GSM code cracked

Natalie Apostolou
30 Dec 2009


After 21 years, the code that has kept the world’s GSM networks safe from interception has been broken.

According to a 28 year old German cryptographer Karsten Nohl, speaking at a hacker conference in Berlin the Chaos Communication Congress, the encryption code has been deciphered.


Nohl and a group of cryptographers claim that they have broken and published the primary encryption code for GSM, using legal methods to break the A5/1 standard, and have made available a 'code book' of binary data that could be used to decipher the content of a call within hours or even minutes.


“This shows that existing GSM security is inadequate. We are trying to push operators to adopt better security measures for mobile phone calls,” he said.


The GSMA has dismissed Nohl’s claims as illegal, while arguing they overstated the security threat to wireless calls.


“GSM networks use encryption technology to make it difficult for criminals to intercept and eavesdrop on calls. Reports of an imminent GSM eavesdropping capability are common,” a GSMA spokesperson said.


According to the hackers a simple attack can be achieved with a PC containing a medium-end graphics card, a large hard drive, two USRP2 receivers and channel-hopping software.


More elaborate setups that use a network of computers will be able to unlock calls almost instantaneously, Nohl said.


Weaknesses in A5/1 are widely known and in response mobile operators devised A5/3, an algorithm that requires a far more elaborate mathematical operation to break.


Nohl pointed out that despite estimates that some 40% mobile phones are capable of using the newer cipher, it has yet to be adopted.




The GSMA has publicly stated that it plans to transition to the new technology, but has yet to provide a timetable.




Natalie Apostolou

Related content

No Comments Yet! Be the first to share what you think!