Skip to main content
  1. Home
  2. Mobile
  3. News

German Researcher Publishes GSM Encryption Crack

Geoff Duncan
By

apple_iphone_3g-251x300German security research Karsten Nohl, working with other researchers, has published a codebook that significantly reduces the amonut of work necessary to crack 64-bit GSM encryption, used to protect calls placed by more than 4 billion mobile phone users around the world. In theory, the development could make it easier for criminals, fraudsters, and attackers to intercept and decode and eavesdrop on private mobile phone conversations—although the bar for doing so is still fairly high. Nohl insists publishing data necessary to crack GSM encryption is intended to motivate carriers into upgrading their security technology, rather than enabling any sort of attack.

Nohl’s published results are essentially a brute-force attack on the 64-bit A5/1 algorithm that has been used to protect GSM phone calls for over two decades. Normally, GSM handsets thwart call interception by switching quickly over a range of some 80 radio channels: even if attackers manage to snoop in on one channel, the odds of their being able to follow a call across all 80 channels in real time are miniscule. Unless, that is, they are able to ferret out the key that governs the communication: then, in theory, someone could listen in on a call in real time. Nohl’s published tables, in theory, would enable attackers to determine the keys and snoop in on calls. Although the GSM algorithm has long been vulnerable to law enforcement and heavily-financed criminal organizations…but by Nohl’s estimates, his tables lower the bar for real-time call interception down to about $30,000.

Nohl believes that his work is itself legal—and largely builds on knowledge of GSM compromises that were well-known in academic circles—although using that infomation to build a GSM phone intercepter or actually intercepting calls would be illegal in most countries.

Related

A more-robust A5/3 algorithm that uses a 128-bit key is used to secure 3G mobile communications and GPRS. Although A5/3 has been compromised by man-in-the-middle attacks and brute force approaches, no known cipher breaks of A5/3 are currently considered practical.

Editors' Recommendations

Video-editing app LumaFusion to get a Galaxy Tab S8 launch
A tablet featuring the LumaFusion video editing app.
Wi-Fi not working? Here’s how to fix the most common problems
the fbi wants you to reboot your router insecure getty
The best phones for kids in 2023
phones for kids
The best iPhone car mounts in 2023: top 10 best ones you can buy
best iphone car mounts
My iPhone 14 Pro camera is ruined, and it’s all Apple’s fault
The iPhone 14 Pro's camera module.
The best rugged smartphones for 2023
Best Rugged smartphone 2022 with cyclists feat image.
The best iPhone games in 2023: 31 games you need to play right now
Playing Asphalt 9: Legends on the iPhone 14 Plus.
This Apple leaker just revealed tons of changes for iOS 17 and iPhone 15
iPhone 14 Pro with Widgy and Siri Suggested apps widget on a home screen
Beats Studio 3 headphones are $120 off today at Amazon
The black and gold Beats Studio3 wireless headphones.
How to cheat in Words With Friends
Playing Words With Friends on a smartphone.
Trading in your iPhone with Apple? You’ll get less than yesterday
An iPhone 14 Pro Max with the display turned on. We see the Home Screen and Pixel Pals running in the Dynamic Island.
The best QR code scanning apps for iPhone and Android in 2023
Best apps for scanning QR codes
3 reasons you should buy the Google Pixel Watch today
The Google Pixel Watch's Pilot Bold watch face.