Gemalto's findings of its investigations into the alleged hacking of SIM cards

[Potando]

It does say 98% of private key transfers are not between the SIM supplier (Gemalto) and the carrier. It explicitly says those could be hacked more easily but are out of their hands. I have little doubt that many governments already monitor thier own people's phone use anyway, making the issue of surveillance irrelevant.

A bit surprising they promote security by obscurity though:

"Security is even higher for mobile operators who work with Gemalto to embed custom algorithms in their SIM cards. The variety and fragmentation of algorithmic technologies used by our customers increases the complexity and cost to deploy massive global surveillance systems."

[zumtar]

> It does say 98% of private key transfers are not between the SIM supplier (Gemalto) and the carrier. It explicitly says those could be hacked more easily but are out of their hands.

But that is the problem, they shouldn't really be in a state that could ever be read by a human, they should be on individual HSMs that are distributed around the networks from the SIM manufacturer.

The problem is that there isn't a real standard on how to exchange HSMs between SIM manufacturers and the network operators that use different jury-rigged hacks for everything.

The mass deployment of HSMs would add a huge cost and involves additional hardware development and integration in mobile networks that already work perfectly.

If the SIM manufacturer insisted that the keys would never be given in a plain-text format but only as individual non-dumpable HSMs then that would force the network equipment vendors and mobile operators to deploy the technology.

This isn't going to happen as the SIM company will lose business to a competitor and the mobile network operator will not spend their budget on such a project that adds zero functionality to their existing (and completely operational) network.