Categories: MobilitySecurity

Mobile Industry Downplays Cracking Of GSM Code

The Global System for Mobile Communications Association (GSMA) has downplayed concerns over the security of mobile phone calls, after researchers this week cracked and published the encryption code that protects 80 percent of the world’s mobile phones.

The GSMA claims the latest attack on the A5/1 encryption algorithm is not practical.

According to reports, cryptographer Karsten Nohl led an effort to break the 21-year-old GSM algorithm used to protect the privacy of 80 percent of mobile phone calls worldwide. Known as the A5/1 algorithm, the cipher has been used to secure digital phone conversations since 1988.

In his 27 December presentation at the Chaos Communication Conference in Berlin, Nohl stated he had 2TB of cracking tables that could be used to find the encryption key being used to protect a telephone conversation. According to the New York Times, Nohl told conference attendees his research shows “existing GSM security is inadequate.”

“We are trying to push operators to adopt better security measures for mobile phone calls,” Nohl said.

However, the GSMA (Global System for Mobile Communications Association), which represents wireless companies, said the impact of the discovery is being overstated.

“Over the past few years, a number of academic papers setting out, in theory, how the A5/1 algorithm could be compromised have been published,” GSMA spokesperson Claire Canton told eWEEK. “However, none to date have led to a practical attack capability being developed against A5/1 that can be used on live, commercial GSM networks.”

In 2007 and 2008, a hacking group claimed to be building an attack on A5/1 by constructing a large look-up table of approximately 2TB, Canton said, adding someone with access to such a table could theoretically analyse an encrypted call and recover the encryption key. However, before a practical attack could be attempted, the GSM call has to be identified and recorded from the radio interface, she explained.

“So far, this aspect of the methodology has not been explained in any detail and we strongly suspect that the teams attempting to develop an intercept capability have underestimated its practical complexity,” Canton said. “A hacker would need a radio receiver system and the signal processing software necessary to process the raw radio data. The complex knowledge required to develop such software is subject to intellectual property rights, making it difficult to turn into a commercial product.”

The codebook Nohl and his cohorts developed is available on the Internet via BitTorrent, though he reportedly did not discuss where it could be downloaded due to legal concerns.

Prior to this latest discovery, the GSMA had already been working on enhancing encryption, and has developed A5/3 to take the place of A5/1, Canton said.

“Over the past decade, export control agencies have removed many of the traditional barriers to the sale of cryptographic technologies enabling the development and use of A5/3,” she noted. “This new privacy algorithm is being phased in to replace A5/1.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

17 hours ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

19 hours ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

21 hours ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

2 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

2 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

2 days ago