Snooping on GSM phones is a doddle
EAVESDROPPING on GSM phones could become more widespread after a hacker broke the encryption algorithm and published the lot.
According to PC World, in a presentation at the Chaos Communication Conference in Berlin, researcher Karsten Nohl said that he had compiled two terabytes worth of cracking tables to work out which encryption key was used to secure a GSM telephone conversation or text message.
It won’t be long before someone works out a GSM cracking device, he claimed, although of course that would be regarded as illegal by the GSM phone networks.
GSM is vulnerable because of the weak nature of its 20 year old encryption algorithm. It’s a 64-bit cipher called A5/1.
Nohl said that by using his tables, plus antennas, specialized software and $30,000 worth of computing hardware to break the cipher, someone can crack the GSM encryption in real time and listen in on calls.
Nohl, who uses a Blackberry GSM phone himself but has taken to using encrypted landlines for private conversations, says that the point of the research is to make it clear that GSM calls are not secure.
The GSM Association has developed a next-generation standard called A5/3 that is considered much more secure. That’s the standard that is used on 3G networks to carry Internet traffic.
No comments yet.