Big Yawn
It's pretty clear that Intelligence Services such as the NSA have been doing this for years.
Cryptographers have moved closer to their goal of eavesdropping on cellphone conversations after cracking the secret code used to prevent the interception of radio signals as they travel between handsets and mobile operators' base stations. The code is designed to prevent the interception of phone calls by forcing mobile phones …
The NSA is the biggest employer of mathematicians and has the single biggest yearly computing kit budget. I'd be very, very disappointed if they wouldn't have been able to do what mere citizens can do now. Or happy. Secret services doing all that doesn't seem to have done much for the public good, though.
A femtocell + software to run a controller for 1-2 cell sites only with 1-2 calls only is a fraction of the cost of this. It also captures both uplink and downlink and does it in real time. The kit is available for GSM, 3G and other cellular tech out there and the whole thing costs sub-10K - less than the two software defined radios and the computers to run the crack.
It's pretty clear intelligence services don't need to do it as they can install their equipment in the base station. And they don't need to reverse-engineer the algorithms as they can easily get the secret appendices of the specification from the GSMA.
The problem here is that organisations like Mafia can get it with a modest budget.
Well done, chaps for breaking the A5/1 algorithm.
Did no-one tell you that GSM (2G) is dead in about a year or so and the 3G standard is much, much more secure? That might be why the military uses spread-spectrum. (Google for Hedey Lamarr for the 'prior art' bit*. You'll be surprised. I was.)
Oh, and China has the A5/0 algorithm, which is open (i.e., unencrypted so the chinese can spy on anyone, as usual). So?
"...was developed by volunteers around the globe using giant clusters of computers and gaming consoles.." made me snort on the pub keyboard again. Gaming consoles, FFS???
Icon, 'cos I'm in the lounge. Of the pub, natch.
*OK, as El Reg readers are in "Couch Potato" mode after the hols, I've done it for you. http://en.wikipedia.org/wiki/Hedy_Lamarr
Just an ex-GSM engineer, who kept being told when 2G would be 'turned off'. In 2004, it was 2008, then a bit more life...2011 was the last date I heard. Try to turn off 2G on your phone, you can still call..Possibly...
Of course, NMT450 got a boost when Nokia brought out it's "Ringo" phones, but the boost was only a couple of years or so. Pissed off a lot of users here in Nordic-land. Pity anyone who bought a 2G-only iPhone.
Gaming consoles? Just sounded - well, a bit 'Ginger', as Jeremy Clarkson once said.
"Gaming consoles, FFS???"
Aye - "Fat" PS3s make really nice HPC clusters. As you're a fan of Googlin' try "folding@home"...
And 2G ain't anywhere near dead unfortunately. Plenty of people out there using 2G SIM cards and the phone co's have no interest in paying good money to send out a replacement 3G card whilst the 2G one works fine - margins are too slim. You think they care one jot about OTA security?
Maybe I'm missing the funny, but linked gaming consoles have been used as a poor man's supercomputer for years now. The gaming consoles often offer way more processing power for the dollar than a computer of similar spec. I know Sony was getting their panties in a bunch because researchers were purchasing loads of PS3s to link and crunch numbers. Sony was losing money on those scenarios because these researchers would never purchase any games or anything for the Sony-subsidized kit.
While that may or may not be clear. Showing how a relatively cheap setup can intercept calls is still worth something.
Operators may chose to ignore that someone with a huge budget to invest into this kind of games is capable of it it is one thing, and maybe they were even kind of fond of knowing that for those "national security relevant" cases, the gov can just do it fine by itself without putting the operator into the unfomfortable situation to have to help.
But if basically any hobbyist can do it without ruining herself (and therfore a specialised company can provide it as a quite cheap service as they have to invest only once), that is an entirely other matter.
however....GSM??...
http://www.dailymail.co.uk/pages/live/articles/news/worldnews.html?in_article_id=476959&in_page_id=1811
DAILY MAIL 22 AUG 2007 Page 15
Taliban fanatics are tapping the mobile phones of British soldiers and calling their families to tell them their loved ones are dead. They may also be using the calls home to pinpoint the positions of camps in Afghanistan's wartorn Helmand province. Forces in Afghanistan have now been banned from using mobile phones to stop the infiltration.....
there are thankfully backup GSM security algorithms from the nice guys at ETSI, just remind me what is the roll-out strategy when A5/1 & A5/2 are deprecated?
