The offer for all:
I think what good team can investigate the FUNCTION for KI-key generation on IMSI based. So, want any BIG GSM-MasTeRs;) be the leaders of this new project?
And all members helping search this function: we can send in group old IMSI+ Ki for example.
What talking Masters? :)


----------------------------------------
Just a talk... just a talk... =)

Do u mean KI=f(IMSI) ???.

I think ki not related to IMSI, this is my opinion olny.

Best Regards,
JSompis

Invalid message.

Hi Kar@mba,

in other forum we talking about it.

In some book and web pages show this authenticate secuence:

BTS
send Rand number ---------------> Card Ki = f (IMSI)
Ki -> A3A8 -> SRes & Kc

Make the same
of SIM phone <--------------- Send SRes


uhmmmm..... If this is true.....

Some questions to start to investigate:

* The Ki is calculated all times that the BTS send Rand number
or only the first time? (by the manufactured: Gemplus, ect...)

You can check this if you can change the value of IMSI in original card.

*If you make this.... Changed the operative Ki of this card?
(File 7F20:6F07 of the SIM Card, you can see with XSim)

But You can´t change the PIN of original card because are protected with the administrative PIN.... (normaly PIN4)

*Is there any method to obtain the Administrative PIN? :D

I think It is one way to work.....

Best Regards,
Sir Graham.

SirGraham!
I'm can't do this - cose i'm only beginner... And i think - only really master can do it. Thanx about new info.
Want you be a moderator of this project?

Hi Kar@mba,

Thanks for you offer.

For the moment I working in a hardware to extract the PINs. Sorry, but I haven´t got any time to moderator more proyects....
(I working in three proyects more than XSim... ufffff).

If I have news about of this, I put a message in this forum.

Best Regards,
Sir Graham.