Business IT - Technology for your business

No. 1 Story

Mobile operators get fixed price spectrum renewal in $3b Government windfall

The Government has offered Australia's three mobile operators, and vividwireless, renewal of their existing spectrum allocated on 15 year licences in the late 90s and early 2000s at set prices, while the Government expects to rake in $3 billion.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

GSM encryption is now effectively broken

David Heath
Friday, 01 January 2010 12:06

Business IT - Security

Page 1 of 2
At the 26th Chaos Communication Congress (26C3) last week, Karsten Nohl offered new insights and methods for cracking GSM encryption.

Microsoft Office 365 Get your free Trial

Related Articles

Security researchers have long considered GSM security to be weak and there have been many projects aimed at exposing a variety of these security weaknesses. 

There are four levels of encryption available for GSM, discussed in detail here. Many countries were not given access to any form of encryption (a screen shot of a phone without security is shown here; go to the sub-heading 'Security') and only the most friendly (mainly Western Europe and USA) were given access to the strongest (called A5/1). 

Australia was not considered a favoured country and was only permitted to implement the fully broken A5/2 protocols. 

The Wikipedia article gives good detail of the history of attacks on A5/1.  There is an interesting report from 1994 of the political in-fighting which led to the selection of the knowingly weak French solution over the strong objections of the Germans who (at the time) shared a border with a number of communist countries and would have preferred very strong encryption.

A recently reported project to create rainbow tables for GSM decryption has reached its end – the tables are available and at just 2TB, are smaller than expected. 

Karsten Nohl's presentation at 26C3 outlines the work completed thus far and also describes early efforts to fully crack the supposedly more secure A5/3 protocol.  Much of the project management is being handled through the Trac site where news, source code and other resources are available.

What advice is the GSM Industry group offering?  Read on...


Start 1 2 Next 

Sponsored Announcements

Kordia To Deploy ComOps Best Practice Safety and Risk Management Platform

David Bass | ComOps, a leading Australian provider of business software products and services, has won a competitive tender to deploy its Salvus safety, r…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases