This appendix describes the custom electrical circuits of the MIM module prototype presented in Chapter 5. The description here is based on the specific U(S)ART instances of the SAM3X8E microcontroller used by the prototype. They are listed in Table A.1. USART0is used for syn-chronous communication with the UE’s UICC terminal. UART communicates asynchronously (i.e. with a predetermined baud rate, without a clock signal) with the HC-06 Bluetooth module.
Figure A.1 shows the circuit for level shifting and I/O splitting/joining. It uses two kinds of N-channel enhancement mode field effect transistors: 2N7000 and BF245C. Table A.2 lists the sensitivity properties of these transistor models.
Table A.3 specifies the electrical connections between the Bluetooth module and the Arduino.
U(S)ART instance name Pin name Mapped pin name Purpose
UART PA8 RX0 Receiver
UART PA9 TX0 Transmitter
USART0 PA10 RX1 Receiver
USART0 PA11 TX1 Transmitter
USART0 PA17 SDA1 Clock signal input
Table A.1: U(S)ART instances and associated pins used by the MIM module prototype. Mapped pin names refer to Arduino Due pin designations.
BF245C
Figure A.1: Circuit for level shifting and I/O splitting/joining. The electrical circuit connects the class C UICC terminal (IDF) of the UE with the Arduino Due’s microcontroller.
Model name Threshold voltage[V]
min. typical max.
2N7000 0.8 2.1 3.0
BF245C 0.5 unspecified 0.8 Table A.2: Gate-source threshold voltages of used transistors types
Table A.3: Pin connections of the HC-06 Bluetooth module and the Arduino Due
References
[1] 3GPP TS 04.31/ ETSI TS 101 527. Location Services (LCS); Mobile Station (MS) – Serving Mobile Location Centre (SMLC) – Radio Resource LCS Protocol (RRLP). Version 8.18.0. 3rd Generation Partnership Project/European Telecommunications Standards Institute. 2014.
[2] 3GPP TS 31.102/ETSI TS 131 102. Universal Mobile Telecommunications System (UMTS);
LTE; Characteristics of the Universal Subscriber Identity Module (USIM) application. Ver-sion 12.5.0. 3rd Generation Partnership Project/European Telecommunications Standards Institute. 2014.
[3] 3GPP TS 33.102/ETSI TS 133 102. Digital cellular telecommunications system (Phase 2+);
Universal Mobile Telecommunications System (UMTS); 3G Security; Security Architecture. Ver-sion 12.2.0. 3rd Generation Partnership Project/European Telecommunications Standards Institute. Jan. 2015.
[4] 3GPP TS 35.205/ETSI TS 135 205. Universal Mobile Telecommunications System (UMTS);
LTE; 3G Security; Specification of the MILENAGE algorithm set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 1: General. Version 12.0.0. 3rd Generation Partnership Project/European Telecommunica-tions Standards Institute. 2014.
[5] 3GPP TS 44.013/ETSI TS 144 013. Digital cellular telecommunications system (Phase 2+);
Performance requirements on the mobile radio interface. Version 12.0.0. 3rd Generation Part-nership Project/European Telecommunications Standards Institute. 2014.
[6] David Banisar and Simon Davies.Privacy and Human Rights. An International Survey of Privacy Laws and Practice. Global Internet Liberty Campaign. URL:http://gilc.org/
privacy/survey(visited on 06/06/2015).
[7] Murat Ali Bayir, Nathan Eagle, and Murat Demirbas. “Discovering SpatioTemporal Mobil-ity Profiles of Cellphone Users”. In:in Proceedings of the 10th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM 2009. 2009, pp. 1–9.
[8] Leo Becker.Umprogrammierbare SIM: Apple und Samsung angeblich an eSIM-Standard inter-essiert. July 16, 2015. URL:http://heise.de/-2751994(visited on 07/21/2015).
