Open Source Attempt To Crack GSM Encryption

Lexta writes with an interesting tidbit from IEEE Spectrum: "'Karsten Nohl, chief research scientist with H4RDW4RE, a Sunnyvale, Calif.-based security research firm, is mounting what could be the most ambitious attempt yet to compromise the GSM phone system.' The intended approach is to create an open source project to spread the computation of a giant look-up table across more than 80 machines. Interestingly, they've openly stated that nVidia's CUDA technology will be used to execute parallel elements of the problem on GPUs as well."

Re:Oh my gosh

[RichardJenkins]

That's not the way you use a phone.

Re:Hackers Sell Out

Saying they are anti-opensource is a bit much don't you think? They are a corporation who just haven't figured out how being open source would be more beneficial to them and their share-holders than remaining closed.

I believe if they were "anti-opensopurce" most people wouldn't have that nice nvidia wrapper for the driver on linux systems. Why waste time making it at all if they are "anti-opensource"?

Just because they haven't opened their code to the universe doesn't mean they are against open-source; just that they haven't found a means to leverage it to their advantage which companies like to do.

Businesses are about the bottom line, money, and how to make more and keep what they got. Opensource is about sharing and giving up control; it is a hard thing for a lot of companies to fit into their business plan and sell to investors.

Good thing they're going to use open source

[ClosedSource]

Nobody wants GSM Encryption broken if it's done using proprietary code. And if the general public is told this is illegal, just think of the free publicity for open source!

Re:Good thing they're going to use open source

[shmlco]

Who wants it cracked in the first place? The only interests served are those of crooks and spys.

Re:Good thing they're going to use open source

[Rich0]

So which is it? Cracked or not?

I dunno - maybe if we interrogated everybody with a supercomputer we might find out. For that matter, if we interrogated everybody we might figure out who has supercomputers.

If these guys are talking about this being something that a bunch of people can do with donated CPU/GPU time, then there is a good chance that somebody has a bunch of ASICs and a rainbow table already. They probably have had it for a number of years.

Keep in mind that the cracking of Enigma wasn't publicly disclosed until the 1970s I believe. At the time some people were actually still using the cipher - after all, why not since as far as anybody knew it was unbreakable? If you secretly spend millions or tens-hundreds of millions of dollars to crack a cipher, the last thing you do is tell the world about it so that people stop using the cipher that you can now read.

Re:A big book

[bhima]

The key phrases you are looking for are "rainbow tables"; "time / memory trade-off"; "distributed computing"; "embarrassingly parallel"; "GPGPU Computing" and probably "More's Law".

So now computers are faster than when they cooked that "100,000 years" phrase. They are employing many different computers with multiple cores. GPUs are much faster at this calculation that X86 processors. Rainbow tables are ingenious methods to store precomputed results, so the actual cracking is simple comparisons between encrypted text with known values and the data you are attacking.

Re:Hmm... just when Google want us to leave GSM to

when Google want us to leave GSM too

Spoken like a true Google fanboi, I bet the only program you run on a computer is a browser.

Re:Big deal

[balbeir]

Woosh

Sp3ll1ng

[dangitman]

H4RDW4RE?

Are we really supposed to take a company seriously, when its own name substitutes numerals for letters?