Hacker cracks and publishes GSM call encryption code

By on December 29, 2009, 10:13 AM
The 21-year old encryption standard used to protect phone calls on the most widely used mobile standard has been cracked. Karsten Nohl, a German computer engineer revealed yesterday that he had deciphered the binary codes for the 64-bit GSM encryption algorithm known as A5/1 by simple brute force, and then published his findings to the hacking community in a bid to expose weaknesses in the security of global wireless systems.

Although potentially making calls vulnerable to snooping, Nohl said he took precautions to remain within legal boundaries, emphasizing that his efforts were purely academic and kept within the public domain. While the disclosure does not by itself threaten the security of voice data, anyone who can work standard GNU build process and a set of open source software tools could break the encryption and listen in on conversations.

The GSM Association has responded by questioning Nohl's intentions and stating that operators could just modify the existing code to re-secure their networks -- though the new code will remain just as vulnerable to brute force cracking as the one before. The group has had a 128-bit successor to A5/1 since 2007, dubbed A5/3, but thus far has failed to push the standard out across much of the industry.




User Comments: 14

Got something to say? Post a comment
Timonius Timonius said:

Forget the 128-bit, better go bigger and make sure you hire Nohl to make it better.

TorturedChaos, TechSpot Chancellor, said:

Makes me a little nervous that someone cracked it - through brute force none the less - but mostly I see this as a good thing. That encryption code has been in use for 21 years, sounds like it needs to be updated any ways. Whose to say someone hasn't cracked it already and just didn't say anything? Hopefully we something new very soon.

tengeta tengeta said:

Its just sad that a 21 year old standard IS the standard to begin with. I assumed years ago it was cracked and they just didn't come out about it. Encryption lives a very short life, especially these days.

Timonius Timonius said:

You're probably right tengeta and TorturedChaos. This may have been a simple and convenient cover story. haha!

Vrmithrax Vrmithrax, TechSpot Paladin, said:

It's hard to imagine that government agencies with massive budgets and the most sophisticated hardware hadn't done a simple brute-force hack of the GSM code long ago. But hey, if I was an agency interested in intelligence or espionage, I'd sure keep the fact that the code was cracked quiet, so people would freely say things they normally wouldn't if they had no confidence in the security of their connection... I'm just sayin...

Guest said:

I can't believe it took 21 years to crack it.

Zeromus said:

What? He won a bid? Aw, I bet he didn't bet for crap

compdata compdata, TechSpot Paladin, said:

Vrmithrax said:

It's hard to imagine that government agencies with massive budgets and the most sophisticated hardware hadn't done a simple brute-force hack of the GSM code long ago. But hey, if I was an agency interested in intelligence or espionage, I'd sure keep the fact that the code was cracked quiet, so people would freely say things they normally wouldn't if they had no confidence in the security of their connection... I'm just sayin...

100% right on. Anyone who thinks their cell calls are "secure" is in denial :-)

satty said:

I dont believe he is the first one who did it(21 years....???)

Guest said:

Old news is old (years old).

Guest said:

you can thank management again.

meanwhile across the pond, if Nohl can do it...

so can those angry people who keep trying to light their underpants and shoes on fire...

that's the scurry part 8(

Guest said:

Government agencies do not need to crack it.

Part of the GSM license is the interconnection with the intelligence agencies in that country.

So the agencies have access to the calls anyway.

Guest said:

Any argument against using wireless 802.11 a/b/g/n for VoIP just went away permanently. You can use as much encryption as you want (4096 bit, whatever) if you have the CPU/GPU power to encrypt/decrypt it. This is a solid reason for every confidential phone user to use GNU-PGP and set up a maximum public key protected account scheme. Soon people who have critical conversations over GSM are going to get fired - before the company's business shows up on TMZ.

LOL image verification code is "privately politic". Exactly. The price some people will pay for privacy or to ensure their domination of public life is infinite. GSM just lost a critical early adopter market. If you were going to run for President in 2012, would you let your staff set up a GSM network now, or would you wire every office for wireless a/b/g/n (the earlier standards have some advantages for wide area VoIP) and use GSM only where you had to?

Guest said:

So, where is the big announcement to move to 256 bit or whatever?

If we don't hear it, we should all be preparing to use wireless a/b/g/n as our primarily phone connection.

No surer sign of a dead technology than no determined response to stay competitive.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.