What is a SIM?

It's a security component. It's a traditional card that has a dedicated microcontroller that securely stores information such as:

• identifying the subscriber in the mobile network operator's systems;
• operator and network information;
• keys used to encrypt the connection;

The main components of the card:

Authentication through SIM

User authentication in a mobile network is a fundamental role of the SIM card. It is based on a secure pair of keys stored on the chip, uniquely assigned to the subscriber's code. The process uses cryptographic mechanisms internal to the SIM card, preventing the copying of keys and guaranteeing a secure connection. The authentication process includes:

1. The phone establishes a communication channel with the network.
2. The network asks for the user's identity, i.e. the IMSI number stored on the SIM card.
3. The network sends a cryptographic challenge to the phone (RAND).
4. The phone uses the secret key stored on the SIM card to answer the challenge (the answer is sent back to the network)
5. The network compares the response with data stored in its database.
6. If the information matches, the user is authenticated and can use the network.

The secret key used in the process is known only to the SIM card and the operator's network, ensuring a secure connection.

SIM - electrical and logical interface

A typical SIM card consists of:

• A microcontroller (e.g., ARM SecureCore or based on the 8051 architecture);
• RAM ~ 8 KB;
• ROM - 64-512 KB;
• EEPROM memory - up to 512 KB (for contacts, SMS);
• An encryption circuit for communication with the operator ( COMP128 group algorithms);

Electrical interface

On the electrical side, connecting to the SIM is as follows:

It is simply a serial connection by which characters are transmitted.
These characters are nothing more than SIM commands, which are packaged in an APDU (Application Protocol Data Unit).
‍

Logical interface

APDU frame diagram:

Communication with the SIM card via the APDU is carried out by sending and receiving a data frame in accordance with the ISO/IEC 7816 standard. An example APDU command frame has the following structure:

• CLA (Class Byte): specifies the class of the command.
• INS (Instruction Byte): Specifies the instruction to be executed.
• P1 and P2 (Parameter Bytes): specify the parameters for the instruction.
• Lc (Length of Command Data): the length of data to be sent to the card.
• Date: the actual data sent to the card.
• Le (Length of Expected Data): the expected length of data to be received from the card.

An example of an APDU command that can be sent to a SIM card to check the PIN (assuming the PIN is '1234'):

SIM - operating system / file system

The SIM operating system(COS) manages the card's internal file system, which is organized in a hierarchical manner. This system contains files dedicated to storing a variety of information:

• Authentication data: Cryptographic keys and algorithms used for network authentication.
• User's personal information: Subscriber data, such as IMSI number, and information related to operator services.
• Phonebook: Contacts saved by the user.
• SMS messages: Saved text messages.
• Network service data: Information on tariff plans, roaming preferences, etc.
• SIM applications: Such as SIM Toolkit (STK), which allow user interaction through a special menu on the phone.

COS takes care of the security of stored data by controlling access to it and managing communications between the SIM card and the phone.

At the same time, the Java Card environment is often present on the card in addition to the COS system.

Java Card is a software layer running on top of the COS, allowing applications written in Java to run in a secure and isolated environment.

The Java Card integration with COS provides a platform for developing and running applications written in Java on SIM cards.

What are the sizes and types of SIM cards?

There are several sizes in traditional SIM cards:

As for the types of SIM cards and their use, there are 4 types:

1. Traditional SIM cards:

• physical cards that can be inserted into the phone (UICC);
• cards for mini/micro/nano + MFF2 UICC socket sizes soldered to PCB (SON-8);
• Hard-loaded user profile on the card;

2. SIM on board:

• SIM card silicon uploaded to IoT module (but regular UICC and not eUICC!);
• profile uploaded during IoT module manufacturing;
• We need to get along with the operator and the manufacturer of the IoT module;

3. eSIM (embedded SIM):

• PCB solder ICs with eUICC (embedded UICC) module;
• integrated SIM cards that are digitally uploaded to the device and can be managed remotely;
• Support for multiple user profiles and activating/deactivating them on the fly (thanks to the eUICC module);

4. Soft SIM:

• purely software solution, simulates the functionality of the physical card;
• I know of one commercial implementation of this technology (Onomondo).

UICC vs eUICC

The main difference, then, is that the UICC (Universal Integrated Circuit Card) is a physical card that requires manual replacement for a change of service provider, while the eUICC (Embedded Universal Integrated Circuit Card) enables remote management of profiles, making it easier to change providers without physical intervention.

IoT vs SIM technology

SIM technology is now more than 30 years old. Its biggest pain points in the context of IoT devices (mainly those Machine 2 Machine) are:

• The size of the card - several times larger than the processor supporting it;
• SIM connector - takes up a lot of space on the PCB;
• Power consumption in full active mode (sometimes more than the LTE module) - the card independently of the processor supporting it communicates with the network (it must do so at a frequency consistent with the standard) + cryptographic operations on the card;

References

• "UICC-Terminal interface" (Chapters 5 and 7): 3GPP.102.221;
• SIM card content: 3GPP 51.011 + 3GPP 31.101 + 3GPP 31.102;

‍

#IoT

‍