Dear Network Operators
Sort it out!
They've had more than a decade to get their ducks in a row and haven't done nearly enough to protect their networks.
A cryptographer has devised a way to monitor cellphone conversations by exploiting security weaknesses in the technology that forms the backbone used by most mobile operators. Karsten Nohl, chief scientist of Berlin-based Security Research Labs, said the attack works because virtually all of the world's cellular networks deploy …
This post has been deleted by its author
Skype's encryption may be secure but their implementation is still vulnerable to a sidechannel attack analyzing outgoing bitrates, and it's a fairly simple analysis at that
http://www.esecurityplanet.com/news/article.php/3930886/Side-Channel-Attack-Beats-Skype-Encryption.html
Edited for exhaustion induced errors
I was under the impression that GPRS essentially used GSM authentication. Meaning, a GSM or circuit switched connection was made first, 'through' the HLR and the AUC [Authentication Centre]. a GPRS PDP Context is made, after this, either on demand or 'permanently', but, none the less, on the back of the GSM.
Or am I pudding ?
When the gubberment want to know what you're doing on the phone they ask the mobile operator to intercept the calls. They don't need to listen in to your mobile and decrypt the over the air traffic. That is Vodorange2's job, they hand over the clear voice to the "authorised" dept.
The GSM encryption is only for over the air traffic, it isn't end point to end point.
There used to be a rumour that GSM in France wasn't encrypted since the French didn't used to allow any form of encryption.
The problem the operators face is that no encryption system should be viewed as safe. Properly implemented quantum might well be, but that relies on the proper implementation. Lets face it the German enigma system was unbreakable by 1940s technology, but the actual implementation and usage punched great big wholes that could be exploited. Anyway, any encryption system should be seen as having a finite life. You have to be prepared to move on. Sufficient flexibility needs to be built into all the hardware, and that would include your phone, to allow for regular upgrades to the security. I've no idea whether that was taken into account when the GSM standard was written. But it is usually the weakness.
The idea that somebody is publishing a report in 2011 on cracking GSM/GPRS/UMTS security in cetral Europe is a joke, and everybody who takes it at face value is being duped.
I'm not giving away any secrets when I say that back in the 90s, there was an agreement between the Federal authorities and the MNOs that encryption over the network would be 'crippled', so that 'government agencies' could decrypt in real time, without access to the network infrastructure.
The real story is one of collusion between Governments and Operators, this 'scientist' should be nominated for an ignoble.
Ummm, GPRS as in General PACKET Radio Service
That would be the data services then not your calls, unless you want to try some really crappy VoIP over that kind of connection.
So they can snoop on your browsing traffic, hey welcome to the Internet, you are using SSL for the important stuff right?
Get it right Reg.
... "government entities" need to listen in, unless they're doing it illegally?
Legal intercepts are done at the switch. Court orders for such usually come with a gagging clause preventing disclosure of the existance of an order, or an intercept.
If the grumble mill is accurate about the reasons for weak cyrpto this raises a whole barrel of worms about human rights issues and state entites exceeding their authority.
If you go back to the history of the GSM networks developing out of the analogue ones it was interesting. The analogue mobile phone networks were completely unencrypted. When the GSM standard was being drawn up we were still in the tail end of the cold war. Germany lobbied hard to have strong encryption on GSM, France and Britain lobbied hard for only weak encryption. It was believed at the time that Germany lobbied for strong encryption to stop the Eastern Bloc from listening in on phone messages. France and Britain won. No one has bothered to try and change this since, probably because of government intervention.
GPRS is a *data* transmission standard separate from voice. it is one (of lots) of standards within the whole GSM standards package.
In the 2nd decade of the 21st century it is p**s poor that *all* subscriber data channels on *all* networks are not encrypted.
How serious this is to any *real* subscriber depends on what services rely on GPRS for delivery and how much encryption they apply *before* their data goes into it, and how easily it would be to shift to another delivery mode by sliding in a different element in the protocol stack (you did implement your app as a layered architecture, didn't you). I'm not sure what does use it IRL.
*All* GSM neworks have tapping by *authorised* users built into the network standards. Who "authorised" is depends on that countries record on observing human rights. Hopefully there would be some kind of *legal* oversight and audit trail.
This looks like yet *another* case where the GSM standard relies on "Security by obscurity," which has worked *so* well all the other times the network operators have depended on it in the past. See previous El Reg articles.
And in case anyone thinks I don't think this is a big thing let me repeat that In the 2nd decade of the 21st century it is p**s poor that *all* subscriber data channels on *all* networks are not encrypted.
Back in the Nineties, it was agreed that the x-most significant bits used to encrypt mobile phone comms would be set to 0.
Consequently, governments did not need to ask the MNOs for access to their network, they could decrypt in real time by processing the external intercepts.
Any real German academic would know this (to paraphrase Molesworth)
Nobody can convince me that GSM operators doesn't "play stupid" to be nice to governments and military. A state of art system also doesn't check the "operator tower" identity too... Who needs terabytes of tables? Just set own tower! All those advanced smart phones will pick it not because they are stupid, it is just not in standard.
Solution is cheap but complex. Use a VPN. Complex part is "trust" and it is not technical. Do you trust that VPN provider? Do you trust your ISP? (if you set own vpn at home).
On the bright side, if you want to fool yourself and lazy... If some organisation is after you to pick your gprs signal or set a fake tower, you are way into deeper issues... Enjoy your remaining life :)