Thu, Dec 31, 2009 - Page 6 News List

German hacker deciphers GSM cellphone encryption


A German computer scientist has cracked the codes used to encrypt calls made from more than 80 percent of the world’s mobile phones.

Karsten Nohl and his team of 24 hackers began working on the security algorithm for GSM (Global System for Mobiles) in August.

Developed in 1988, the system prevents the interception of calls by forcing phones and base stations to change frequencies constantly. Most of the UK’s mobile phones use the GSM system and the breach represents a potential threat to the security of mobile phone communication.

Nohl claims that armed with the code, which has been published online, and a laptop with two network cards, an eavesdropper could be recording phone calls within 15 minutes.

“This shows that existing GSM security is inadequate,” Nohl told the Chaos Communication Congress, an international annual meeting of hackers taking place in Berlin this week.

Nohl said he deciphered the code to force the industry to upgrade its security.

Nohl said conversations involving politicians or business leaders could easily be intercepted and they should invest in further encryption software.

The GSM Association, which represents the interests of the worldwide mobile communications industry, played down the security threat and said Nohl’s activity was “highly illegal.”

“We consider this research, which appears to be motivated in part by commercial considerations, to be a long way from being a practical attack on GSM,” said Claire Cranton, a spokeswoman. “To do this while supposedly being concerned about privacy is beyond me.”

Nohl, who has a doctorate in computer engineering from the University of Virginia, said his work was purely academic.

“We have written advice from our lawyers stating that our research is within the legal realm,” he said.

Simon Bransfield-Garth, the chief executive of encryption software firm Cellcrypt, said: “The code that has been cracked is for the 21-year-old 64-bit A5/1 GSM algorithm. In 2007 the GSM Association developed a 128-bit version, A5/3. However, most network operators have not invested to make the required upgrade.”

This story has been viewed 2380 times.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top