Slashdot Mirror
NSA Able To Crack A5/1 Cellphone Crypto
jones_supa writes "The most widely used cellphone encryption cipher A5/1 can be easily defeated by the National Security Agency, an internal document shows. This gives the agency the means to intercept most of the billions of calls and texts that travel over radiowaves every day, even when the agency would not have the encryption key. Encryption experts have long known the cipher to be weak and have urged providers to upgrade to newer systems. Consequently it is also suggested that other nations likely have the same cracking capability through their own intelligence services. The vulnerability outlined in the NSA document concerns encryption developed in the 1980s but still used widely by cellphones that rely on 2G GSM. It is unclear if the agency may also be able to decode newer forms of encryption, such as those covered under CDMA."
I only speak in Navajo.
The NSA has maintained a policy that any encryption that was able to block their efforts was ILLEGAL in the USA. Do you actually expect anything to work? Bluntly do you expect to have your banking transactions secure when they can crack them. How about your phone call confirmations when they can record them and appear to be you. How about a hacker who walks into the NSA back-door in all of this. This makes the NSA the biggest terrorist and criminal agents in the world and the accomplace to the stunningly biggest crime situation in history where nobody is secure!
Hardly rocket science these days, see e.g.https://srlabs.de/decrypting_gsm/
Well then, just self-censor. Isn't that the road we're heading down?
They have released the rainbow-table and USRP Software nearly 5 years ago, so how is it news that the NSA can do that???
My mobile carrier is AT&T. The NSA doesn't need to break the encryption.
Handheld and desktop radio scanners that cover police, air, sporting events, and other open frequencies are crippled in the USA so that they do not cover cell phone frequencies. Long, long ago before encryption when cell phones first came out, yes you could intercept celll phones, but that stoppped when encryption came in. However these scanners were still banned in the USA.
Other countries allow radio scanners with these frequencies ranges, so the question always was, why not the USA? Now we likely know, as I suspect the NSA and others have had this ability for a long, long time. Perhaps they are projecting the fear of thier own ability and what might wrong with onto the general public. Cannot let John Q Public have this power, can we know? Imagine if private citizens started listening to and watching over the shoulder the government?
It isn't the decryption inside the radio itself, with software defined radio and the proper software, I suspect many encrypted radio signals can be decoded. NO, the real issue is having a radio receiver than can pick up these frequencies to begin with. Now that we "officially" know that A5/1 can be defeated, it is just a matter of time before some guy living in his mother's basement comes out with the proper software - if it hasn't already been done.
I get the feeling they're just drowning themselves in data now. Back in the day, a lot of Turing's great work was for nothing because there wasn't enough staff to process the reams of decrypted traffic coming in, and that was just from the German navy. Yea they can do dumb-ass word-level matching automatically, but I guess most of the potentially useful semantic stuff goes straight down the drain.
Why should we self-censor, they shouldn't be listening in without probable cause. I don't care about differing opinions on that front.
The hackers and crackers receiving a government check & benefits at the NSA, et al, are working the newest countermeasures out almost before a technology hits the public domain. That an older encryption method is compromised by the guys with the biggest budget is not too difficult to believe. Is it possible a submission about hopscotch rules and an NSA headline could get voted in?
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
It isn't a private speech. You have no reasonable expectation of privacy because it is now widely known that the government spies on our communications. Therefore, it is not reasonable to have an expectation of privacy.
Man, the courts really screwed up when they called it an "expectation of privacy".
Well this isn't really news. No encryption is going to be perpetually unbreakable, and the fact that GSM is only marginally better than TDMA/CDMA 2G and AMPS doesn't help the case (yes the second generation cell phone networks that could fallback to AMPS, the weakest part was the fact that they could fallback to AMPS.)
We're not going to be rid of the weak encryption unless all pre-LTE technologies are dropped ASAP. This will not happen until LTE has been out at least 10 years, so we're facing at least another 8 years of being able to fall back to 2G GSM and the ability to be intercepted easily. By the time LTE is entrenched, it's encryption will likely be broken as well. Though in more likeliness it won't be the phone-to-base station crypto breaking that matters, but rather the interconnects (fiber) instead.
So if the NSA can do it, I can do it too right? I be charged with illegal wiretapping?
Why should we self-censor, they shouldn't be listening in without probable cause.
How quaint, this guy still believes in human rights. Haven't you heard? Nowadays we can target and kill a 16 year old American boy via drone strike and it's all on the up-and-up.
https://www.aclu.org/national-security/aclu-ccr-lawsuit-american-boy-killed-us-drone-strike
1. A5/1 is the "insecure, intended for export" cipher. Any US or European operator that uses it is not following recommendations.
