Jump to content

Expert releases codebook on how to hack GSM encryption

voodoo_

By voodoo_
in Internet & mobile

 Share

Recommended Posts

voodoo_

voodoo_

Posted
Posted

http://www.afterdawn.com/news/archive/21048.cfm

Expert cracks GSM phone call encryption

Karsten Nohl of Germany, an engineer and encryption expert, announced at the Chaos Communication Congress this week that he had broken the 64-bit A5/1 encryption algorithm currently used to secure and encrypt GSM phone calls made in most of the world's countries.

If the algorithms are cracked, then outsiders could theoretically listen in on any phone conversation of their choosing, which would lead to extreme lapses in security and privacy. Nohl says: “This shows that existing G.S.M. security is inadequate. We are trying to push operators to adopt better security measures for mobile phone calls.”

The GSM Association, the group behind the algorithms, has called Nohl's "hacking" illegal. “This is theoretically possible but practically unlikely,” added Claire Cranton, an association spokeswoman, via NYT. “What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”

GSM is the most widely used standard in the world, with about 3.5 billion of all 4.3 billion wireless connections in the world using the standard. Rival CDMA, is used mainly in the United States and in small use in other countries such as China.

Some experts agree with Nohl's findings and believe everyone should upgrade their systems to the newer 128-bit A5/1 encryption algorithm, which is still considered completely secure.

http://www.afterdawn.com/news/archive/21073.cfm

Expert releases codebook on how to hack GSM encryption

Yesterday we reported that Karsten Nohl of Germany, an engineer and encryption expert, had broken the 64-bit A5/1 encryption algorithm currently used to secure and encrypt GSM phone calls made in most of the world's countries.

Today, Nohl has published a how-to guide on how to crack the encryption, saying that users with a high-end PC, a radio and some easily downloaded software can record phone calls using the codes.

"The message is to have better security, not we want to break you," says Nohl of his decision to make the codebook available via file sharing sites. "The goal is better security. If we created more demand for more security, if any of the network operators could use this as a marketing feature ... that would be the best possible outcome."

The 64-bit A5/1 algorithm is 21 years old and has been protecting GSM networks since its implementation in 1988. Law enforcement has had the ability to intercept GSM calls for decades, and regular wiretapping is also possible. 3G networks use fully secure 128-bit A5/1, and the GSMA says they are gradually phasing out the A5/1 for the more secure A5/3.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


×
×
  • Create New...