Is it possible to use SIM card cryptographic functions?

Question

All smartcards have embedded crypto capabilities and computation power.

Is is possible to take advantage of this with developed android application? For example, would I be able to sign a file using the public/private key stored on the SIM.

I heard about some standards and norms and initiatives (ETSI-MSS, Mobile PKI) but I do not see any application of such architecture.

Do someone has some clue on this?

It seems that phone SIM cards have very limited cryptography-related functionality. I.e. they are not smartcards as we know them. — Eugene Mayevski 'Callback, Oct 24 '11 at 15:18

score 2 · Answer 1 · answered Aug 30 '12 at 20:16

2

No, you cannot access the SIM card directly in Android. All access to telephony-related services takes place in the TelephonyManager API and there is no API exposed to doing and cryptographic operations in the SIM.

answered Aug 30 '12 at 20:16

kroot

1,962
1
12
10

score 1 · Accepted Answer · edited May 23 '17 at 12:09

My understanding is that SIM cards do not use standard crypto. The handle certains kinds of authentication and crypto for the network. Given the quality of say A3/5, I'm not sure you would want to. I doubt you can get AES or reven basic RSA out of them

Actually the above statement is somewhat incorrect: apparently there is work either to get SIM cards to have this functionality or to write generic libraries for exposing it. I cannot,however, for the life of me remember the article I read this in.

This appears at least to be a starting point https://stackoverflow.com/a/9364030/980922

Is it possible to use SIM card cryptographic functions?

2 Answers2