David Le Page
Your cellphone calls are probably still safe from eavesdroppers. But now Israeli researchers have discovered how to crack Global System for Mobile Communications (GSM) cellular encryption, it’s probably just a matter of time before they will become vulnerable to the listening capabilities of everyone from tabloid journalists to would-be blackmailers.
The National Intelligence Agency, of course, you will never have to worry about.
Alex Biryukov and Adi Shamir, according to Wired News, this week will publish a paper describing how anyone with a respectably powerful PC can crack the A5/1 algorithm used to encode GSM voice and data.
GSM is the world’s dominant digital cellphone standard, with at least 230- million subscribers in Europe, Asia, South Africa, and increasingly the United States.
Previous attempts at cracking GSM security have included penetrating the less-secure GSM A5/2 algorithm used in some Pacific Rim countries, and in 1998, “cloning” a GSM phone.
Of course, there’s a great difference between cracking the process used to encode a GSM call and actually pulling a GSM call from the airwaves and then decoding it.
The attempts at cracking GSM encryption parallel those against other commercial ciphers.
Academics and hackers have frequently demonstrated the weakness of certain critical ciphers used to encrypt financial and other information on the Net, through distributed computing. Such techniques leverage the combined power of hundreds of PCs in widely distributed locations.
These efforts are not malicious, but are undertaken partly in appreciation of the challenge and partly to demonstrate that US restrictions on the export of encryption techniques – classed under law as “munitions” – are overly restrictive and hamper the development of secure Internet commerce.