GSM encryption broken

It's nice to see people still follow the old security PR playbook:<p><a href="http://chargen.matasano.com/chargen/2009/4/1/how-to-hidehhhandle-security-vulnerabilities-in-your-product.html" rel="nofollow">http://chargen.matasano.com/chargen/2009/4/1/how-to-hidehhha...</a><p>The "modern" game Microsoft plays is boring. It acknowledges and thanks researchers, often accepts worst-case assessments of impact, and fast-tracks fixes. What they don't understand is that our stories need an antagonist, someone we can name and pillory. Thanks, Claire Cranton at GSM.com, for giving us one.

<i>“What he is doing would be illegal in Britain and the United States.”</i><p>Hmm, guess which two countries he is not doing this in. I am not sure how this is relevant, except to say, "oh fuck." (If you can't attack the argument, attack the person who's arguing.)<p><i>To do this while supposedly being concerned about privacy is beyond me.</i><p>Now I know for sure that I need to encrypt my calls in another way. Before this announcement, I figured it was handled for me; I didn't assume that criminals had already broken the crypto and had kept the information secret. Now I am sure they have, and that my non-encrypted calls are obviously being monitored. (I exaggerate a bit, but it's clear how this disclosure enhances my privacy.)<p>Not sure why the GSM folks are taking this so seriously. Computers are fast. 64-bit encryption has been unsafe for nearly a decade. Everyone knows that this was going to happen eventually.<p>Edit: after reading the slides, I am really amazed by this. I remember when I was a kid and I used to listen in on cordless phones and baby monitors with my radio scanner. It was really, really interesting. The thought of sitting on the train and listening to both sides of people's cell-phone calls appeals to me in a way that I can't quite explain.

If GSM was not already broken, how do all of these products work?<p><a href="http://www.google.com/search?q=gsm+passive+intercept" rel="nofollow">http://www.google.com/search?q=gsm+passive+intercept</a><p>The point of the presentation is not that GSM has been broken; it's to make it so blatantly, obviously, publicly broken that the public (i.e., corporate IT departments) will have to pay attention.

To clarify a few points (I had them confused):<p>- If you have an iPhone 3G signal (for example), you're using UMTS (not GSM), which has longer encryption keys (128-bit) and an enhanced protocol. Brute-forcing this keyspace (as in the CCC paper) is unlikely, though they mention the cipher (KASUMI) is "academically broken".<p>- Neither system has end-to-end privacy. Data is encrypted to your operator's equipment. All other hacks apply.<p>NYT: <i>In 2007, the GSM developed a 128-bit successor to the A5/1, called the A5/3 encryption algorithm, but most network operators have not yet invested to make the security upgrade.</i><p>As far as I can determine, this is wrong. Europe has UMTS broadly deployed and the US came late to this party.<p>For more: <a href="http://www.google.com/search?q=umts+encryption" rel="nofollow">http://www.google.com/search?q=umts+encryption</a>

For more technical info, here's the link to presentation at CCC <a href="http://lists.lists.reflextor.com/pipermail/a51/attachments/20091228/3267f143/attachment-0001.pdf" rel="nofollow">http://lists.lists.reflextor.com/pipermail/a51/attachments/2...</a>

Links to a registration prompt. If anyone is really interested in reading this, google the URL.

The summary of the talk given on the 26'th Chaos Communication Congress can be found on the 26c3 wiki, it includes a link to the slides:<p><a href="http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html" rel="nofollow">http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.h...</a><p>Video recordings can be found on:<p><a href="http://events.ccc.de/congress/2009/wiki/Streaming#Unofficial" rel="nofollow">http://events.ccc.de/congress/2009/wiki/Streaming#Unofficial</a><p>(the ones on 26c3.ipv6only.org are good, but, as the name suggests, accessible via IPv6 only)

I'm not sure of the specific relevence to this article, since it was a good while ago i listened the details mostly escape my memory, but you can grab a good background on why GSM is insecure listening here: <a href="http://twit.tv/sn213" rel="nofollow">http://twit.tv/sn213</a>

Here goes another wave of plastic &#38; silicon hitting the world's dumpgrounds.<p>If we made less hardware and more software, the world would thank us for it.

How is this news? I've known for months that a 100+ petabyte server and a massive rainbow table can crack the encryption of GSM phones.

I sent this to press@gsm.com, the email address of Claire Cranton, quoted in the article :<p>Dear Ms. Cranton,<p><a href="http://www.nytimes.com/2009/12/29/technology/29hack.html?_r=1" rel="nofollow">http://www.nytimes.com/2009/12/29/technology/29hack.html?_r=...</a><p>“This is theoretically possible but practically unlikely,” said Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption. “What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”<p>A set of incredible admissions.<p>* This is theoretically possible but practically unlikely<p>GSM 64bit encryption is broken. Not theoretically but actually. The likelihood of it happening to someone now depends on the value of the calls.<p>* no one else had broken the code since its adoption.<p>And now they have, that's the point<p>* would be illegal in Britain and the United States<p>I don't think criminals are deterred by such niceties and they are hardly likely to reveal their source while extorting money from me or making insider trades<p>* To do this while supposedly being concerned about privacy is beyond me<p>Knowing that my handset can be eavesdropped by people outside of the law is the ultimate privacy concern. That you don't understand this is beyond me.<p>&#62; The association noted that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.<p>Again, copyright infringement would be very low on the list of criminal organisations.<p>Your response beggars belief, except it is perfectly reasonable viewed through the lens of PR.<p>Yours sincerely<p><i></i><i></i><i></i><i></i>