Tuesday, December 29, 2009

Eavesdropping On GSM Calls Just Got Easier

The New York Times is reporting that German computer scientist Karsten Nohl has cracked and published the "secret" code used by billions of wireless connections across the world. The the A5/1 algorithm code, which was originally developed in 1988 and is used to encrypt 80% of worldwide mobile calls, is now publicly available via BitTorrent, leaving GSM calls vulnerable to eavesdropping.

Nohl, with the aid of 24 other people have cracked the keys used to keep GSM calls and communications private. The end result is a database which is much like the equivalent of a large phone book for encryption keys. With a copy of these keys, some rather inexpensive hardware and software any user anywhere in the world could start listening in to calls.

“This shows that existing G.S.M. security is inadequate,” Mr. Nohl, 28, told about 600 people attending the Chaos Communication Congress, a four-day conference of computer hackers that runs through Wednesday in Berlin. “We are trying to push operators to adopt better security measures for mobile phone calls.”

In a statement, the G.S.M. Association said efforts to crack the algorithm were more complex than critics have asserted, and that operators, by simply modifying the existing algorithm, could thwart any unintended surveillance.

The group said that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.

But Mr. Nohl, during a presentation Sunday to attendees at the Berlin conference, said the hardware and software needed for digital surveillance were available free as an open-source product in which the coding is available for individuals to tailor to their needs.

Not the first GSM crack
This is not the first time the GSM system has been cracked. Back in 2008 security researchers David Hulton and Steve Muller demonstrated a GSM crack that utilized less than $1,000 worth of equipment. Their crack was far less sophisticated than the one using Nohl's database. They simply tracked a phone's mobile subscription identification number and built-in hardware ID. This new crack gives users more widespread coverage across several different devices as once.

The A5/1 algorithm used to encrypt GSM handsets is more than two decades old and is based on a 64-bit security algorithm. The next-generation standard called A5/3 that is considered much more secure is set to be deployed, yet at this time only reaches about 20% of the all devices. Companies have put off upgrading to the new algorithm, a move Knol hopes will be rethought after he posts his findings.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you