Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cell Phone Encryption Exploit Demonstrated

Posted by Soulskill on from the wiretapping-on-the-cheap dept.

Saxophonist brings us a story from Forbes about security researchers who demonstrated a new method for breaking the encryption on GSM cellular signals. The presentation was made at the recent Black Hat conference, and it's notable for the fact that the technique only requires "about half an hour with just $1,000 in computer storage and processing equipment." The researchers also claim to have found a faster method, which they intend to market for $200,000 - $500,000. Quoting: "Undetectable, 'passive' systems like the one that Muller and Hulton have created aren't new either, though previous technologies required about a million dollars worth of hardware and used a "brute force" tactic that tried 33 million times as many passwords to decrypt a cell signal. All of that means, Hulton and Muller argue, that their cheaper technique is simply drawing needed attention to a problem that mobile carriers have long ignored--one that well-financed eavesdroppers may have been exploiting for years. 'If governments or other people with millions of dollars can listen to your conversations right now, why shouldn't your next-door neighbor?' Muller says."

9 of 153 comments (clear)

  1. GNUradio is also up to GSM cracking by erlehmann · · Score: 4, Informative

    and i'll bet they won't charge anything.

    check out some movie about the GSM state of security [1] and mod me informative. ;)

    [1] http://chaosradio.ccc.de/camp2007_m4v_2015.html

  2. Re:There never was end-to-end encryption... by QuantumG · · Score: 4, Informative

    Ya know, it *is* strange. Take, for example, Pidgin (formerly GAIM). There's about two dozen plugins for it. One of the plugins is Pidgin-Encrypt which does everything that you would expect (except possibly for some sort of certificate system) and is about as secure as ssh. Does it come with Pidgin by default? No. Is it enabled by default? No. Why not? Why is encryption still considered some opt-in alternative? Considering that it takes both parties to consciously choose to install this plug-in, the grand total of people who use it is about 10.

    --
    How we know is more important than what we know.
  3. Re:For those three people ... by Anonymous Coward · · Score: 5, Informative

    Newsflash - most of the world outside the US uses GSM.

  4. Re:Coming soon, try it yourself... by TubeSteak · · Score: 3, Informative

    I'm wondering how you ever could tune in to the correct conversation, with thousands of mobile phones transmitting at the same time. GSM phones identify themselves to the network using a unique International Mobile Equipment Identity (IMEI) #.

    This number is usually printed on the phone somewhere under the battery cover & is retrievable from the phone's software.
    --
    [Fuck Beta]
    o0t!
  5. Re:Not too afraid by Splab · · Score: 3, Informative

    Ever talk about hating your job?

    Yes often, even when at work. Its also no secret that I hate my top boss.

    Lying on taxes is pretty much a national trait around here (Denmark), so again yes - some of us have no worries.

    But I do despise the fact that someone can listen in on stuff, even though most of what we do is no secret, its still something that annoys me.
  6. Re:because by Dan541 · · Score: 3, Informative

    Anyway, for those of you wondering what someone could possibly say over a cell phone that's so intercept-worthy, some fancy banks require a key-press or auditory password to access balances and even move funds. You know, like in the movies. You talk as if phone banking is only in the movies. Millions of people access bank accounts this way myself included.

    ~Dan

    --
    An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
  7. Lets look at some facts.... by threeturn · · Score: 4, Informative
    This is a good hack, and impressive work by all involved, but its rather limited in its application. It only works against the GSM A5/1 encryption algorithm. While there is a huge amount of A5/1 equipment out there it's a ~30 year old algorithm that was designed to run on battery powered equipment from the late 80s.

    New GSM equipment already supports A5/3 which is still secure. I think the main impact of this hack is going to be some sensational headlines and a big push to make A5/3 universally available.

  8. Re:For those three people ... by GreatBunzinni · · Score: 3, Informative

    Don't you mean 2.3 billion people? I mean, over 80% of the world's cell phones? The world doesn't end at your doorstop, you know?

    --
    Slashdot, fix your code or at least hire someone who is competent at it to do it for you.
  9. Re:because by TheLink · · Score: 3, Informative

    Regarding government interception, GSM encryption is only from phone to station. At the Telco it's plaintext. So govs can (and probably do) listen to GSM phone calls. Should be common knowledge amongst telco people.

    So GSM crypto even if it was uncrackable is not very helpful if you're really trying to hide your comms.

    Someone I knew once claimed to have extra crypto on his GSM phone so that he could talk "securely" to other people similarly equipped.

    --