Cracking GSM

← Back to Stories (view on slashdot.org)

Posted by michael on Thursday September 4, 2003 @01:20AM from the gsm-was-smashed-like-a-bowl-of-eggs dept.

RobertM writes "Professor Eli Biham, one of the worlds most famous crypto analysts, together with two of his students presented an interesting paper on flaws in GSM at the IACR Crypto conference. The GSM association is not happy. Read more on theReg." There's also a Reuters article about the situation.

7 of 359 comments (clear)

This is news? by dphoenix · 2003-09-04 01:23 · Score: 5, Funny

I don't see how this is news, I've known about this for months, I heard them talking about it on their GSM pho- uh, nevermind.
that is a road by Anonymous Coward · 2003-09-04 01:27 · Score: 5, Informative

the UK M5 is a road. perhaps you mean MI5?
1. Re:that is a road by troc · 2003-09-04 02:28 · Score: 5, Funny
  
  I have always suspected the M5 of being "more" than just a road. All those caravans must be up to something, the way they all travel in swarms to the same places at the same times. I firmly think the bad driving, weird lane usage, flat caps and children are all either a secret language or simply designed to throw us off the scent.
  
  Or maybe I need to take my pills.
  
  Troc :)
  
  --
  Troc's dubious podcast and blog: http://www.trocnet.net
Hey! I know these people! by epsalon · 2003-09-04 01:30 · Score: 5, Informative

Elad, Nathan, Eli Biham and Orr Dunkelman (which was not listed for some reason) are friends of mine at the Technion Israeli Institute of Technology. Their previous attack on A5/1 required a few hundred GB of HD space and dedicated telephony equipment to pull. A5/2 is a peace of cake in comparison. This new attack makes it ciphertext only. That means that you don't have to initiate a short call (for example) to the evesdropee or knowing some part of the call (like with voicemail) before breaking the encryption. It uses the signal correction mechanism to initialize itself.

In general, this is no big news, because this equipment is hard to aquire and the benefits are not that great. In comparison, CDMA and TDMA don't (effectively) encrypt calls at all.

--

Make even shorter URLs - 8LN.org
the new 3G ad campaign by Alien+Being · 2003-09-04 01:35 · Score: 5, Funny

"they can hear you now."

"they can hear you now."
Instant Cryptanalysis by IRandom · 2003-09-04 01:37 · Score: 5, Informative

The novelety of this attack is that it is instantanous. The cryptanalysis is done one when the call is being established (when the phone just rings) even before any any real conversation is being done.
The exact details are still secret but the attack exploits a misuse of Error Correcting Codes (ECC - are used in communication protocols to correct random noise errors).
It seems that instead of encrypting the conversation and then employing ECC, the GSM does it the other way thus leaking enough data for the cryptanalysis to be performed
Re:A patented crack? by Kombat · 2003-09-04 01:59 · Score: 5, Insightful

Governments don't need to crack the signal. They can already listen in on the unencrypted conversation at the base station, or even central office. Vendors of cell equipment are required by law to provide these back doors to government and law enforcement. If they didn't, then they simply couldn't sell their equipment. I know - I used to work in the cell phone billing division of Nortel.

--
Like woodworking? Build your own picture frames.