[9] Sebastian Kay Belle, Oliver Haase, and Marcel Waldvogel. “CallForge: Call Anonymity in Cellular Networks”. In:PERVASIVE 2008 Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use (SPMU 2008). May 19, 2010. URL:https://netfuture.
ch/wp-content/uploads/2010/belle10callforge.pdf.
[10] Sebastian Kay Belle and Marcel Waldvogel.PathForge:: Faithful Anonymization of Movement Data. Tech. rep. Apr. 2009. URL:http://kops.ub.uni-konstanz.de/volltexte/2009/
7524(visited on 06/16/2015).
[11] Sebastian Kay Belle, Marcel Waldvogel, and Oliver Haase. “PathForge: Faithful Anonymiza-tion of Movement Data”. In:Proceedings of the 1st ACM workshop on Networking, systems, and applications for mobile handhelds (MobiHeld ’09). Aug. 17, 2009, pp. 63–64. URL:https:
//netfuture.ch/wp-content/uploads/2009/belle09pathforge.pdf. published.
[12] Alastair R. Beresford and Frank Stajano. “Location Privacy in Pervasive Computing”. In:
IEEE Pervasive Computing 2.1 (2003), pp. 46–55. ISSN: 1536-1268. DOI: http : / / doi . ieeecomputersociety.org/10.1109/MPRV.2003.1186725.
[13] Andrew J. Blumberg and Peter Eckersley.On Locational Privacy, and How to Avoid Losing it Forever. Electronic Frontier Foundation. Aug. 3, 2009. URL: https://www.eff.org/
wp/locational-privacy(visited on 07/20/2015).
[14] Vladimir Brik et al. “Wireless Device Identification with Radiometric Signatures”. In: Pro-ceedings of the 14th ACM International Conference on Mobile Computing and Networking.
MobiCom ’08. San Francisco, California, USA: ACM, 2008, pp. 116–127. DOI:10.1145/
1409944.1409959.
[15] Gottfried August Bürger.The Adventures of Baron Munchausen. Third. London, Paris and New York: Cassel, Petter and Galpin, 1867.
[16] Pierre Deville et al. “Dynamic population mapping using mobile phone data”. In: Proceed-ings of the National Academy of Sciences111.45 (2014), pp. 15888–15893. DOI: 10.1073/
pnas.1408439111.
[17] Matt Duckham and Lars Kulik. “Location privacy and location-aware computing”. In: Dy-namic & Mobile GIS: Investigating Change in Space and Time. 2006. Chap. 3, pp. 34–51.
[18] ETSI TS 102 221. Smart Cards; UICC-Terminal interface; Physical and logical characteristics.
Version 12.0.0. European Telecommunications Standards Institute. Dec. 2014.
[19] ETSI TS 102 223. Smart Cards; Card Application Toolkit (CAT). Version 12.1.0. European Telecommunications Standards Institute. Sept. 2014.
[20] R.A. Finkel and J.L. Bentley. “Quad trees a data structure for retrieval on composite keys”.
English. In:Acta Informatica4.1 (1974), pp. 1–9. DOI:10.1007/BF00288933.
[21] Marta C. Gonzalez, Cesar A. Hidalgo, and Albert-Laszlo Barabasi. “Understanding indi-vidual human mobility patterns”. In:Nature453.7196 (June 2008), pp. 779–782. DOI:10.
1038/nature06958.
[22] Marco Gruteser and Dirk Grunwald. “Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking”. In:Proceedings of the 1st International Confer-ence on Mobile Systems, Applications and Services. MobiSys ’03. San Francisco, California:
ACM, 2003, pp. 31–42.
[23] ISO/IEC 7816-3:2006(E). Identification cards — Integrated circuit cards. Part 3: Cards with con-tacts — Electrical interface and transmission protocols. International Organization for Stan-dardization. 2006.
[24] ISO/IEC 7816-4:2005(E). Identification cards — Integrated circuit cards. Part 4: Organiza-tion, security and commands for interchange. International Organization for Standardization.
2005.
[25] Torsten Kleinz.Handy-wechsel-dich. Zeit Online. Apr. 25, 2008. URL:http://www.zeit.
de/online/2008/03/handykartenboerse(visited on 03/14/2015).
[26] Kölner Stadtteilinformationen. Zahlen 2014. Stadt Köln, 2015. URL: http://www.stadt-koeln.de/mediaasset/content/pdf15/stadtteilinformationen_2014.pdf(visited on 09/07/2015).
[27] John Krumm and Eric Horvitz. “Predestination: Inferring Destinations from Partial Tra-jectories”. In:In Ubicomp. 2006, pp. 243–260.
[28] Jessica Leber.How Wireless Carriers Are Monetizing Your Movements. MIT Technology Re-view. Apr. 12, 2013. URL: http : / / www . technologyreview . com / news / 513016 / how -wireless-carriers-are-monetizing-your-movements(visited on 07/19/2015).
[29] Danielle Levitas.Always Connected. How Smartphones and Social Keep Us Engaged. Interna-tional Data Corporation, Mar. 27, 2013.
[30] Mingyan Li et al. “Swing & Swap: User-centric Approaches Towards Maximizing Location Privacy”. In:Proceedings of the 5th ACM Workshop on Privacy in Electronic Society. WPES
’06. Alexandria, Virginia, USA: ACM, 2006, pp. 19–28. ISBN: 1-59593-556-8. DOI:10 . 1145/1179601.1179605.
[31] Xinxin Liu and Xiaolin Li.Location Privacy Protection in Mobile Networks. Springer Pub-lishing Company, Incorporated, 2013. ISBN: 1461490731, 9781461490739.
[32] K. Mano, K. Minami, and H. Maruyama. “Protecting Location Privacy with K-Confusing Paths Based on Dynamic Pseudonyms”. In: Pervasive Computing and Communications Workshops (PERCOM Workshops), 2013 IEEE International Conference on. IEEE, Mar. 2013, pp. 285–290. ISBN: 978-1-4673-5075-4. DOI:10.1109/percomw.2013.6529496.
[33] Urs Mansmann. “Namenlos. Keine Ausweisprüfung bei Prepaid-SIM-Karten vom Discoun-ter”. In:c’t24/14 (Oct. 31, 2014), pp. 108–109.
[34] Metrorail Data Download, October 2014. Washington Metropolitan Area Transit Author-ity. Jan. 26, 2015. URL: http : / / planitmetro . com / 2015 / 01 / 26 / metrorail data -download-october-2014(visited on 09/02/2015).
[35] Ulrike Meyer and Susanne Wetzel. “A Man-in-the-Middle Attack on UMTS”. In:in Proceed-ings of the 2004 ACM Workshop on Wireless Security. ACM Press, 2004, pp. 90–97.
[36] Mobile Technology Fact Sheet. Highlights of the Pew Internet Project’s research related to mobile technology. Pew Research Center. URL:http://www.pewinternet.org/fact- sheets/
mobile-technology-fact-sheet(visited on 07/18/2015).
[37] Yves-Alexandre de Montjoye et al. “Unique in the Crowd: The privacy bounds of human mobility”. In:Sci. Rep.3 (1376 Mar. 25, 2013), pp. 1–5. DOI:10.1038/srep01376.
[38] Mirco Musolesi and Cecilia Mascolo. “Mobility Models for Systems Evaluation. A Survey”.
In: Middleware for Network Eccentric and Mobile Applications. Ed. by Benoit Garbinato, Hugo Miranda, and Luis Rodrigues. Springer, Feb. 2009, pp. 43–62.
[39] Karsten Nohl. Rooting SIM Cards. Black Hat USA 2013. 2013. URL: https : / / www . blackhat.com/us-13/briefings.html#Nohl(visited on 08/11/2015).
