toggle

GSM phone security cracked, published

updated 02:55 pm EST, Mon December 28, 2009

Cellphone protocol deemed vulnerable


German software engineer Karsten Nohl said at the Chaos Communication Congress hacker expo today that he and a group have cracked and published the primary encryption code for GSM, the protocol that handles most non-3G cellphone calls. The team says it has used legal methods to break the A5/1 standard, which prevents easy snooping, and has made available a 'code book' of binary data that could theoretically be used to decipher the content of a call within hours or even minutes rather than weeks.

Nohl characterizes the hack as a 'white hat' gesture meant to underscore the vulnerability of the GSM system. Its protocols were finalized in 1988 and use relatively mild 64-bit encryption, which is comparatively easy to break. An updated but rarely used GSM spec known as A5/3, as well as 3G calls on UMTS and HSPA, use much tougher 128-bit encryption.

Critics from the GSM Association have tried to downplay the discovery, noting that actually listening into a call is much more difficult. It also claims that Nohl's team may be violating the law. Industry security experts note that corporate spying on phone calls is common and that GSM hacks may become common. [via New York Times]


By Electronista Staff

print
email
(5)

TAGS :  

industry, security, mobile phones, GSM Association

Related Articles

Recent Articles

Other Articles

toggle

Previous Comments

  1. Bobfozz

    Fresh-Faced Recruit

    Joined: Jul 2008

    +2
    12/28, 03:06pm | report spam | reply

    White hat?

    Tell the authorities and those who handle the phones and transmission. Get credit for it. But doing this just makes it easier for people who want to create trouble more quickly. Another guy who wasn't loved enough.


  1. testudo

    Fresh-Faced Recruit

    Joined: Aug 2001

    -4
    12/28, 03:18pm | report spam | (1 reply) | reply

    Re: white hat

    Yes, white hat.

    Tell the authorities and those who handle the phones and transmission.

    The authorities? Like whom? The NSA, who's already listening in? Or other groups, like the FBI, FCC, etc, so they would know how to listen in easier?

    And you don't think those who handle the phones and transmission already know the problems they had/have with their security.

    Get credit for it. But doing this just makes it easier for people who want to create trouble more quickly. Another guy who wasn't loved enough.

    No, if they wanted to create trouble, they wouldn't tell anyone and use it to their advantage, and you wouldn't even know about it. That's black hat.


  1. martinX

    Fresh-Faced Recruit

    Joined: Sep 2008

    +1
    12/28, 04:57pm | report spam | reply

    Fear not, citizens.

    The GSM Association, and other entities, are aware of heir activities and have been for some time. Security is a moving target.


Login Here

Not a member of the MacNN forums? Register now for free.

Recently Commented Articles

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

10 Most Read

Recent Reviews

iHome iW2 AirPlay speaker

iHome generally isn't known as a luxury brand when it comes to audio, but it is prolific -- the company's docks and speakers are every ...

Logitech Ultrathin Keyboard Cover

One of the iPad's main weaknesses has always been productivity. It's not a question of apps; while it has taken a little time for a na ...

Logitech UE Air Speaker

If maybe a little more slowly than Apple would like, AirPlay is becoming a staple of the wireless speaker market for iOS devices. The ...

toggle

Most Commented

10 Most Discussed

 
toggle

Popular News