Three security researchers have published details on the internet detailing how the encryption used on 3G telephony can be broken into within two hours using the processing power of a single PC. This revelation comes only days after German engineers made similar claims that the 22 year-old A5/1 encryption system widely used on 2G GSM handsets could also be broken.
However, while these ‘shock disclosures' make good headlines in mainline newspapers, little was said that both these methods are largely theoretical and little if any evidence exists that a breach of 2G or 3G security has been achieved.
But this latest news does raise important questions about the approach being taken with 3G encryption. The researchers, from the Faculty of Mathematics and Computer Science at the Weizmann Institute of Science, Israel, claim that the 3G A5/3 encryption system--known as Kasumi and a derivative of the Misty crypto methodology--was dumbed down for use with 3G handsets, where time and handset processing power are in relatively short supply.
According to the research notes, the "unoptimised implementation on a single PC recovered about 96 key bits in a few minutes and the complete 128 bit key in less than two hours".
The A5/3 algorithm (Kasumi) is already implemented in about 40 per cent of three billion available handsets, leaving 60 per cent of the world's mobile user base using the older security algorithms. Once fully adopted, A5/3 will become one of the most widely used cryptosystems in the world, and its security will become one of the most important practical issues in cryptography, which makes the findings of this kind of research a concern.
Hacking of GSM calls possible within weeks, claim researchers
Security firm demoed hacking and eavesdropping on IPhone mobile VoIP calls
VoIP, Skype get EU heat over lawful intercept
Skype tapping program code released