bit-tech.net

Researcher plans distributed GSM crack

Researcher plans distributed GSM crack

The GSM mobile 'phone system - as used in the UK - uses a weak encryption algorithm, and is vulnerable to the creation of 'rainbow tables' for easy decryption.

A security researcher has launched a project which aims to use technology originally developed to find signs of alien intelligence to crack the encryption scheme used by GSM mobile 'phones.

As reported over on CNet, researcher Karsten Nohl announced an open-source project at the Hacking at Random conference which aims to use distributed computing technology to develop a rainbow table for the decryption of A5/1 encrypted traffic - as used by 'phones in the UK and worldwide.

The project is in many ways similar to the popular Folding@Home distributed computing system, except instead of using spare CPU cycles on volunteers' computers to fold proteins and analyse possible new cures for various ailments Nohl is hoping to crack the encryption scheme used in around three billion mobile 'phones worldwide. Once complete, the rainbow table created as a result would allow anyone to decrypt captured traffic and listen in to mobile conversations in a matter of seconds.

While you might argue with his methodology, Nohl believes he's started the project for all the right reasons. Security flaws in the implementation of the A5/1 encryption algorithm have been known about for years, but previous attempts to highlight them - including a similar volunteer cracking project - have been swept under the rug, allegedly following pressure from a large mobile provider. Despite this, commercial products - aimed at law enforcement agencies - containing proprietary and jealously guarded A5/1 code books exist, and are openly sold.

As the creation of a code book involves a not-inconsiderable amount of number crunching, Nohl decided that a distributed computing project was the way to go. Despite the large amount of data involved, the keyspace for A5/1 is small enough at just 54 bits that Nohl estimates the project could have attained its goal in under two months with a mere 160 volunteers.

The other reason for the distributed paradigm - and for the open source nature of the code behind it - is to prevent any possibility of individual project members being targeted to prevent the release of any code book generated. Nohl explained that the files would be available to all project contributors, and expected them to be uploaded to BitTorrent trackers within three months of the project starting.

While the generation and possession of a rainbow table for the A5/1 algorithm is thought to be legal - although certainly likely to get you some interesting questions from local law enforcement should they want to make your life awkward - the use of same to actually decrypt mobile 'phone traffic would be against the law in most countries.

Do you believe that Nohl's efforts to get mobile providers to move to something with substantially stronger encryption - such as is available with 3G connectivity - is laudable, or is he simply putting sensitive information into the hands of undesirables with his latest project? Share your thoughts over in the forums.

19 Comments

Discuss in the forums Reply
Krikkit 26th August 2009, 16:28 Quote
It sounds to me like there has been plenty of opportunity to change and reinforce the system, these flaws are obviously not unknown. Nohl's just forcing a change, even if the results in the short-term are questionable the long-term will improve.
Omnituens 26th August 2009, 16:37 Quote
Just a quick question - why do you put 'phone? surely (while correct) it's not really required.

TBH, I'm not that fussed about people listening to my phone calls - worse they will find out is that I'm playing rock band with friends next week.
Gareth Halfacree 26th August 2009, 16:41 Quote
Quote:
Originally Posted by Omnituens
Just a quick question - why do you put 'phone? surely (while correct) it's not really required.
Because I'm a filthy, unrepentant pedant. :p
l3v1ck 26th August 2009, 16:57 Quote
How long before Führer Brown decided to use this to spy on the content of our phone calls.
cyrilthefish 26th August 2009, 17:30 Quote
Quote:
Originally Posted by l3v1ck
How long before Führer Brown decided to use this to spy on the content of our phone calls.
Probably as soon as he realises he can, if he hasn't already :(
mclean007 26th August 2009, 17:56 Quote
Quote:
Originally Posted by l3v1ck
How long before Führer Brown decided to use this to spy on the content of our phone calls.
If 160 volunteers are expected to crack it in 2 months, then trust me, every major government already has a codebook and has the technology (if not the legal mandate) to crack calls on a whim.
B3CK 26th August 2009, 18:11 Quote
I don't think he should do it. I for one, hang on to my phones for an average of 5yrs. I just recently in the last few months upgraded to a black berry. There are a lot of people that don't want to upgrade phones because the one they have works just fine, and they don't want to get locked into another multi year agreement when they do upgrade.
The sheer amount of phones that are out there that only have the gsm encryption is not insignificant. Forcing people to upgrade phones by releasing to the public this crack table, is an abuse against the consumer, and only allowing the crackers an easier way to "tap" people's phones, and possible break into the data of the device.
bowman 26th August 2009, 18:18 Quote
GSM security has been a joke for a very long time and it is trivial for any government (or anyone else) to listen in illegally.

http://openbts.blogspot.com/
CardJoe 26th August 2009, 18:37 Quote
Quote:
Originally Posted by Omnituens
Just a quick question - why do you put 'phone? surely (while correct) it's not really required.

More accurately, because I got tired of editing it out ;)
Silver51 26th August 2009, 21:42 Quote
Quote:
Originally Posted by B3CK
I don't think he should do it. I for one, hang on to my phones for an average of 5yrs. I just recently in the last few months upgraded to a black berry. There are a lot of people that don't want to upgrade phones because the one they have works just fine, ...


My main phone is a 1999 Nokia 7110. While it still makes calls and sends text messages in long hand, there seems little reason to upgrade.
Phil Rhodes 27th August 2009, 00:15 Quote
Quote:
GSM security has been a joke for a very long time and it is trivial for any government (or anyone else) to listen in illegally.

What he said.
DarkLord7854 27th August 2009, 01:02 Quote
Quote:
Originally Posted by B3CK
I don't think he should do it. I for one, hang on to my phones for an average of 5yrs. I just recently in the last few months upgraded to a black berry. There are a lot of people that don't want to upgrade phones because the one they have works just fine, and they don't want to get locked into another multi year agreement when they do upgrade.
The sheer amount of phones that are out there that only have the gsm encryption is not insignificant. Forcing people to upgrade phones by releasing to the public this crack table, is an abuse against the consumer, and only allowing the crackers an easier way to "tap" people's phones, and possible break into the data of the device.


So you'd rather let people be able to listen in to your conversations? They already can do it, it's just harder to get your hands on the technology needed for it.
KriTip 27th August 2009, 01:56 Quote
Why don't the governments back it, and then we can have a mobile scrapage scheme to boost the economy with the requirement to buy new phones ;)
DarkLord7854 27th August 2009, 03:40 Quote
Quote:
Originally Posted by KriTip
Why don't the governments back it, and then we can have a mobile scrapage scheme to boost the economy with the requirement to buy new phones ;)

Because that makes sense. Why the hell would the government do something that makes sense, benefits the people, AND helps out the economy? That's like, against all their policies. :p
Jozo 27th August 2009, 10:10 Quote
Soon we'll be back to tin cans and a string? Try decrypting that!

I don't personally care if some regular guy can decrypt my phone calls. It's not like what I have for lunch is a strongly kept secret. I just wouldn't feel comfortable with it. And we all know providers won't switch to better encryption just because someone can decrypt it and listen to others phone calls, most people won't even understand what this Nohl guy even did.
TSR2 27th August 2009, 14:08 Quote
Hang on, takes 160 people a few months to decipher, probably pretty easy to listen to people's calls... One day we'll get secret Government records released that show Brown spent £billions on trying to do the same thing, and eventually just gave up because it was 'too difficult.' This isn't the Nazis we're talking about here.
v4111@me.com 29th December 2009, 02:22 Quote
People still talk on cell phones? :|
steveo_mcg 29th December 2009, 11:15 Quote
h8jellybeans 15th January 2010, 07:18 Quote
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums