import of old now defunct presentation slides svn repo

1 files changed, 75 insertions, 0 deletions

diff --git a/2014/simtrace-openfest2014/section-simtrace.tex b/2014/simtrace-openfest2014/section-simtrace.tex
new file mode 100644
index 0000000..0d6ffc4
--- /dev/null
+++ b/2014/simtrace-openfest2014/section-simtrace.tex
@@ -0,0 +1,75 @@
+\section{Osmocom SIMtrace}
+
+\subsection{Analyzing SIM drivers and STK apps}
+
+\begin{frame}{Analyzing SIM toolkit applications is hard}
+\begin{itemize}
+	\item Regular end-user phone does not give much debugging
+	\item SIM card itself has no debug interface for printing error messages, warnings, etc.
+	\item However, as SIM-ME interface is unencrypted, sniffing / tracing is possible
+	\item Commercial / proprietary solutions exist, but are expensive (USD 5,000 and up)
+	\item Technically, sniffing smard card interfaces is actually very simple
+\end{itemize}
+\end{frame}
+
+\subsection{Osmocom SIMtrace Introduction}
+
+\begin{frame}{Introducing Osmocom SIMtrace}
+\begin{itemize}
+	\item Osmocom SIMtrace is a passive (U)SIM-ME communication sniffer
+	\item Insert SIM adapter cable into actual phone
+	\item Insert (U)SIM into SIMtrace hardware
+	\item SIMtrace hardware provides USB interface to host PC
+	\item {\tt simtrace} host PC program encapsulates APDU in GSMTAP
+	\item GSMTAP is sent via UDP to localhost
+	\item wireshark dissector for GSM TS 11.11 decodes APDUs
+\end{itemize}
+\end{frame}
+
+\subsection{Osmocom SIMtrace Hardware}
+
+\begin{frame}{Osmocom SIMtrace Principle}
+\begin{figure}[h]
+	\centering
+	\includegraphics[width=70mm]{simtrace-schema.png}
+\end{figure}
+\end{frame}
+
+\begin{frame}{Osmocom SIMtrace Hardware}
+\begin{figure}[h]
+	\centering
+	\includegraphics[width=105mm]{simtrace_and_phone.jpg}
+\end{figure}
+\end{frame}
+
+\begin{frame}{Osmocom SIMtrace Hardware}
+\begin{itemize}
+	\item Hardware is based around AT91SAM7S controller
+	\item SAM7S Offers two ISO 7816-3 compatible USARTs
+	\item USARTs can be clock master (SIM reader) or slave (SIM card)
+	\item Open Source Firmware on SAM7S implementing APDU sniffing
+	\item Auto-bauding depending CLK signal, PPS supported
+	\item Schematics / layout is open source (CC-BY-SA)
+	\item Assembled + tested kits can be bought from {\url http://shop.sysmocom.de/}
+\end{itemize}
+\end{frame}
+
+\begin{frame}{wireshark decoding}
+\begin{figure}[h]
+	\centering
+	\includegraphics[width=95mm]{wireshark-sim.png}
+\end{figure}
+\end{frame}
+
+
+\begin{frame}{SIMtrace TODO}
+SIMtrace hardware is capable, but no software yet for:
+\begin{itemize}
+	\item perform MITM (APDU filtering)
+	\item full software SIM card emulation
+	\item PC/SC compatible smart card reader
+	\item autonomous tracing operation (No PC / USB), store APDU logs {\em in the field} on integrated SPI flash
+\end{itemize}
+Firmware and host software all FOSS, anyone can extend and innovate!
+\end{frame}
+