Original URL: https://www.theregister.co.uk/2013/02/12/sim_m2m/
Mind out, Apple: Ericsson leads charge against the SIM
Gemalto pitches in to manage the machines
Gemalto and Ericsson have partnered to create SIM-less mobile phones aimed at machines rather than people - though the technology and techniques developed will be well-received in Cupertino.
The partnership will create a provisioning system to allow things (cars, electricity meters, etc) to be fitted with an embedded mobile phone*, without knowing the network on which it's going to operate, or even in which country it will be used. Gemalto, meanwhile, will kick in the secure provisioning system which will make the removable SIM redundant.
European mobile phones are required to conform to the GSM standard, which mandates a removable SIM so customers can easily switch networks, but Apple has been (successfully) leading a project to extend the standard to encompass embedded SIMs. Such SIMs could change network operators, letting Apple sell connectivity in the iTunes store and car buyers to select a mobile network** on first turn of the key.
Doing that in a secure way is hard, and replicating the long-term success of the removable SIM will be very tough.
Each GSM SIM stores a different secret key, which is replicated in the Authentication Server at the network operator. The key is never transmitted and can't be extracted from the SIM without an enormous amount of effort, and physical access. That shared secret is used to create matching "session" keys with which GSM communication is secured, and those session keys have been broken from time to time, but the shared-secret authentication made possible by the SIM remains secure.
Shared secret is always the best cryptography, assuming the secret can't be intercepted. Dual-key systems (such as RSA or ECC) only exist because of the difficulties in distributing a shared-secret, and such systems are only used in order to safely create a shared secret.
The removable SIM solves this problem by sending the secret in a secure package (the SIM) over a separate communications medium (the post), removing the need for more complicated solutions.
So an operator-independent SIM will have two options: store a shared secret for each network operator, and select which one based on user choice, or store a shared secret from a third party such as Gemalto, or Apple, then use that secret to encrypt the selected operator's secret on request.
The latter solution is better as it offers more flexibility and wider application, but it requires the network operators to share some secrets with that third party, and that is an enormous favour to ask. It's hard to imagine the operators agreeing to share secrets with anyone, but Gemalto is already providing the SIMs to many of them (and thus responsible for programming the secrets into those SIMs) so if they'd trust anyone then it would be Gemalto.
But it never pays to underestimate how craven the operators can be when confronted with iShiny, so where machines lead so human customers will likely follow. ®
* Technically the eUICC (embedded Universal Integrated Circuit Card) does perform the functions of a SIM, but through a chip soldered on the handset's motherboard rather than a detachable, removable unit.
** All new European cars will need a mobile network within two years, to conform with eCall legislation. ®