GSM Cracked Source Article=Wired Magazine--one of my favorites.
JohnG
Cell Phone Crypto Penetrated
by Declan McCullagh
10:55 a.m. 6.Dec.1999 PST
Israeli researchers have discovered
design flaws that allow the
descrambling of supposedly private
conversations carried by hundreds of
millions of wireless phones.
Alex Biryukov and Adi Shamir describe
in a paper to be published this week
how a PC with 128 MB RAM and large
hard drives can penetrate the security
of a phone call or data transmission in
less than one second.
More Infostructure in Wired News
Read more about Gadgets and Gizmos
Check back with Wired News for
continuing coverage
Read more Politics -- from Wired News
Read more Technology -- from Wired
News
The flawed algorithm appears in digital
GSM phones made by companies such
as Motorola, Ericsson, and Siemens,
and used by well over 100 million
customers in Europe and the United
States. Recent estimates say there are
over 230 million users worldwide who
account for 65 percent of the digital
wireless market.
Although the paper describes how the
GSM scrambling algorithm can be
deciphered if a call is intercepted,
plucking a transmission from the air is
not yet practical for individuals to do.
James Moran, the fraud and security
director of the GSM Association in
Dublin, says that "nowhere in the world
has it been demonstrated --an ability
to intercept a call on the GSM network.
That's a fact.... To our knowledge
there's no hardware capable of
intercepting."
The GSM Association, an industry
group, touts the standards as
"designed to conform to the most
stringent standards of security possible
from the outset [and] unchallenged as
the world's most secure public digital
wireless system."
Not any more.
Shamir says the paper he co-authored
with a Weizmann Institute of Science
colleague in Rehovot, Israel, describes
a successful attack on the A5/1
algorithm, which is used for GSM voice
and data confidentiality. It builds on the
results of previous attempts to attack
the cipher.
"It's quite a complex idea, in which we
fight on many fronts to accumulate
several small improvements which
together make a big difference, so the
paper is not easy to read or write,"
Shamir, a co-inventor of the RSA public
key crypto system in 1977, said in an
email to Wired News.
Cell Phone Crypto Penetrated page 2
10:55 a.m. 6.Dec.1999 PST
continued
A group of Silicon Valley cypherpunks
has organized previous efforts to
highlight what they view as the poor
security of GSM encryption standards.
In April 1998 they reported that it was
possible to clone a GSM phone, which
the US Cellular Telecommunications
Industry Association dismissed as more
theoretical than practical. The North
American GSM Alliance similarly
dismissed cloning as a serious threat in
a statement.
Earlier this year, the group, which
includes Marc Briceno, Ian Goldberg,
and David Wagner, described how to
penetrate the less-secure GSM A5/2
algorithm used in some Pacific rim
countries in less than a second. In May
1999 they released the source code to
A5/1, which the Weizmann Institute
computer scientists used in their
analysis of the cipher.
"Because of Biryukov and Shamir's
real-time attack against A5/1 and our
group's 15 millisecond attack against
A5/2, all the GSM voice privacy ciphers
used worldwide can be broken by an
attacker with just a single PC and some
radio hardware," Briceno said.
"Since the voice privacy encryption is
performed by the handset, only
replacing the handset would address
the flaws found in the recent attacks,"
he said.
The GSM Alliance's Moran said he
needed time to review the paper, which
has not yet been released. But he said
it would be a topic of a discussion at
the next GSM security working group
meeting on 16 December.
Previously the GSM encryption
algorithms have come under fire for
being developed in secret away from
public scrutiny -- which most experts
say is the only way to ensure high
security.
Moran said "it wasn't the attitude at
the time to publish algorithms" when
the A5 ciphers was developed in 1989,
but current ones being created will be
published for peer review. |
