Slashdot Mirror
Russians Order Mobile Phone Encryption Removed
PenguinRadio writes "The Moscow Times is reporting that Russian security officers (The FSB, formerly the KGB) ordered all mobile phone providers to switch off their encryption systems for 24 hours, so the police could eavesdrop on all calls. An alert, either an exclamation point or an unlocked padlock, was sent to the phones in question. This is the second time such an order was given - the last time was after the hostage crisis involving Chechnya fighters in a Moscow theater. At least the Russian has the courtesy to warn all their phone users that this was going on. Not sure what the standard FBI procedure is on something like this..."
The only thing GSM encryption prevents is eavesdropping on GSM calls with radio receivers. Law enforcement can still wiretap where the GSM call hits the copper, after all the call has to be decrypted by the phone network.
I don't really see why they'd have to do this, technically.
Perhaps they just wanted to "appease" the public by showing them that they are invading their privacy to search for Chechyen terrorists? After all, this is pretty visible.
As proven by the German CCC
The session key used by the A5 cipher in the GSM standard is 64 bits. Interestingly, ten of those bits are not used. Suspicious people have claimed that the key length was reduced to facilitate eavesdropping. Carriers hotly deny this (http://jya.com/gsm042098.txt).
Looking at it from first principles, there'd be little reason to disable encryption for a single user. Law enforcement could tap the phone network downstream of the tower, and intelligence services would want to listen to everybody. (I'm speculating 'cause I don't know).
The russian authorities have a law (SORM) which requires any communications provider to have special equipment tapped by FSB. This law is well implemented and therefore FSB has access to all phone conversation regardless of the encryption.
The true purpose of this action is any one of the following in order of highest to lowest probability:
1) Draw public attention to the bombing/terrorist act and drum up support for whatever it is the government is planning next. Good way to do it as anyone and their dog carries a cell phone. Bad way to really tap conversations since now everyone knows they are being tapped.
2) Draw a lot of attention to current interior minister Gryzlov and his tough and honest men tactics (that and the current cleaning of "dishonest" policement from less important police units). He's probably getting promoted to
head up some political party so that will help.
3) Put the terrorists/chechens/whoever on the run - scare them etc. This sure is a big dynamite in a small pond though - so i doubt it.
4) Have other units not equipped with SORM uplink do the tapping, using scanners or some such. Unlikely since GSM even when unencrypted still can't be listened in on without expensive equipment. I doubt this one even more, but i had to put it here for the sake of balanced options:)
The clipper chip was most assuredly implemented. In fact, Clipper chips sold more PCMCIA interfaces for desktop computers than just about any other application. Clipper chips were sealed modules, and PCMCIA seemed like the best way to package them.
Interestingly, there was an attack for the Clipper chip which would let you encrypt your messages such that they would appear to be decryptable by the government, but if they tried to decrypt them they'd fail.
Clipper worked as well as having government agents dressed in nazi-esque outfits in locksmith stores asking for voluntary copies of your house keys would work. That's to say, government agencies used it, but nobody else.