GSM system about to be compromised

GSM logo
( -- Research scientists in California and elsewhere are deliberately setting out to compromise the mobile phone system used by around three billion people. The system uses Global System for Mobile communications (GSM) encryption technology to prevent eavesdropping.

Karsten Nohl, a research scientist at a Californian security research firm H4RDW4RE, and a member of the Chaos Computer Club (CCC) in Germany, is behind the effort to crack the A5/1 encryption technology used by GSM, and he plans to release the keys publically on the Internet by the end of the year.

Every phone using GSM has its own secret key, which is recognized by the network. When a call is made the secret key is used to create a session key that is then used to encrypt the phone call. It is the session key that Nohl plans to crack.

Nohl has created an open-source program that will enable a peer-to-peer network of up to 80 computers to share the computing required to break the code. Since the files are distributed across the network, it will be virtually impossible to remove the code-breaking tool from the Internet. When the encryption code is cracked it will be compiled into a code book that could be used to decode any data sent to or from a GSM phone.

Computing time for the project is being speeded up by the use of components not usually found in a standard computer, such as the expensive Xilinx Virtex field-programmable gate arrays and Nvidia's compute unified device architecture (CUDA) graphics cards. According to Nohl, are faster than CPUs for certain applications, such as computing the A5/1 code.

The goal of the exercise, according to Nohl, is to highlight the vulnerability inherent in GSM technology and to encourage operators still using the system to upgrade their digital phone system to 3G, which has better encryption, or to use the more advanced A5/3 encryption technology instead of A5/1.

GSM phone networks in the U.S. include AT&T and T-Mobile. Commercial tools that decrypt GSM communications have been available for some time, but they cost from $100,000 to $250,000. When Nohl's project cracks the key and publishes the code book on the Internet, it will be possible for almost anyone to get the encryption key for any call and eavesdrop on the call or read SMS messages.

via IEEE Spectrum
© 2009

Explore further

In Brief: Happy 15th birthday to GSM

Citation: GSM system about to be compromised (2009, December 8) retrieved 24 June 2019 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Feedback to editors

User comments

Dec 08, 2009
So when H4RDW4RE is finished with the publicity of effort of taking down the security a world wide network with 80 pcs and shareware software we have discovered what? How to be a better cyber terrorist? Thanks to California ingenuity we have let everyone know that even you can terrorize the world on a shoestring budget. This sounds like a legitamate job for the FBI or homeland security. This is terrorist business holding the world hostage. Get in there and take these idiots out before they earn a business Darwin award.

Dec 08, 2009
If every dime and man-hour we spent on crime and crime prevention went towards something productive, imagine where we'd be today...

Dec 08, 2009
Why don't they just find the one person left who still thinks these systems are truly secure and send him a candy-gram?

Dec 08, 2009
This isn;t terrorism -- this is attempting to show that comapnies do not have your best interests at heart because if ths guy can do it in under w year with 80 computers, then someone else did this A LONG TIME AGO with about 20 computers. remember we have not seen an increase in processor speed since 2003.

Dec 08, 2009
CCC is a well known official club in germany (they are not secret hackers). Just check their official website.
They have a record of trying to hack national systems and then publicizing the results.

If something is unsafe then it is better the public knows about it sooner than later, don't you think? Gives the providers a chanvce to beef up their security before someone with actually malicious intent screws them over.

Dec 08, 2009
What the heck are you doing over the phone that is so secret as to need encryption but so unimportant that you don't invest in serious security?

I disagree with the argument that it is important to force public systems to be ever more secure.

National security benefits when the cost of exploiting our shared networks by terrorists are raised at least to the level of "business security". This makes it harder for the home grown terrorists to exploit the Billions we've invested in personal and commercial communications.

As the members of this hacking club know, it is not that hard to overlay a clear line with an encrypted circuit. Any business, commercial or national interest needing secure communications can easily get it within their budgets.

Offering "strong" encryption for personal use is insane overkill and suggest to me an unnatural paranoia or, worse, unbridled narcissism.

NOTHING I say is so "sensitive" I need fear being overheard.

Dec 09, 2009
Some very common misconceptions about encryption and computer security are evident here.

Anyone who knows computer security knows that security through obscurity just doesn't work. Covering up your weaknesses, as GSM has done with A5/1, merely guarantees that only the bad guys will know them. I will not even begin to trust a cipher until its design is openly published and it has withstood years of intense, fully documented attacks by the academic cryptography community.

It is not "insane overkill" to use a strong cipher in GSM. There are several excellent alternatives that are probably even faster and smaller. In fact, GSM had to go out of its way to use a cipher as weak as A5/1.

Dec 09, 2009
There's no point in making a distinction. When you can have an excellent cipher for the same (or less!) cost as a weak one, why not just use it for everything?

Also, cryptography is a tool that can provide confidentiality and authentication. It is not particularly relevant to spam and virus threats. These are distinct security problems that require distinct tools and techniques.

Dec 09, 2009
This will only effect 2G networks with regards to session encryption of voice, SMS and USSD between the handset and the base station. This will not enable an attacker to clone a SIM or to compromise the existing authentication mechanisms.
If the subscriber is using mobile banking applications that are USSD based they are potentialy at risk so I advise that they check with thier bank or network to ensure that encryption keys via the browser or JAVA applet have been implemented to secure this layer of the messaging.
The problem with trying ot force networks to go to 3G is that there are so many 2G only handsets out there that will not support the newer algos, my feeling is that this action is reckless and not in the general subscribers best interests.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more