back to article GPRS-era mobile data encryption algorithm GEA/1 was 'weak by design', still lingers in today's phones

The GEA/1 encryption algorithm used by GPRS phones in the 1990s was seemingly designed to be weaker than it appears to allow eavesdropping, according to European researchers. The algorithm was introduced in 1998 by the European Telecommunications Standards Institute (ETSI). It was supposed to provide 64-bit encryption for data …

  1. HildyJ Silver badge
    FAIL

    Explanations? Don't hold your breath.

    Asking Five Eyes to fess up is like ElReg asking Apple to comment.

    1. Claptrap314 Silver badge

      Re: Explanations? Don't hold your breath.

      This was a European standard. What does that have to do with the 5 eyes?

      1. Anonymous Coward
        Anonymous Coward

        Re: Explanations? Don't hold your breath.

        Where do I start? Standards like this are created in standards organisations: ETSI, 3GPP, GSMA, IEEE, etc, etc, and are made up of employees of:

        Telecoms operators

        Handset providers

        Network equipment manufacturers

        Others

        "Others" includes people like Apple. consultancies and...... Have a guess.....

      2. Anonymous Coward
        Anonymous Coward

        Re: Explanations? Don't hold your breath.

        @Claptrap314, you are forgetting that one of the Five Eyes is itself in Europe. And also that every country's intelligence agency wants to make things easier for themself to peek at communications, even their friends and neighbours, "just in case". I'd be more surprised if they weren't making "suggestions", either directly or indirectly, on how the encryption standard should work.

        1. EnviableOne Silver badge

          Re: Explanations? Don't hold your breath.

          @AC you are forgetting that Europe has always been run by France and Germany, and until recently the UK had a bit of a say, and only by agreeing with Germany could they control the french...

  2. b0llchit Silver badge
    Boffin

    Secure channels inside secure channels

    Public infrastructure is never going to be secure. There are too many interests to intercept. Therefore never trust the default "encryption" and use an encrypted tunnel you control. You would not use a telnet session inside an ipsec tunnel. You'd still use ssh. Also, you send pgp email, even though the general smtp links are tls links nowadays.

    The examples are all a secure channel inside a supposedly secure channel. The security starts when you are in control.

    1. Anonymous Coward Silver badge
      Black Helicopters

      Re: Secure channels inside secure channels

      The GEA/x encryption is between phone and service provider.

      If government agencies want your data, they can go to the service provider and get it after it has been decrypted. Therefore, GEA is intended to guard against 'other' agencies (foreign, probably) snooping.

      Whatever the case, you should be using your own secure channel on top of whatever your service provider supplies.

      Same goes for all the VPN services that are popular now: they're guarding against an untrusted local ISP, but the data is still unprotected when it leaves the VPN provider.

      1. Julz Silver badge

        Re: Secure channels inside secure channels

        As a Sun employee once said about internet security, you have none, get over it...

  3. _LC_ Silver badge
    Facepalm

    Are you in for a laugh?

    https://www.theregister.com/2021/06/17/biden_putin_summit_cybersecurity_discussion/

    "Biden to Putin: Get your ransomware gangs under control and don’t you dare cyber-attack our infrastructure"

    1. doublelayer Silver badge

      Re: Are you in for a laugh?

      Is this some sort of graph theory thing? Why are you posting article links in the comments when we can read both articles? If they have something to do with each other which you want to point out, say so and detail what the purpose is.

      1. _LC_ Silver badge

        Re: Are you in for a laugh?

        I was counting on readers figuring that out quickly. There's our western "leader of the free world" (this makes many people want to puke, including me) telling the evil Russian - alleged - hackers to stop hacking. There's our free Western world putting in backdoors everywhere... Do the math.

        1. Michael Wojcik Silver badge

          Re: Are you in for a laugh?

          Tu quoque fallacy. The "West's" bad actions do not discount the bad actions of Russia.

  4. Teejay

    Cutting-edge Germany and the decommissioning of 3G

    In Germany, all 3G networks are being decommissioned at light-speed. At the same time, companies like O2 / Telefónica have failed with a widespread rollout of voice-over-LTE, and also, many phones don't support it.

    The argument is, that in a few years time we'll have widespread 5G, which will fulfill what was promised (and so far underdelivered) for 4G/LTE years ago.

    That leaves you with - again - 2G (!!) for voice in many places, which is decades old, totally insecure and sounds antique.

    Beat that.

  5. elsergiovolador Silver badge

    Everything is compromised one way or another

    All these networks should be assumed as compromised and as such Bring your own encryption (BYOE) as your own layer on top is what any privacy conscious entity is operating.

    1. _LC_ Silver badge

      Re: Everything is compromised one way or another

      "All these networks should be assumed as compromised"

      And your phone? ;-)

  6. DS999 Silver badge

    This is only relevant if you use 2G

    That's already been decommissioned in the US, and 3G is due for the chop next year. But as I understand it 2G will be around in most of Europe until the end of 2025. Maybe phones need a setting to allow you to disable 2G?

    Not that anyone should believe LTE and 5G encryption is unbreakable, but I guess at least it is better. Anyone know if those standards allow "no encryption" so the forced downgrade attacks could still work or has that at least been fixed in those newer standards?

    1. _LC_ Silver badge

      Re: This is only relevant if you use 2G

      The problem is that the phones can usually be tricked into falling back to the unsafe encryption. We had this in a similar manner with web-servers. Those "fallback mechanisms" can often be triggered. Not few see this as part of the backdoor.

      1. DS999 Silver badge

        Re: This is only relevant if you use 2G

        If there are no 2G towers within range you can't force fallback to these insecure protocols.

        1. _LC_ Silver badge

          Re: This is only relevant if you use 2G

          They must maintain either 2G or 3G for a while. It's being used by connected industrial devices, elevators and such.

          1. DS999 Silver badge

            Re: This is only relevant if you use 2G

            The existence of a few towers doesn't mean phones should still support it. I expect the modem Apple is working on will support LTE and 5G only, both to make the task easier and reduce the patent royalties and because the number of places that will have no LTE or 5G but are covered by 3G let alone 2G will be basically nonexistent by fall 2022 or 2023 when it is expected to appear.

            Qualcomm will probably leave that stuff in forever because it is like real mode or segments in a modern x86 processor - it is easier to leave that stuff in there and not touch than try to remove it and worry about unknown dependencies.

  7. Anonymous Coward
    Anonymous Coward

    There was no hard 40 bit limit in France at the time

    As per the law n°90-1170, cryptography was free as long as the government had full access (art. 28, I, 1°)

    https://www.legifrance.gouv.fr/loda/article_lc/LEGIARTI000006421084/2002-01-01/

    I feel terribly sorry now for having been a military weapons smuggler for years. At time, I even illegally exported them from the US *and* illegally imported them in France *on the very same day*.

    1. Michael Wojcik Silver badge

      Re: There was no hard 40 bit limit in France at the time

      See, if you'd taken an overnight flight you'd have exported and imported on different days. Much better.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021