Interesting People mailing list archives
IP: Re: Cypherpunks break GSM digital cell phone encryption )from
From: Dave Farber <farber () cis upenn edu>
Date: Fri, 17 Apr 1998 08:25:36 -0400
Date: Thu, 16 Apr 1998 09:53:26 +1000 From: Stewart Fist <fist () zip com au> Subject: Re: Cypherpunks break GSM digital cell phone encryption Declan McCullagh <declan () well com> quotes TIME Magazine, April 20, 1998 as reporting: " Now crooks scanning the airwaves can remotely tap into a call and duplicate the owner's digital ID. "We can clone the phones," brags Marc Briceno, who organized the cracking. His advice: manufacturers should stick to publicly vetted codes that a bunch of geeks can't crack in their spare time." My understanding is that they managed to crack the code on the SIM or smart card, not any radio-transmitted information. They repeatedly asked the card to identify itself, and so cracked it by brute force. The article also says: ``What was even more intriguing than the security threat, however, was that cracking the code yielded a tantalizing hint that a digital key used by GSM may have been intentionally weakened during the design process to permit government agencies to eavesdrop on cellular telephone conversations.'' This has been known for years. The use of GSM in Australia, for instance, was blocked on the day of the official launch because the security and police services wanted an easier code to break. At that time, I understand, they just switched encryption off. This was also widely reported in Europe at the time, and openly admitted. The original A5 encryption was promoted as being "NATO level security" which was a bit of overkill for a mobile phone that is probably going to be used with an insecure wireline link, and often used in public places. Now it appears that they've cut the 64-bit key down to an effective 54-bit by adding trailing zeros to make it easier to crack. It would still be a pretty healthy sort of encryption even at this level however. Stewart Fist, 70 Middle Harbour Road, Lindfield, 2070, N.S.W, Australia +61 2 9416 7458 http://www.theaustralian.com.au/techno/columns/fist.htm
Current thread:
- IP: Re: Cypherpunks break GSM digital cell phone encryption )from Dave Farber (Apr 17)