/   the guys who manufacture the 16F84
 

Algorithms:
A3 authentication algorithm; used for authenticating the subscriber; it is located in GSM SIM
A5 cipher algorithm; used for enciphering/deciphering data; it is located in GSM Phone
A8 cipher key generator; used to generate Kc; it is located in GSM SIM; this algorithm has been deliberately weakened
Find more about them:
 http://jya.com/gsm061088.htm
 http://www.scard.org/gsm

“A5/1 is the strong version of the encryption algorithm used by about 100 million GSM customers in Europe to protect the over-the-air privacy of their cellular voice and data communication. The best published attacks against it require between 2^40 and 2^45 steps. This level of security makes it vulnerable to hardware-based attacks by large organizations, but not to software-based attacks on multiple targets by hackers.
In this paper we describe a new attack on A5/1, which is based on subtle flaws in the tap structure of the registers, their noninvertible clocking mechanism, and their frequent resets. The attack can find the key in less than a second on a single PC with 128 MB RAM and two 73 GB hard disks, by analysing the output of the A5/1 algorithm in the first two minutes of the conversation”  find out more  http://cryptome.org/a51-bs.htm
  http://cryptome.org/gsm-joke.htm

links:
 https://members.tripod.com/telecardnews/index.html
 http://www.geocities.com/ResearchTriangle/Lab/1578/smart.htm
 http://www.paulmax.eng.net/index.html - smartcards
 http://www.gbar.dtu.dk/~c888600/newpic.htm  - 16c84 programmer
 ftp://ftp.ai.uga.edu/pub/microcontrollers/pic/David.Tait/PIC/picprog.html
 http://www.gsmworld.netcity.it/  - the best GSM network description; in italian language
 http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html  - GSM description
 http://jya.com/crack-a5.htm  - why the GSM security has been deliberately made weaker
 http://www.jya.com/
 http://www.quios.com/  - SMS Gateway

da...
 
 
 

3. NOKIA 5110 / 6110 info

You need a electrical level adaptor between PC and your phone; there are two types of interfaces:
MBUS : uses one pin; is half duplex
FBUS : uses two pins and a full duplex protocol
you can build a dual mone adapter; take a look at:   http://www.hut.fi/~ptuomine/nokia/

Wintesla 6.03: is a Nokia service program; a lot of electrical parameters can be found and modified with it;  wt610.zip , wt610crk.zip
    Dlls : winsys.zip , driver.zip
    Drivers  - 5110/6110:    nse13.zip , nse13crk.zip
             - 3110:  nhek89.zip ,nhe89crk.zip
Winlock 1.10: you can only :( find if your phone is locked or no wlock110.zip , winlock.htm
There are some programs which can unlock your phone ( if is SPLocked); you can find them there: http://mobilephone.ifrance.com/mobilephone/
 

Net monitor mode: you can turn your phone in a source of information of your GSM network; the easy way to activate the netmonitor in your phone is the Logomanager program
 http://nokia.valley.cz/monitoren.html
a good informatin file: netmdocs.zip

There are a lot of interesting things that you can do with your phone: change logos, ringtones, leds from your keypad and display: find out how at http://www.hut.fi/~ptuomine/nokia/

LogoManager 1b7: change logos/ringtones with Logomanager
 logom.zip ,logomcrk.zip
 http://www.logomanager.co.uk/
 
 
 

Links
 http://members.aol.com/greyarea5/nokia6100_faq.htm
 http://www.mobilserver.com/
 http://mobilephone.ifrance.com/mobilephone/
 
 

I believe that the links to sources of informations are better than putting them to my page and translating them.
 

do you want more:)? the future sounds good ...
manta_y@yahoo.com

borning date: 5 XI 1999
last revision date: 14 II 2000
 
 

Vizitatorii: