The eSIM lives in dedicated, tamper-proof hardware inside your phone, separate from the application processor OS (which would be the domain of rooting) or often even the baseband. Under the eSIM security model, it holds keys that the device owner is not supposed to be able to extract, not even when they're willing to physically dismantle the chip holding it.
> Are you saying that it breaks the security in a way that someone who doesn't own my phone and doesn't have physical access to my phone can compromise my phone and/or my eSIM?
Yes, it does: Currently, providers assume that any eSIM honors the "singleton contract" described above. One that does not, e.g. one simulated in software using keys extracted from a physical trusted eUICC, could be used to mount the following attack:
1. Intercept the eSIM setup QR code (which contains two things: the URL of the SM-DP and a secret profile identifier)
2. Install the eSIM profile on their "software eSIM".
3. Report the eSIM as successfully deleted to the SM-DP, which now considers it available for installs again.
4. You, the legitimate owner of the eSIM, now install it on your unmodified eUICC in your phone and go about your day.
5. One day, ideally when your legitimate SIM is offline, the attacker inserts their eSIM into a phone and intercepts phone calls and SMS to your number, initiates expensive toll calls etc.
One solution here would be to never allow re-installs of the same eSIM profile, which some providers already do, but I personally don't like eSIM profiles managed that way, as it requires me to interact with carrier support and often even pay money just to transfer an eSIM to a new device.
How to steal the QR code is of scope of the attack described and is dependent on the security profile of any given carrier, but the important point is this:
Currently, an attacker installing the eSIM profile themselves is very visible, as it breaks the QR code for the legitimate user due to the singleton property (or, if the user installs it first, locks the attacker out anyway). If it happens, the legitimate user will call in and complain, and the carrier will at least revoke the current profile, and possibly even realize that something's afoot.
That property going away probably changes the threat model of most carriers in a way not initially anticipated.
Thank you. I think my confusion on concern stemmed from some opinions I held:
- Any key of mine should be copyable by me.
- Any key of mine (or copy thereof) should be usable as I see fit*.
- If someone had physical access to a device, we can assume they control it and have all information and communications on it, potentially forever due to the layered architecture of modern hardware systems.
- If someone compromised a network provider, we can assume they control all configuration and communication, potentially forever on the existing devices, for the same reasons.
* - though I obviously wouldn't want to use them in a way that illegally hurts people, like driving drunk and getting into an accident
The thing with eSIMs and SIM cards before is that they aren't keys of yours, network carriers like to own them instead. Everything about mobile communications is oriented towards that. The tamper-proof chips, "secure" firmware etc.
> Are you saying that it breaks the security in a way that someone who doesn't own my phone and doesn't have physical access to my phone can compromise my phone and/or my eSIM?
Yes, it does: Currently, providers assume that any eSIM honors the "singleton contract" described above. One that does not, e.g. one simulated in software using keys extracted from a physical trusted eUICC, could be used to mount the following attack:
1. Intercept the eSIM setup QR code (which contains two things: the URL of the SM-DP and a secret profile identifier)
2. Install the eSIM profile on their "software eSIM".
3. Report the eSIM as successfully deleted to the SM-DP, which now considers it available for installs again.
4. You, the legitimate owner of the eSIM, now install it on your unmodified eUICC in your phone and go about your day.
5. One day, ideally when your legitimate SIM is offline, the attacker inserts their eSIM into a phone and intercepts phone calls and SMS to your number, initiates expensive toll calls etc.
One solution here would be to never allow re-installs of the same eSIM profile, which some providers already do, but I personally don't like eSIM profiles managed that way, as it requires me to interact with carrier support and often even pay money just to transfer an eSIM to a new device.