IBM report cites cell phone hacking risks

M Taylor mctaylor at
Wed May 8 11:06:58 EDT 2002

IBM report cites cell phone hacking risks 
By Robert Lemos 
Staff Writer, CNET
May 7, 2002, 4:45 PM PT

IBM researchers released a report Tuesday showing that some cell phones' 
security cards could be cloned in minutes, letting hackers make calls and 
route charges to the cloning victim's account. 
The hacking technique studied by the researchers, known as a partitioning 
attack, analyzes power fluctuations in a phone's security identification 
module (SIM) card, allowing an attacker to divine the security codes stored 

However, the technique only works on the first-generation of global system 
for mobile communications (GSM) phones and requires that the attacker have 
physical access to the phone for at least a minute or two. 


The technique, to be outlined in a paper that will be presented at the IEEE 
Symposium on Security and Privacy next week, requires a computer, a SIM card 
reader and the right program. The program asks the target card seven specific 
"questions," and it analyzes the signals from the card to determine how it's
processing the queries. By analyzing the electromagnetic field changes and 
power fluctuations, the researchers can divine the card's cryptographic 


Once a card is cloned, the password, generally a four-digit PIN, is 
necessary to unlock the information. Yet, a thief could easily try all 
10,000 combinations with the newly cloned card. 


The paper appears to be,
Partitioning Attacks: Or How to Rapidly Clone Some GSM Cards 
Josyula R. Rao (IBM Watson Research Center), Pankaj Rohatgi (IBM Watson 
Research Center), Stephane Tinguely (EPFL, Lausanne),  Helmut Scherzer (IBM 

to be presented at the 2002 IEEE Symposium on Security and Privacy.

M Taylor

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list