GSM phone encryption reportedly cracked

Cryptography experts meeting at the Chaos Communication Congress (26C3) conference in Berlin recently disclosed open source instructions on how to compromise the global system for mobile communications.

The GSM, used by 4 billion subscribers in more than 200 nations, reportedly is insecure, according to security experts, despite its widespread use since 1988.  The 64-bit algorithm allows base stations to transfer radio frequencies rapidly over 80 different channels, which makes it extremely difficult for eavesdroppers to possibly listen in.

ADVERTISEMENT

To put it in perspective, four out of every five phone calls made through a mobile phone is protected using the GSM cipher.

6a00d8341c4df253ef00e54f827b298834-800wi

Karsten Nohl, the German computer engineer who disclosed how he broke the GSM encryption, hopes security experts pay attention, and work to better secure the technology.  In August, Nohl recruited a team of 24 people to help crack the encryption, though it still took several months.

ADVERTISEMENT

Finding a way to crack the encryption, according to GSM spokespeople, "is theoretically possible but practically unlikely.  To do this while supposedly being concerned about privacy is beyond me," GSM spokeswoman Claire Cranton stated, when asked by reporters about Nohl's announcement.

Furthermore, the encryption key can be modified by wireless carriers to offer additional security, and the hackers may have violated US and British law -- the nations where the GSM Association is based -- but it's unknown if a formal investigation will be started.

The GSM is now reportedly reviewing Nohl's guidelines -- not available via Web site, although they can be found on BitTorrent. There still remains doubt on whether or not the GSM encryption could be so easily circumvented.

ADVERTISEMENT

No posts to display