When protecting a system, designing network configuration, firewall rule sets etc. The sysadmin/security specialist needs to think of how will he as a hacker from the outside compromise the system security. But when designing the system we wish to protect ourselves also from the attacks we ourselves can not think of. We can attack this problem in several methods: We may assume a single components can fail, for example We may wish to assume that our HTTP server may be insecure and exploitable, if this is the case we must place it in a DMZ. We also may try and place multiple failesafes, When we think of how a hacker would try to get in we want his attack to fail in one then more place along the way. We think This attack will fail at this stage, but even if he passes this(which we can't see how he could) it will fail on a second level, such levels might be.
Obviously the level of security must be adapted to the threat level. My home network is protected by a single firewall which allows dome incoming connetctions, yet I feel safe. I would never recommend such a setup to a large orgenization.
would be a better way to switch from parralel
to serial execution for debugging purpose.
Meir
how expensive is this?
on
Cracking GSM
·
· Score: 1
The GSM says the attack is difficult and expensive to implement, I am not so sure.
I havn't read the papers my self but I do discuss cryptology with Elad on a regular basis, It is my understanig that besides the weakness Elad found, they plan on using some time/memory/data tradeoff to actually preform the attack. The error correction code fiasco just elimenates the need for some known plaintext(as was needed in previos attack by Dunkekman(Who, epsalon you might know had littleto do with this new attack).
If I understand things correctly, you need significant computer power to get going, but after your done preprocessing, also a very weak cmputer with a cell-phone attached to it, will be able to listen in on any call, easily.
I don't have numbers as to how easy is this exactly. I would recommend reading up, the following article showen in crypto right after: Making a faster time/memory tradeoff. and another paper on stream ciphers with low sampling rates.
This is what Elad has been reading up on, probably has a lot to do with this attack.
Slashdot Mirror
When protecting a system, designing network configuration, firewall rule sets etc. The sysadmin/security specialist needs to think of how will he as a hacker from the outside compromise the system security. But when designing the system we wish to protect ourselves also from the attacks we ourselves can not think of.
We can attack this problem in several methods:
We may assume a single components can fail, for example We may wish to assume that our HTTP server may be insecure and exploitable, if this is the case we must place it in a DMZ.
We also may try and place multiple failesafes, When we think of how a hacker would try to get in we want his attack to fail in one then more place along the way. We think This attack will fail at this stage, but even if he passes this(which we can't see how he could) it will fail on a second
level, such levels might be.
Obviously the level of security must be adapted to the threat level. My home network is protected by a single firewall which allows dome incoming connetctions, yet I feel safe. I would never recommend such a setup to a large orgenization.
Dryice
would be a better way to switch from parralel to serial execution for debugging purpose. Meir
The GSM says the attack is difficult and expensive
to implement, I am not so sure.
I havn't read the papers my self but I do
discuss cryptology with Elad on a regular basis,
It is my understanig that besides the weakness
Elad found, they plan on using some time/memory/data
tradeoff to actually preform the attack.
The error correction code fiasco just elimenates
the need for some known plaintext(as was needed in
previos attack by Dunkekman(Who, epsalon you might
know had littleto do with this new attack).
If I understand things correctly, you need
significant computer power to get going, but
after your done preprocessing, also a very weak
cmputer with a cell-phone attached to it,
will be able to listen in on any call, easily.
I don't have numbers as to how easy is this
exactly.
I would recommend reading up, the following
article showen in crypto right after:
Making a faster time/memory tradeoff.
and another paper on
stream ciphers with low sampling rates.
This is what Elad has been reading up on,
probably has a lot to do with this attack.
seems to me the GSM are not being accurate.