Given that the dumbest of GSM phones need to be able to agree/follow channel hopping with a base station, the complexity of any encryption is likely to be limited.
Perhaps it would not be that difficult to modify a handset to follow the conversation of a target handset, given that it already has suitable receiver circuitry and the necessary encryption/decryption algorithms in firmware.
In the days of analogue phones we just talked to each other. Now, we're being driven to use our phones for authentication and financial transactions. The pickings are massively rich, so it's going to be well worth a few thousand dollars to a bunch of "agencies" who will rent out their services to the underworld. Goodbye secure login, goodbye bank balance. Cheques are just so robust by comparison.
Secure banking in mobiles will remain secure, however, as mobile sites will still use HTTPS, regardless of any half-baked crypto the GSM standard uses. That kind of crypto is still hard to crack, short of a 1024-qubit quantum computer.
Anyway, in the days of analogue, even a cheapo StarTAC handset could intercept calls ... the "magic" code was a source of fun for many a student back in the analogue days...
There is no "medium-end" on any scale. There are the two ends and the middle. The medium is roughly in the middle, as far from the ends as you can get. Yes, the reader can work out what is meant by this curious expression, but he also sees muddled thinking by the writer, and wonders how deeply it goes.
there's an open-sauce GSM basestation project underway, There are many positive things to say about the http://openbts.sourceforge.net/ project , however it's very likely we'll see fake/pirate/private GSM BTS soon. Did anyone mention that the BTS informs the handset what level of encryption to use - "today, Malcom, we'll be using weak"
GSM eavesdropping is TECHNICALLY EASY - you need a USRP software radio and do upto 3 months typing in Python/C bodging free and open bits of software together. Then private individuals can ELINT/SIGINT/COMINT listen & track GSM, a USRP software radio costs around £520 and is not illegal to own or play with. it's not an overstatement to say - don't do mission critical things on GSM.
Is what you people should worry about: In every single piece of telecom kit sold the last 2 decades or so, there exist at "Lawful Interception Interface" that provides unrestricted access to unencrypted traffic on request by the "proper authorities". Perfect for automated collection, recording, analysis - and the archiving for Seven years so that laws can be applied retroactively perhaps - of *all* phone calls.
The (maybe) only way around it is to use IP-Sec, SSH or VPN - but I would not count on that entirely to keep my sekret plans for world domination hidden; that is where the NSA will spend their CPU-hours, should the occasion merit.
Be happy that most people say nothing of importance whatsoever!
GSM doesn't use channel hopping.
Some 3g systems do (CDMA), but the maximum keyspace is limited to 2^24 bits, not hard to brute force. Channel hopping is not used for security, just to make better use of the available spectrum. I think the key may even be sent using a much smaller keyspace too, but I'm not sure about that.
The (partial) break is against the A5/1 algorithm, which is used to encrypt the voice signal, and has nothing to do with channel hopping.
I said partial because it needs a 2TB rainbow table to operate fully, and that hasn't all been made public yet - but that's just a matter of computer time to work it out.
"The code is designed to prevent the interception of phone calls by forcing mobile phones and base stations to rapidly change radio frequencies over a spectrum of 80 channels. "
No it's not. Frequency hopping is designed to spread interference around. The idea is that interference that may result in one or more calls failing, when spread around, results in a few more calls being degraded but not failing.
The encryption algoritms are designed to provide network security. Note that although you may think that they are there to keep your calls private, they are not. They are there to secure the network against intruders, not to secure your calls.
"All your calls are made with 2G and not 3G. Try to turn off 3G on your handset und you will still be able to make calls"
Not sure how things work in your side of the lake, but here in Australia, some carriers (not mentioning any names) lock GSM/3G capable hardware, to 3G ONLY. So, if you're in a GSM-only covered area, you're screwed. Let's lock in our users to ourselves only shall we. That way we don't have to sub-let carrier time from someone else...
Telstra, because they have more money to throw around, have gone further by knobbling the world-wide standard issue 3G, into something they call NextG. So if you have a GSM, GPRS or 3G phone, and you're in an area that's only covered by Telstra, you can be SURE it's kobbled to accept phones that they've knobbled with their NextG badge and firmware first.
If you can't (or don't want to) compete on a world-wide standard issue network, make your own!