2. It was cracked in the early 1990s. It would be bizarre if the NSA didn't know how to read it. Like I said, it was never intended to be secure by its creators. As in - GCHQ, the NSA's UK ally, has ALWAYS known how to crack it.
3. One problem with intercepting a GSM mobile call would be dealing with the fact that, as soon as you move away from the transmitting device, you're having to deal with interference from neighboring cells. Which is why any intelligence agency worth its salt isn't going to do that terribly often. What they'd do is install the tap on the operator's network.
So, in short, this article is claiming the NSA "can do" something, but only in non-Western countries, that it's unlikely to need to do given the fact the alternatives are way easier, and that we know it "can do" anyway, and knew it in the mid-1990s, and probably figured it could do right from the beginning given the close relationship between the NSA and CCHQ. This is news... why?
You are not alone. This is not normal. None of this is normal.
And I remember doing this like 3 or 4 years ago with a rainbow table.It was called the $2000 attack by a website teaching how to do it back then.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
Loud and clear. All your phone calls are belong to us.
who can i call? the ones' that sounded cow farts that was me too.... sorry
free the innocent stem cells. never a better time to trust in momkind our spiritual centerpeace
Asking people not to listen in on radio communications is like asking people not to listen in on the guy shouting his opinion on a street corner: if you don't want to be heard, don't shout it.
Now, what they shouldn't be doing is using what they have listened to in any legal (or illegal) process. And regulations ought to require providers to upgrade any encryption which is shown to be broken, issues notices that all calls can be listened to by public or private entities in the meanwhile.
Actually it's an expectation a randomly-selected private individual would have, in the absence of specific knowledge. The proverbial "person on the Clapham omnibus" would have the expectation that the government won't act illegally against him. The paranoid wearing the tinfoil hat in the next seat, who considers all governments illegal and intrusive, doesn't count in this case.
It's also called "a reasonable expectation of privacy", where "reasonable[1]" doesn't include admittedly illegal mass collection efforts by the CSE.
Now that the cat's out of the bag, reasonable expectations still hold (the action's illegal, after all), but absolute ones fail. Consult a lawyer in your country for specifics.
--dave
[1. It's interesting to note you can't translate "reasonableness" into Latin or modern French. It seems to be something very English-language-specific. My college's motto, "Let Reasonableness Flourish", is in English because of that oddity, and it says interesting things about other countrys' jurisprudence.]
davecb@spamcop.net
It's been demonstrated a few times around at the CCC congress over the years. latest iteration only required a 15€ motorola phone and a PC...
And what "single dump" has done? Everyone talked for a month and then nothing. Now maybe people will notice that something is wrong.
Many governments have warned industrialists not to discuss secrets when using a mobile phone near the country borders. Only the radio channels are encrypted in GSM, lawful interception happens on the wired network that interconnects the base stations so eavesdropping on A5/1 is mostly used when lawful interception is not an option, e.g. listening to the GSM traffic of other countries.
And anonymous coward's are the NSA's enemies... stalemate...
^H^H^H^H^H^H^H^Hyes, it is.
--
"It is now safe to switch off your computer."
It's worth noting at this point, that the paranoid among us (fortunately but not coincidentally including people writing cryptography systems), have assumed that the NSA (and others) could theoretically be doing at lot of the things that we now know they have done.
Turns out the paranoiacs were right.
> [1. It's interesting to note you can't translate "reasonableness" into Latin or modern French. It seems to be something very English-language-specific. My college's motto, "Let Reasonableness Flourish", is in English because of that oddity, and it says interesting things about other countrys' jurisprudence.]
After five years of Latin, I feel fairly confident in saying the following:
rationabilis is Latin for "reasonable" or "rational".
-itas is the Latin suffix for "-ness".
Thus, it would be fair to say that "rationabilitas" is Latin for "reasonableness". So no, reasonableness is not an English-language specific concept. And no, it doesn't imply shit about anything.
You just go down to the dmv and tell the nice lady at the counter all of your mistakes and all will be forgiven by Big Brother. And then you'll feel all better!
A few links to further information and some history on this topic http://cryptome.org/0001/gsm-a5-files.htm
Maybe people will see this article and FINALLY see why M-Pesa is an untrustworthy system? (Because texts could be constructed to fool you into thinking there was a payment when there was none / etc.) They really should be switching to something like Bitcoin. (But I don't know how they'd get it to run on their old feature phones.)
Also, CDMA is a *multiplexing technology* (ie airwave coding) , not a full mobile communications standard on its own.
Some NSA cunt marked you as flamebait. Hi NSA cunt. Nice try. You are our enemy.
