In order to keep a conversation between two mobile devices private and secure, service providers use algorithmic encryption. The most widely used protocol around the globe is a 64-bit Global System for Mobiles (GSM) algorithm called A5/1 which was developed in 1988. GSM prevents interception of conversations by forcing devices and base stations to constantly change frequencies. Whilst many 3G networks now use the more up-to-date 128-bit A5/3 version developed in 2007, the vast majority of mobile providers do not appear to have upgraded.
A5/1 GSM encryption stream cypher diagram
Breaking out of the lab
There have been “in the lab” rumblings about numerous flaws in the 64-bit system for a few years now but nothing about serious threats out in the wild. Until now that is. At the recent Chaos Communication Congress in Berlin, security researcher and privacy advocate Karsten Nohl (who grabbed headlines in2008 when he published details of security weaknesses of the Mifare Classic wireless smart card chip) gave details of how he and his team had spent some months cracking open A5/1.
Nohl’s research project “aims at publicizing cryptographic weaknesses found in today’s cellular networks. We are not advocating to exploit these weaknesses but rather want to inform about the fact that GSM calls are already being intercepted and decrypted using commercial tools.”
Nohl’s team has not only created sets of instructions to quickly look up all the values from huge tables which show all of the possible inputs and outputs of 64-bit algorithms, but has also managed to spread the storage of those tables, known as rainbow tables, over a distributed system of nodes. Each node “donates” processing and storage power for a piece of the code book.
Armed with a laptop, some relatively inexpensive hardware and a couple of network cards, an eavesdropper now has the potential to intercept an A5/1-protected call or text, record it and then use the technical know-how published on the internet to successfully decrypt it in seconds. Nohl told CNET “GSM’s A5/1 encryption function uses a 64-bit key that is too short to withstand the computing power available today. When the algorithm was designed 20 years ago when CPU [central processing unit] cycles and storage were much more expensive, it must have seemed a lot more secure.”
To worry or not to worry…
The GSM Association has adopted a defensive pose and played down the seriousness of the breach, saying that applying the results of the research is “a long way from being a practical attack on GSM” and accusing Nohl and his team of engaging in “highly illegal” activity. Nohl, however, states that legal advice has been obtained that shows all is “within the legal realm” and is encouraging mobile service providers to update their infrastructures before someone puts all of the pieces together and builds a full GSM interceptor to fully exploit the weaknesses.
If the dismissive position of the GSM Association is reflecting of industry attitude towards customer security, are you concerned that security exploits as demonstrated by Nohl could render your texts and conversations available for just about anyone to see or hear?
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Step into your favorite film with a pair of 3D glasses
Experience movies and video games in the most realistic way with a pair of 3D glasses. Our guide has the best to help you narrow down your choice.