Started by timerBRANCHmasterEMAIL_NOTIFICATIONSjenkins-notifications@lists.osmocom.org00554701534701531.0493493047064600567816b31eb07ec975275a03fa0f521d228d44ac6f4816b31eb07ec975275a03fa0f521d228d44ac6f4origin/master816b31eb07ec975275a03fa0f521d228d44ac6f4816b31eb07ec975275a03fa0f521d228d44ac6f4origin/master5b52b9704ed57386959a73c98e946c756e0188e6cb52b9704ed57386959a73c98e946c756e0188e6crefs/remotes/origin/osmith/wipb52b9704ed57386959a73c98e946c756e0188e6cb52b9704ed57386959a73c98e946c756e0188e6crefs/remotes/origin/osmith/wip253c7c48718ba3637e29fc6a7af4e2e39ba0679bb8dc7c48718ba3637e29fc6a7af4e2e39ba0679bb8drefs/remotes/origin/masterc7c48718ba3637e29fc6a7af4e2e39ba0679bb8dc7c48718ba3637e29fc6a7af4e2e39ba0679bb8drefs/remotes/origin/master816b31eb07ec975275a03fa0f521d228d44ac6f4816b31eb07ec975275a03fa0f521d228d44ac6f4origin/masterhttps://gerrit.osmocom.org/pysimhttps://jenkins.osmocom.org/jenkins/view/all/job/simtester-sanitize/567/artifacthttps://jenkins.osmocom.org/jenkins/view/all/job/simtester-sanitize/changeshttps://jenkins.osmocom.org/jenkins/view/all/job/simtester-sanitize/567/https://jenkins.osmocom.org/jenkins/view/all/job/simtester-sanitize/567/testReportfalse#567470153470201simtester-sanitize #567567falsefalse56790486SUCCESS1776386581670https://jenkins.osmocom.org/jenkins/view/all/job/simtester-sanitize/567/simtesterpySim-prog.py816b31eb07ec975275a03fa0f521d228d44ac6f41776253811000https://jenkins.osmocom.org/jenkins/user/pmaierpmaier@sysmocom.depmaier@sysmocom.depySim-prog: fix Insecure PRNG for SIM Authentication Keys (CWE-338) Root Cause: pySim-prog.py uses Python's random module (Mersenne Twister MT19937) to generate Ki and OPC — the root authentication keys for SIM cards. MT19937 is a deterministic PRNG that is not cryptographically secure. Its internal state (624 × 32-bit words, 19,937 bits) can be fully recovered after observing 624 consecutive outputs. Impact: 1. SIM Card Cloning: An attacker who determines the PRNG state can predict all Ki/OPC values generated before and after. With these keys, SIM cards can be cloned. 2. Network Authentication Bypass: Ki/OPC are used in the Milenage algorithm for 3G/4G/5G authentication. Predictable keys mean an attacker can authenticate as any subscriber whose SIM was provisioned with the weak RNG. 3. Batch Compromise: In bulk provisioning scenarios (pySim-prog's primary use case), hundreds or thousands of SIMs may be programmed sequentially. Compromising one batch means recovering the PRNG state to predict all keys. Fix: Replace random.randrange() with os.urandom() Change-Id: Id3e00d3ec5386f17c1525cacfc7d3f5bba43381f 2026-04-15 13:50:11 +0200816b31eb07ec975275a03fa0f521d228d44ac6f4pySim-prog: fix Insecure PRNG for SIM Authentication Keys (CWE-338)editpySim-prog.pygithttps://jenkins.osmocom.org/jenkins/user/pmaierpmaier@sysmocom.depmaier