But I thought you approved the new NCIS agent Ellie Bishop, a transferee from the NSA and replacement for NCIS agent Ziva Davide.
I haven't tried it out yet, but ZRTP apparently provides strong (PGP-based) encryption for VoIP. So why not just quit using cellphone "voice calls" entirely? There exist cellphone plans that provide enough data cheaply enough to make this work economically.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Hey, the DMCA makes it illegal to circumvent DRM no matter how ineffective it is. Surely, since the laws are entirely fair and symmetrical, the expectation of privacy remains when using encrypted communications no matter how ineffective that encryption is... right?
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
http://media.ccc.de/browse/congress/2009/26c3-3654-en-gsm_srsly.html
It is already well known that you can break A5/1 offline anytime you want, and at the 26th CCC there was the "GSM: SRSLY?" conference which outlined the 2 main problems of GSM and UMTS.
GSM A5/1 can be broken (and the give plenty of details), but it is not used in UMTS. No worries, for UMTS you just need a fake station and you are set. No offline decoding though.
"I was gratified to be able to answer promptly, and I did. I said I didn't know." -- Mark Twain
Asking people not to listen in on radio communications is like asking people not to listen in on the guy shouting his opinion on a street corner: if you don't want to be heard, don't shout it.
The problem is that the NSA only claim to collect metadata, when did actual content become metadata? Again as I said earlier, probable cause or GTFO.
who thinks that NSA/FBI/CIA/government would allow any encryption that they couldn't break easily to be used in the U.S. is extremely niave.
"Don't forget to pick up milk on your way home from the office, dear."
What has predator missiles got to do with constitutional rights to privacy?
That mindset of combining security with privacy is what's wrong with America today.
The paranoiacs have done us a huge favor, you can now bring up the NSA in a privacy related discussion without coming across as a tinfoil paranoid nut.
Thus, it would be fair to say that "rationabilitas" is Latin for "reasonableness".
For what it's worth even Google Translate agrees with you.
So true. It is easy to just say "didn't we already know this already", but the Snowden papers have really opened people's eyes into what's happening.
Fortunately that doesn't affect the nominally reasonable person by extinguishing their right to privacy. Professional paranoids and whistle-blowers are valuable the the community, but if their existence could make it easy for the CSE to erase my right to privacy, It Would Be Bad (;-))
davecb@spamcop.net
To be fair, it's really Mr. Snowden and the whistle-blowers we should be thanking.
davecb@spamcop.net
Alas, rationabilis was used in non-ecclesiastical latin in strictly the sense of "capable of reasoning", or rational, while we were trying to translate reasonableness in the senses of
If we'd used rationabilis, we would have a real risk of it translating back into English as "let spocky-ness flourish"
davecb@spamcop.net
Well then, just self-censor. Isn't that the road we're heading down?
Fuck that.
Our government is thoroughly corrupt and they'll have to kill me to stop me from saying so.
http://cryptome.org/0001/gsm-a5-files.htm
"If any question why we died, Tell them because our fathers lied."
QED their nefarious character, not your or mine interest in mind.
NSA and its subcontractors are the biggest Ettus customers, they love USRP SRD platform.
Who logs in to gdm? Not I, said the duck.
...when they can rip a BD.
That's totally un-breakable encryption.
Are you suggesting that the RIAA should go after the NSA for breaking DRM laws. I think that's a good point actually, imagine if the NSA were forced to cough up those $150.000 per infringing song or whatever it is, the NSA would fold within the year.
these guys do a really safe calls network - https://xvoice.eu
"What has predator missiles got to do with constitutional rights to privacy?"
When those missiles are killing americans, everything!!
"Asking people not to listen in on radio communications is like asking people not to listen in on the guy shouting his opinion on a street corner: if you don't want to be heard, don't shout it."
Radios aren't built into our heads. Can't say the same about our ears. Like electronic everything it takes the effort of building the devices and tuning in to listen in which unlike a post card or listening to someone speak it isn't obvious.
"It isn't a private speech. You have no reasonable expectation of privacy because it is now widely known that the government spies on our communications. Therefore, it is not reasonable to have an expectation of privacy."
The fact that the government has to go out of it's way to do it says there is an 'expectation of privacy'. Where do you think all the money we pay in taxes goes to? It's sure isn't to help the public.
By one person. One time. After which, distribution of that expertise in the form of software is relatively trivial.
I've fallen off your lawn, and I can't get up.
I am using Secvoice for 6 months without problems and I did not spend one cent for using it. why be subject to eavesdropping if you have a high encryption software available?
My use of this software is not frequent, but in some occasions I need privacy to talk.