1

I'm doing some tests on the SIM Cards. I wanted to know how the SIM could be authenticated with the ADM keys. I have found my answer in SIM Card Authentication

However, the solution ("f0 2a 00 01 08 31 32 33 34 35 36 37 38") does not work with the envelope APDU. The card returns the "6D 00" response (invalid Ins).

How to authenticate with the ADM keys through the Envelope (Ins 'C2') APDU?

P.S. I know the OTA keys are required for the Envelope command and I have them for my test SIM.

Community
  • 1
  • 1
Amir Torfandi
  • 31
  • 4

1 Answers1

2

It appears that the envelope command itself is sufficient for the authentication. In other words, the following sets are equal:

  • When we have physical access to the card, the works that can be done by a successful ADM authentication;
  • When using OTA or sending through Envelope, the works that can be done by a valid CC (Cryptographic Checksum) field in the command.
Amir Torfandi
  • 31
  • 4
  • Yes, You need to understand that the envelope command contains data that is normally both encrypted and contains either a Redundancy or Crystallographic check-sum based on your OTA key. Having information of the SPI and Kic/d will allow you to determine how this message should be constructed. Once you construct this secure message "ADM" permissions are inferred. – QuickPrototype Jan 22 '16 at 13:36