The encryption system that protects the almost 900 million users of GSM cell phones from instant eavesdropping or fraud is no longer impregnable, cryptologists claim.
Researchers at the Technion-Israel Institute of Technology in Haifa say they have found a way to defeat the security system, exploiting a flaw in the way the encryption is applied.
With GSM, the voice is encoded digitally. But, before this data is encrypted, it is corrected to help compensate for any interference or noise, says Eli Biham, who led the Technion team. This gives an opportunity for a 鈥渕an in the middle鈥 attack, in which the call is intercepted between the handset and the network base station.
Advertisement
鈥淎t first, I didn鈥檛 believe it. But we checked our finding again and again, and it was true,鈥 Biham told 快猫短视频. He says the delegates at the Crypto 2003 conference in Santa Barbara, where the work was presented, were 鈥渟hocked, astounded, interested and congratulatory鈥.
The GSM Association, which represents the global industry, acknowledges that the research 鈥済oes further than previous academic papers鈥 and 鈥渁ppears to be feasible鈥. But spokesperson Ian Volans says: 鈥淚t is only theoretical, rather than an imminent threat to the security of people鈥檚 calls.鈥 To actually crack the GSM encryption 鈥渨ould take several hundreds of thousands of pounds and lots of skill to reprogram the equipment needed鈥, Volans told 快猫短视频.
Listening in
The GSM encryption ciphers were kept secret until 1999, when Marc Briceno of the University of California at Berkeley managed to reconstruct the algorithms used.
Biham says there have been many attempts since them to crack them, but all required first listening to the call during its initial minutes and were impractical. In contrast, he says, the new approach could defeat the encryption while the phone is ringing, before being answered.
The Technion team鈥檚 attack is on the A5/2 version of the GSM encryption algorithm, introduced in 1996. An upgrade was introduced in 2003, but Biham claims the attack can overcome that as well. 鈥淲e can interfere with any of the 850 million GSM phones around the world,鈥 he says.
The GSM Association says the approach 鈥渞equires the attacker to transmit distinctive data over the air to masquerade as a GSM base station鈥. This is illegal in most countries, the association says, so anyone attempting an attack on a significant scale would expect to be traced and caught.
The Technion team has applied for a patent on the method, but say they would only license the technology to legitimate users, such as law enforcement agencies
Both the GSM Association and the Technion team agree that the new attack strategy would not affect 3G phones, which use different security protocols.