05-04, 12:00–12:30 (Europe/Berlin), Meeting Room
Everyone knows that OTA (over the air) access to SIM cards exists for decades, and that somehow authenticated APDUs can be sent via SMS.
But let's look at the OTA architecture in more detail:
* OTA transport (SCP80) over SMS, USSD, CellBroadcast, CAT-TP, BIP
* The new SCP81 transport (HTTPS via TLS-PSK)
* how to address individal applications on the card via their TAR
* common applications like RFM and RAM
* custom applications on the card
* OTA in the world of eUICCs
* talking to the ECASD
* talking to the ISD-R
* talking to the ISD-P/MNO-SD or applications therein
One of the original authors of OpenBSC and OsmocomBB, both of which turned into Osmocom later on. Also co-founder of sysmocom, the leading company for professional R&D around many osmocom projects and largest contributor to Osmocom.
In previous lives, I hacked [among other things] on netfilter/iptables, OpenMoko and did a lot of work in terms of legal compliance to Open Source licenses at gpl-violations.org