GSM encryption really broken

GSM (Global System for Mobile communications) is an open, digital cellular technology used for voice and data services.

GSM supports voice calls and data transfer as well as the transmission of SMS. It operates in the 900MHz and 1.8GHz bands in Europe and the 1.9GHz and 850MHz bands in the US.

Australia, Canada and many South American countries use the 850MHz band for GSM and 3G. There are an estimated 4 billion users in more than 218 countries and its encryption scheme is irreversible broken by now.

At the 26th Chaos Communication Congress Nohl and Paget presented their plan to work out a code book for the A5/1 cipher used by GSM. Karsten Hohl, has recently announce that the full GSM codebook had been produced and the result is a 2TB file that can be used to decrypt and hear the audio in a matter of hours. This represents a turning point, because the big expense and time spent on the creation of the tables does not need to be repeated. The tables are available to hackers that need only to sniff the GSM traffic and spend only a few hours of searching through the tables to be able to hear the conversation.

The GSM spec includes a stronger cipher, A5/3, but both, the phone and the base station have to be able to handle it, otherwise the exchange will reverse back to the weaker cipher.  Carriers are very slow to make the necessary changes and A5/3 does not seem to have a very long life anyways.

 

Related links:

 

Cracking GSM phone crypto via distributed computing

The A5/1 code table site

 

The ‘Enigma’ of the broken GSM phones Encryption

Although it has been known for a few years, the weakness of encryption schemes for GSM phones is in the spotlight again. This time thanks to a group of hackers that made the whole business of listening in, easy and cheap.

GSM has been known to be hackable for years, but the problem is not being fixed as proactively as it should.

Could be drawn with the situation of the Enigma machines being sold around the world after WWII?