[40] Osmocomb SIMtrace. URL: http://bb.osmocom.org/trac/wiki/SIMtrace(visited on 08/07/2015).
[41] Andreas Pfitzmann and Marit Hansen. A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management. v0.34. Aug. 2010. URL: http : / / dud . inf . tu - dresden . de / literatur/Anon%5C_Terminology%5C_v0.34.pdf(visited on 06/09/2015).
[42] Martin Sauter.From GSM to LTE-Advanced. John Wiley & Sons, Ltd, 2014. DOI:10.1002/
9781118861943.
[43] Frank Scholle. Telekom(D1)-Senderliste für Köln. Jan. 9, 2015. URL: http : / / www . fst -gsm.de/d1-k.html(visited on 04/13/2015).
[44] Claude Shannon. “A Mathematical Theory of Communication”. In:Bell System Technical Journal27 (1948), pp. 379–423, 623–656.
[45] Aaron Smith et al.U.S. Smartphone Use in 2015. Pew Research Center, Apr. 1, 2015. URL:
http://www.pewinternet.org/2015/04/01/us-smartphone-use-in-2015(visited on 07/19/2015).
[46] Daniel Sokolov.Project Fi: Google lanciert Mobilfunk-Dienst. Apr. 23, 2015. URL: http : //heise.de/-2617408(visited on 07/20/2015).
[47] Daniel J. Solove. “I’ve Got Nothing to Hide’ and Other Misunderstandings of Privacy”.
In:San Diego Law Review44 (July 12, 2007), pp. 745–772. GWU Law School Public Law Research Paper No. 289.
[48] Chaoming Song et al. “Limits of Predictability in Human Mobility”. In:Science327.5968 (2010), pp. 1018–1021. DOI:10.1126/science.1177170.
[49] Kazunani Suzuki and Teppei Azuma. “Standardization of Embedded UICC Remote Provi-sioning”. In:NTT DOCOMO Technical Journal16.2 (2014), pp. 36–41.
[50] David Talbot.Big Data from Cheap Phones. MIT Technology Review. Apr. 23, 2013. URL:
http://www.technologyreview.com/featuredstory/513721/big-data-from-cheap-phones(visited on 07/19/2015).
[51] Christopher Tarnovsky. Hacking the Smartcard Chip. Black Hat DC 2010. 2010. URL:
https://www.blackhat.com/html/bh- dc- 10/bh- dc- 10- archives.html(visited on 08/11/2015).
[52] Sandeesh Uppoor, Diala Naboulsi, and Marco Fiore.Vehicular mobility trace of the City of Cologne, Germany. URL: http : / / kolntrace . project . citi - lab . fr (visited on 08/25/2015).
[53] Sandesh Uppoor and Marco Fiore. “MobiCom 2011 Poster: Vehicular Mobility in Large-scale Urban Environments”. In:SIGMOBILE Mob. Comput. Commun. Rev.15.4 (Mar. 2012), pp. 55–57. DOI:10.1145/2169077.2169089.
[54] Thaddeus. Vincenty. “Direct and inverse solutions of geodesics on the ellipsoid with appli-cation of nested equations”. In:Survey Review23.176 (1975), pp. 88–93.
[55] Report of OpenBSC GSM field test. Hacking at Random (HAR2009). Vierhouten, The Netherlands, Aug. 2009. URL:http://openbsc.osmocom.org/trac/raw-attachment/
wiki/FieldTests/HAR2009/har2009-gsm-report.pdf(visited on 04/23/2015).
[56] Alan F. Westin.Privacy and Freedom. New York: Atheneum, 1967.
[57] Yu Yu.Cloning 3G/4G with a PC and an Oscilloscope: Lessons Learned in Physical Security.
Black Hat USA 2015. 2015. URL:https://www.blackhat.com/us-15/briefings.html#
cloning- 3g- 4g- sim- cards- with- a- pc- and- an- oscilloscope- lessons- learned-in-physical-security(visited on 08/11/2015).