The invention relates to a mobile station, consisting of an end device and a security element operable in the end device, with a bond between the end device and removable security element (SIM lock).
A mobile end device is understood to mean a device for using a mobile telecommunications system in conjunction with a security element, for example a mobile telephone, smart phone or PDA (personal digital assistant) with mobile telephone function. The security element is designed in many mobile telecommunications systems as a removable subscriber card (microprocessor chip card). The core piece of the subscriber card is the security module, which contains identity data, such as the international mobile subscribers' identity IMSI. Examples of mobile telecommunications systems include GSM (global system for mobile communications), UMTS (universal mobile telecommunications system), and IMT-2000 (international mobile communication 2000). In the GSM mobile telecommunications system, the security module is referred to as a SIM (SIM=subscriber identity module), and in the UMTS mobile telecommunications system it is referred to as a USIM (USIM=universal SIM). In these cases, the subscriber card is often referred to as a SIM card or USIM card respectively. Fixedly implemented (for example fixedly soldered) security elements are also proposed as security elements, for example eUICCs (embedded UICCs), which are structurally separate from the end device chip, but in this case are fixedly implemented and cannot be removed from the end device without being destroyed.
Mobile end devices are often offered at subsidised process by providers, for example operators of mobile telecommunications networks. In return, the buyer is to use the end device with any costs incurred to the favour of the network operator. So as to ensure use to the favour of the network operator, the operation of the end device is restricted by a Sim lock method. As a result of the SIM lock, the end device for example can only be used with an individual predetermined subscriber card, in a predetermined mobile telecommunications network, and/or in a predetermined country, etc.
DE 100 19 164 A1 describes a SIM lock method, in which the end device compares parts of the IMSI (for example mobile country code MCC, mobile network code MNC, home location register HLR) from the SIM card with target values and, in accordance with the comparison, grants or blocks the use of the end device with the SIM card in the mobile telecommunications network.
The SIM lock is conventionally removed by inputting into the end device a release code stored secretly by the network operator, such that the end device and the SIM card are no longer bound to one another for operation in a mobile telecommunications network. This unblocking system based on release codes is susceptible to manipulation. For example, spied release codes are publicly available to anybody and allow the unauthorised unblocking of SIM locks.
EP 1 271 992 B1 describes a method for checking the SIM lock between a SIM card and an end device by means of a secured program, wherein the program is verified with a verification key stored in the end device. For example, a signature is calculated with a private key via data used for the checking process, and the signature is verified in the end device with the corresponding public key as a verification key. Alternatively, the data are encrypted with a symmetric key and, for verification, are decrypted in the end device with the key. The SIM lock method described in EP 1 271 992 B1 is protected by cryptographic algorithms implemented in the chip of the end device. The verification result could be influenced by attacks on the algorithms and this protection could therefore also be nullified.
The expression “trustzone architecture” is known to be a two-part runtime architecture for a microprocessor system, which comprises two runtime environments. A first “normal zone” or “normal world” unsecure runtime environment is controlled by a normal operating system (for example Android, Windows Phone, Symbian). A second secured or trustworthy runtime environment called a “trustzone” or “trusted world” or “secure world” or “trusted execution environment TEE” is controlled by a security operating system.
Security-critical applications and some peripheral functions (for example keyboard drivers) are controlled securely by the security operating system. Applications under the security operating system are also referred to as trustlets (registered trademark)—an association of the terms “trust” and “applet”.
An operational processor can generally be divided into three levels as follows: the hardware level, the operating system level and the application level. The security operating system of a secured runtime environment is to be assigned to the operating system level. The drivers for different peripheral functions are to be assigned to the hardware level. The radio interface layer driver (RIL driver) is provided as a special driver at hardware level in the chip of a mobile end device and allows the chip of the end device to communicate at hardware level with peripheral components, in particular with a SIM card, USIM card, UICC, eUICC or the like operated in the end device. Applications in a SIM card, USIM card, UICC, eUICC, etc. are generally referred to as applets. Trustlets are applications in the chip of the mobile end device.
The document “Global Platform Device Technology: TEE System Architecture, Version 0.4, Public Review Draft October 2011, Document Reference: GPD_SPE_009” describes a mobile end device having a normal unsecure execution environment “rich execution environment (REE)” and a secure execution environment “trusted execution environment (TEE)” (see Chapter 1).
SIM lock may comprise a bond between an individual end device and an individual removable security element. Alternatively, a bond to a specific network operator or group of network operators or to a geographical area (for example country) is established by SIM lock by means of a security element and end device, whereby or in which the end device is operable with the security element. Special SIM locks, which comprise a bond to network operators or to a geographical area, may also be expedient for fixedly implemented (for example fixedly soldered) security elements, such as eUICCs or the like.
The object of the invention is to disclose a mobile station, comprising an end device and a removable or fixedly implemented security element operable in the end device, with a secured bond (SIM lock) between the end device and security element. A method for securely verifying the bond is also disclosed.