|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) Nokia Legacy Models Like 1011, 1610, 211x, 2x20, 6050, 3110, 8110, NKxxx , 2100, 3210, 3310, 3330, 3410, 5110, 5210, 5510, 6110, 6150, 6210, 6250, 7110, 8210, 8250, 8850 also 9110 & 9210 |
| LinkBack | Thread Tools | Display Modes |
09-04-2001, 14:48 | #1 (permalink) |
Major Poster Join Date: Jan 2001 Location: South Africa
Posts: 49
Member: 3068 Status: Offline Thanks Meter: 0 | sim Ki, how many times can i challange it i have seen quiet a few new ways to challenge the key, most sims can handle no more than 65535 (or summing like that), is that number in it lifetime or in one connection,,,,,meaning can i challange a card 50 thousand or so times today, then anouther 50 thousand times tomorro and so on, or when it reaches this 65535 limmit in total? cause i have a a card here that no brute force is decyphering .... just wanted to kno how many chances i get.. thanks<br />Zianna [ 04 September 2001: Message edited by: Zianna ]</p> |
09-04-2001, 16:45 | #2 (permalink) |
Freak Poster Join Date: Nov 2000 Location: Oslo
Posts: 124
Member: 2616 Status: Offline Thanks Meter: 6 | Note that the Ki is never <br />transmitted by air or otherwise. The SIM is designed in such a way that the customer cannot read the Ki from the SIM under any condition. The SIM has just an interface for running the A3 and A8 algorithms and getting the response back. So now when the mobile needs service from the<br />network(like a location update or a call) he identifies himself with his number. The network<br />challenges it with a 128 challenge (RAND). This RAND is given to the SIM. The SIM runs the A3 and A8 algorithm and gives back SRES (a 32-bit response) and Kc(the 64-bit ciphering key). The SRES is returned to the network over the air <br />to the network.<br />> <br />> RAND Ki<br />> | |<br />> | |<br />> -------------------<br />> | |<br />> | |<br />> | A3 |<br />> | |<br />> -------------------<br />> |<br />> |<br />> SRES<br />> <br />> <br />> <br />> RAND Ki<br />> | |<br />> | |<br />> -------------------<br />> | |<br />> | |<br />> | A8 |<br />> | |<br />> -------------------<br />> |<br />> |<br />> Kc<br />> <br />The network performs the same calculation and compares the SRES fromthe mobile and its own value.If both are the same the mobile is<br />who it claims and is successfully authenticated. This is fairly foolproof as the A3 and A8 is not known to anyone as also the Ki (the cornerstone of all security in GSM). Hope this helps. Regards |
09-05-2001, 07:25 | #3 (permalink) |
Major Poster Join Date: Jan 2001 Location: South Africa
Posts: 49
Member: 3068 Status: Offline Thanks Meter: 0 | hi there,<br />yes that makes sence, but why then or rather where does the limit of 65535 come in, what does this affect if i i go over this limit.... why i ask this acording to Dejan his simscan using option f5-f3 results in around 50 thousand <br />brut force combinations, i have run this once on my card and it found 6 values, then i stoped it i dont want to restart it incase it uses up say anouther 20 thousand brut force attacks, making the card unuasable........ but i dont understand what would make the card not work ..., or like on pre paid cards for instance running cardinal does not retrieve the Ki,could i then after that run dejan on that card, or would i excced this limit, Bi the Way Lofti... i used ure Twinsim to make a pic hex file 16f84, i burnt that to a pic16f84a-04<br />physical pic, works kewl on that pic kewl... and your hex file on that pic also allows me to use winexplorer by dexter 1.3 to upload .xpl files without any errors, easy way for ppl that are having problems with winphoenix to load the eeprrom 24lc16b with data, and .xpl files are human readable so its easy to change on the fly... anyhow this post is getting long enuff,, hope u can help Zianna |
09-05-2001, 14:44 | #4 (permalink) |
Insane Poster Join Date: Jan 2000 Location: BCN/Spain
Posts: 69
Member: 887 Status: Offline Thanks Meter: 0 | I have problems to get the KI of my sim. I used cardinal software to get it, because sim scan does not work on my computer. I got the Ki of the first sim I tried, it took 15 hours! but with this second sim, after 8 hours the program says it cannot find the KI. Any advise? Regards,<br />pau |
09-06-2001, 14:24 | #5 (permalink) |
Insane Poster Join Date: Jan 2000 Location: BCN/Spain
Posts: 69
Member: 887 Status: Offline Thanks Meter: 0 | to Zianna You said that cardinal does not work to get the KI in some cards, and sim_scan does? Because it happened to me that cardinal cannot find the KI. How many times can I challenge the KI without destroing the card? Regards,<br />pau |
09-06-2001, 14:48 | #6 (permalink) |
Major Poster Join Date: Jan 2001 Location: South Africa
Posts: 49
Member: 3068 Status: Offline Thanks Meter: 0 | hmm i dont know the answer to this myself yet sorry, hoping lofti or dejan or sum1 else that help us ... [ 06 September 2001: Message edited by: Zianna ]</p> |
Bookmarks |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
how many times can use rpl??? | BUGIGANGA16 | Nokia Base Band 5 ( BB-5 ) | 4 | 10-21-2006 15:55 |
how many time can updating time take | fonec | SagMaster Team OLD Products | 4 | 03-14-2005 13:20 |
how many times can i change the software? | moonseeker | ARM9 BASED M62 / M62+ | 6 | 07-05-2004 19:09 |
how many times can i flash phone memory | classless | E-Gold Based Phones | 6 | 02-17-2004 20:34 |
|