Hacking of GSM calls possible within weeks, claim researchers

While the security of GSM has remained robust for many years, researchers now claim they're only weeks away from cracking standard GSM cell phone encryption, known as A5/1, and making the results available for anyone to use.

According to one presenter at the recent Hacking at Random conference, Karsten Nohl, once these results are made public the decryption of GSM calls will be possible using little more than a US$500 radio card and a top-of-the line laptop.

Nohl explained that the hacking is achieved by pre-generating all the encryption keys used in GSM into a codebook table that could be quickly accessed on the fly. Previously, it was estimated that the computing power to generate this would take around 100,000 years on a PC and the table itself would be massive, close to the size of all data stored on computers today. The breakthrough, labelled The Rainbow Table, uses a clever way to generate a useable table at a fraction of the size and to optimise computer algorithms that require much less hardware.

One observer, Stuart Quick, of risk management specialist, Henderson Risk, said that the GSM A5/1 encryption remained a Holy Grail amongst the hacking community and was made intriguing because of the associated conspiracy theories. "For example, it is thought that the cipher has had weaknesses engineered in to it in order to make it easier for the security services to snoop on calls and that mobile communications providers are therefore misleading or incorrectly advertising their products' level of security."

However, many within the GSM community realise that the security of GSM encryption was only designed for a specific lifetime and would eventually be broken. A move to 3G would use a new encryption algorithm - A5/3, which is considered to be significantly more robust than others in the GSM range.

For more on this story:
Mobile Europe
and The Register

Related stories:
VoIP, Skype get EU heat over lawful intercept
The Ease of Hacking VoIP
GSM hacking to get easier?