[Vanhackspace] Fwd: [A51] GSMA Statement on Media Reports Relating to the Breaking of GSM Encryption
Luke Closs
lukecloss at gmail.com
Thu Dec 31 15:41:31 PST 2009
Wow, 20 kilometres of books! Golly, that's a lot! We could never store
that many books!
On Thu, Dec 31, 2009 at 3:08 PM, Colin Keigher <colin at keyboardcowboy.ca>wrote:
> I had a good chuckle.
>
> - Colin
>
> -------- Original Message -------- Subject: [A51] GSMA Statement on Media
> Reports Relating to the Breaking of GSM Encryption Date: Thu, 31 Dec 2009
> 22:28:40 +0000 From: javier falbo <javier_falbo at hotmail.com><javier_falbo at hotmail.com> To:
> <a51 at lists.reflextor.com> <a51 at lists.reflextor.com>
>
> Here i include the GSM Association feedback from the breaking of GSM.
> Below, my comments.
> http://www.gsmworld.com/newsroom/index.htm
> GSMA Statement on Media Reports Relating to the Breaking of GSM
> Encryption 30 December 2009
> GSM networks use encryption technology to make it difficult for criminals
> to intercept and eavesdrop on calls. On most GSM networks, the
> communications link between the handset and the radio base station uses the
> A5/1 privacy algorithm to scramble the signal.
> Over the past few years, a number of academic papers setting out, in
> theory, how the A5/1 algorithm could be compromised have been published.
> However, none to date have led to a practical attack capability being
> developed against A5/1 that can be used on live, commercial GSM networks.
> Reports of an imminent GSM eavesdropping capability are common. The GSMA,
> which welcomes research designed to improve the security of communications
> networks, routinely monitors the work of groups in this area. In 2007-8, a
> hacking group claimed to be building an attack on A5/1 by constructing a
> large look-up table1 of approximately 2 Terabytes – this is equivalent to
> the amount of data contained in a 20 kilometre high pile of books. In
> theory, someone with access to the data in such a table could use it to
> analyse an encrypted call and recover the encryption key.
> Another group has announced similar plans in 2009. However, before a
> practical attack could be attempted, the GSM call has to be identified and
> recorded from the radio interface. So far, this aspect of the methodology
> has not been explained in any detail and we strongly suspect that the teams
> attempting to develop an intercept capability have underestimated its
> practical complexity. A hacker would need a radio receiver system and the
> signal processing software necessary to process the raw radio data. The
> complex knowledge required to develop such software is subject to
> intellectual property rights, making it difficult to turn into a commercial
> product.
> Today, mobile networks are typically configured to optimise call set-up
> times, capacity and other aspects related to operational efficiency. But
> mobile operators could, if it ever proved necessary, quickly alter these
> configurations to make the interception and deciphering of calls
> considerably harder. Moreover, intercepting a mobile call is likely to
> constitute a criminal offence in most jurisdictions.
> All in all, we consider this research, which appears to be motivated in
> part by commercial considerations, to be a long way from being a practical
> attack on GSM. More broadly, A5/1 has proven to be a very effective and
> resilient privacy mechanism. By comparison, inexpensive and readily
> available radio scanners could be used to intercept calls on the analogue
> cellular networks that pre-dated GSM and which did not use encryption.
> The mobile industry is committed to maintaining the integrity of GSM
> services and the protection and privacy of customer communications is at the
> forefront of operators’ concerns. The GSMA has been working to further
> enhance privacy protection on GSM networks and has developed a new
> high-strength algorithm, A5/3. Over the past decade, export control agencies
> have removed many of the traditional barriers to the sale of cryptographic
> technologies enabling the development and use of A5/3. This new privacy
> algorithm is being phased in to replace A5/1.
>
>
>
> ----------------------
> Comments:
>
>
> 1) *"none to date have led to a practical attack capability being
> developed against A5/1 that can be used on live, commercial GSM networks" :
>
> *
> *Reply: *Yes. There are many commercial companies that are offering them
> for u$s 500.000.-!
> For instance:
> http://www.shoghi.co.in/passive_gsm_interception.htm
> More here: http://gsm.my1.ru/load/
>
>
> 2) *"a hacking group claimed to be building an attack on A5/1 by
> constructing a large look-up table1 of approximately 2 Terabytes – this is
> equivalent to the amount of data contained in a 20 kilometre high pile of
> books".*
> *Reply: *What does it means 20 kilometers of books? je. It is a CHILD
> comparison... :)
>
> Or simply buy a hard disk from Western Digital (Less than u$s 900)
>
> http://www.wdc.com/en/products/Products.asp?DriveID=733
>
>
> 3) *The complex knowledge required to develop such software is subject to
> intellectual property rights, making it difficult to turn into a commercial
> product. *
> *Reply: *There is NO copyright materials in coding an Opensource software.
> GNU Radio is a good example.
>
>
> 4) *Moreover, intercepting a mobile call is likely to constitute a
> criminal offence in most jurisdictions.
> *
> *Reply: *Wrong Statement, completely wrong. Any judge or the justice could
> order to intercept a call. Intercepting or decoding your own phone is not a
> crime (or it is a crime that they encrpyt your voice without permission?).
> Intercepting third-parties phones is a crime!. Some countries such as USA or
> Britain also focus on the distribution process (same as distributing mp3
> music files in torrents, warez sites). That could be, from my side, the only
> precaution to take.
>
>
> 5) *This new privacy algorythm is being phased in to replace A5/1.(In
> reference to A5/3 - KASUMI)*
> *Reply: *A5/3 is useless now. The algorythm is broken. Imaging in a near
> future intercepting a young and beautiful neiborhood girl Live 3ggp video
> over 3G. :) (some humour here)
>
>
> *Conclusion:* GSM agency is not responding on the security issues that the
> project advice. Maybe because it could take at least 18 months to update
> worldwide the network, and ALL stations/base must be completely replaced.
> ($$$) and customers must be forced to change their OBSOLETE phone.
>
>
>
> Meanwhile, i strongly recommend to include in your phones, voice and sms
> encryption tools in Java, Symbian, Windows Mobile, etc., to have a SECURE
> line with your friends and family. Try to focus on Type I (Suite A), III DES
> or any strong cryptos.
>
>
>
> Any further information, do not hesitate to contact me.
>
>
> Regards,
> Javier
>
>
>
>
>
>
>
>
>
>
> ------------------------------
> ¿Te llegan demasiados emails? Organizate con Hotmail. ¡Creá carpetas para
> todos tus correos! <http://mail.live.com/>
>
> _______________________________________________
> Vanhackspace mailing list
> Vanhackspace at lists.uselessdegree.net
> http://lists.uselessdegree.net/listinfo.cgi/vanhackspace-uselessdegree.net
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uselessdegree.net/pipermail/vanhackspace-uselessdegree.net/attachments/20091231/434cb9ca/attachment-0001.htm>
More information about the Vanhackspace
mailing list