GSM Cracked

[Karsten Nohl], with a group of security researchers has broken the A5/1 Stream Cipher behind GSM. Their project web site discusses their work and provides slides(pdf) presented at 26C3. A5/1 has had known vulnerabilities for some time now and is scheduled to be phased out for the newer KASUMI or A5/3 block cipher. This should be an interesting time in the cell phone business.

Thanks to [Tyco] and [MashupMark] for pointing us to this story.

13 thoughts on “GSM Cracked

  1. Well gov agencies had this technology since years now you can hook it up on an 1K device. Its going to be a bigger issue for the developing countries where the GSM providers dont have the budget to switch the encryption.

    But what govs have are probably more sophisticated starting with that they can tap the calls at the BSS why would they need to crack A5.

    We were about to do some research on this but the thc wiki only wrote down the basics when they had a lot more what they didnt publish. Dunno how the hell can they call it for a community project when they work privately and dont publish just junk.

    Anyways I hate cellphones and I think its a really sick thing to listen someone elses calls for fun.

  2. The REALLY cool part, if you read the slides, they’ve developed a generalized distributed system for making rainbow tables across CPUs, GPUs, and FPGAs for ciphers up to 64 bits, or so.

  3. This does not mean that now anyone can download a small Python script for use on their Nokia and just start tapping on calls and texts… Using the work that these guys have developed requires a shitload of equipment and expertise only a handful of people possess. Don’t worry about your security, if someone wants to listen to your calls, they’ve already done it by going to your operator and tapping in on the ground side rather than radio side.

    Apart from that, I didn’t have time to go through all of the material (slides etc.) but how do they figure out the timing scheme for a particular mobile station? I mean, GSM is a TDMA nightmare since the timing scheme is per-session and only the mobile station and the base-station transceiver know it.

  4. Aah, how I yearn for the glory days of using an OKI 900 on CDMA to do things no one should ever be able to do…

    I really miss the analog backbone :(

  5. This is only to hack the 64 bit encryption, not the 128 bit which is in use today.I believe that there is a 256 bit encryption in the works for gsm as well.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s