SIM Card Copy

Chris Hessing chris at
Mon Nov 26 19:44:13 CET 2007

I have done a little bit of work with SIM cards in Linux.  You should 
check out the PCSC project.  It isn't the easiest thing to get running, 
but it can read and write data to/from SIM cards. (Assuming you have a 
reader it supports.  I have a Towitoko Chipdrive, and a Cardman 6020 
that it works with.  I have also gotten in to work with the SIM card 
slots on the Dell D620 notebook.)  I have used these libraries to 
implement EAP-SIM and EAP-AKA functionality in XSupplicant.

Based on my experience working with SIM cards, it seems that copying a 
card isn't something that is easy to do.  There is a secret value that 
is stored on the card that there doesn't seem to be any easy way to gain 
access to.  This value is what is used to authenticate your SIM to the 

The other problem is that an ISO copy is done by reading specific 
sectors off the media, and writing those same sectors to the same 
location on a different media.  SIM card interfaces don't work the same 
way.  There really aren't any "sectors" that can be read, and written 
like this.

Shawn Rutledge wrote:
> On Nov 26, 2007 10:49 AM, Cailan Halliday <chocolate.usa.chan at> wrote:
>> I just had an idea that I got from a couple of devices, how about a virtual
>> SIM card? Is it possible to make an ISO of a SIM card and store it in the
>> Neo to be, for lack of a better word, booted from? I've seen devices like
>> these:
> There are also cheap USB SIM readers, and I got the impression that
> they could write to the card as well.  So I got one on ebay.  The
> software that came with it (only for Windows) could only read the
> card.  I wish there was a Linux alternative, especially one that can
> also write the contacts to the SIM.  (But since the Neo itself could
> do that, I guess it's no longer necessary.)
> Anyway the problem is not just the ability to copy some info from one
> SIM to another, but the fact that the SIM has an uncopyable unique
> serial number and maybe a hardware crypto engine (?).  And the code
> for the GSM radio is not open-source.  So there is no way to fake the
> SIM card.  (This was meant to be a feature.)  But it might be possible
> to emulate a SIM card in hardware, in such a way that different images
> could be used at different times; I don't know of any attempts to do
> that, but it seems like it should be possible.  Then again, maybe
> there is a truly private key that cannot be read at all, but can only
> decrypt data that has been encrypted with the corresponding public
> key.
> Or you could try one of the SIM card duplexers that are sold (I never
> did... not sure how well they work).  Those are meant for people who
> travel a lot, to be able to switch to a different SIM without
> physically swapping it out each time.
> If the point is to clone a SIM card, I'm sure that would be considered
> fraudulent, and might play havoc with the network too if they see the
> same phone signing on to a couple different cell sites.
> _______________________________________________
> OpenMoko community mailing list
> community at

More information about the community mailing list