In a move to shed light on the vulnerability of GSM wireless networks, encryption expert Karsten Nohl, with the aid of 24 fellow hackers, was able to compile the multitude of algorithms behind the twenty one year old, 64-bit encryption scheme used to encrypt 80% of the world’s cellular GSM phone calls. The algorithm’s code book, comprising 2TB worth of data, has been published by Nohl and is now available on the Internet through BitTorrent. This is not the first time GSM was “cracked”. In 2003, the method by which GSM’s encryption code could be cracked was uncovered by a team of Israeli researchers and in 2008, David Hulton and Steve Muller presented at Black Hat a technique for the successful interception and decryption of a GSM stream using $1,000 of hardware and a half hour of time. Now in 2009, we have the binary code log that could potentially make GSM decryption faster and easier than ever. Before everybody panics, it is important to point out that the GSM algorithm that was cracked was the older and less secure 64-bit A5/1 algorithm, not the newer 128-bit A5/3 algorithm. Unfortunately, GSM carriers have been slow to adopt this new 128-bit encryption standard but Nohl’s disclosure may be the kick in the butt these lazy carriers need to beef up their security.


View Comments