A subscriber identity module (SIM) is a smart card inside of a GSMcellular phone that encrypts voice and data transmissions and stores data about the specific user so that the user can be identifiedand authenticated to the network supplying the phone service. The SIM also stores data such as personal phone settings specific to the user and phone numbers. A SIM can be moved from one phone to another and/or different SIMs can be inserted into any GSM phone. For example, if a user has one phone but uses it for both personal and business calls, he can change the SIM depending on how he will be using the phone (one card contains his personal identity and data and the second card carries his business identity and data).
A SIM also is referred to as a SIM card.
A SIM card and can be switched easily from one phone set to another. The portability of data offers a number of benefits. For example, a user that buys a new phone can install the current SIM card to associate the new phone with the same number and user preferences as the old one. In another common situation, if a phone's battery runs out of power, the user can easily install the card to another subscriber's phone to borrow it without running up that user's minutes. Some vendors offer prepaid SIM cards that can provide travelers with local numbers, as long as their cell phones are not locked to a specific carrier.
Removable User Identity Module (R-UIM) is a card developed for cdmaone/CDMA2000 ("CDMA") handsets that extends the GSM SIM card to CDMA phones and networks. To work in CDMA networks, the R-UIM contains an early version of the CSIM application. The card also contains SIM (GSM) application, so it can work on both networks. It is physically compatible with GSM SIMs and can fit into existing GSM phones as it is an extension of the GSM 11.11 standard
This interface brings one of the main advantages of GSM to CDMA network phones. By having a removable identity card, CDMA users can change phones while keeping their phone numbers by simply swapping the cards. This simplifies many situations such as phone upgrades, phone replacements due to damage, or using the same phone on a different provider's CDMA network.
The R-UIM card has been superseded by CSIM on UICC. This technique allows all three applications (SIM, CSIM, and USIM) to coexist on a single smartcard, allowing the card to be used in virtually any phone worldwide that supports smart cards.
This form of card is widely used in China under the CDMA service of China Telecom (The CDMA service of China Telecom was acquired from China Unicom in 2008). However, it is also used elsewhere such as India, Indonesia, Japan, Taiwan, Thailand, and the US.
Each SIM is internationally identified by its integrated circuit card identifier (ICCID). ICCIDs are stored in the SIM cards and are also engraved or printed on the SIM card body during a process called personalisation. The ICCID is defined by the ITU-T recommendation E.118 as the Primary Account Number. Its layout is based on ISO/IEC 7812. According to E.118, the number is up to 22 digits long, including a single check digit calculated using the Luhn algorithm. However, the GSM Phase 1 defined the ICCID length as 10 octets (20 digits) with operator-specific structure.
The number is composed of the following subparts:
Issuer identification number (IIN)
Maximum of seven digits:
• Major industry identifier (MII), 2 fixed digits, 89 for telecommunication purposes.
• Country code, 1–3 digits, as defined by ITU-T recommendation E.164.
• Issuer identifier, 1–4 digits.
Individual account identification
• Individual account identification number. Its length is variable, but every number under one IIN will have the same length.
• Single digit calculated from the other digits using the Luhn algorithm.
With the GSM Phase 1 specification using 10 octets into which ICCID is stored as packed BCD, the data field has room for 20 digits with hexadecimal digit "F" being used as filler when necessary.
In practice, this means that on GSM SIM cards there are 20-digit (19+1) and 19-digit (18+1) ICCIDs in use, depending upon the issuer. However, a single issuer always uses the same size for its ICCIDs.
International mobile subscriber identity (IMSI)
SIM cards are identified on their individual operator networks by a unique International Mobile Subscriber Identity (IMSI). Mobile network operators connect mobile phone calls and communicate with their market SIM cards using their IMSIs. The format is:
• The first three digits represent the Mobile Country Code (MCC).
• The next two or three digits represent the Mobile Network Code (MNC). Three-digit MNC codes are allowed by E.212 but are mainly used in the United States and Canada.
• The next digits represent the Mobile Subscriber Identification Number (MSIN). Normally there will be 10 digits but would be fewer in the case of a 3-digit MNC or if national regulations indicate that the total length of the IMSI should be less than 15 digits.
• Digits are different from country to country.
Authentication key (Ki)
The Kni is a 128-bit value used in authenticating the SIMs on the mobile network. Each SIM holds a unique Ki assigned to it by the operator during the personalization process. The Ki is also stored in a database (termed authentication center or AuC) on the carrier's network.
The SIM card is designed not to allow the Ki to be obtained using the smart-card interface. Instead, the SIM card provides a function, Run GSM Algorithm, that allows the phone to pass data to the SIM card to be signed with the Ki. This, by design, makes usage of the SIM card mandatory unless the Ki can be extracted from the SIM card, or the carrier is willing to reveal the Ki. In practice, the GSM cryptographic algorithm for computing SRES_2 (see step 4, below) from the Ki has certain vulnerabilities that can allow the extraction of the Ki from a SIM card and the making of a duplicate SIM card.
1. When the Mobile Equipment starts up, it obtains the International Mobile Subscriber Identity (IMSI) from the SIM card, and passes this to the mobile operator requesting access and authentication. The Mobile Equipment may have to pass a PIN to the SIM card before the SIM card will reveal this information.
2. The operator network searches its database for the incoming IMSI and its associated Ki.
3. The operator network then generates a Random Number (RAND, which is a nonce) and signs it with the Ki associated with the IMSI (and stored on the SIM card), computing another number, that is split into the Signed Response 1 (SRES_1, 32 bits) and the encryption key Kc (64 bits).
4. The operator network then sends the RAND to the Mobile Equipment, which passes it to the SIM card. The SIM card signs it with its Ki, producing SRES_2 and Kc, which it gives to the Mobile Equipment. The Mobile Equipment passes SRES_2 on to the operator network.
5. The operator network then compares its computed SRES_1 with the computed SRES_2 that the Mobile Equipment returned. If the two numbers match, the SIM is authenticated and the Mobile Equipment is granted access to the operator's network. Kc is used to encrypt all further communications between the Mobile Equipment and the network.
Location area identity
The SIM stores network state information, which is received from the Location Area Identity (LAI). Operator networks are divided into Location Areas, each having a unique LAI number. When the device changes locations, it stores the new LAI to the SIM and sends it back to the operator network with its new location. If the device is power cycled, it will take data off the SIM, and search for the prior LAI.