GSM : listen in to a call while it is still at the ringing stage ...

Barry Wels b.wels at nah6.com
Wed Sep 3 18:06:16 EDT 2003 

http://www.eetimes.de/at/news/OEG20030903S0018

GSM Association downplays mobile security concerns

von John Walko
September 3, 2003 (4:13 p.m. GMT)
 
   
LONDON - The GSM Association is playing down concerns raised by a team
of Israeli scientists about the security of GSM mobile calls. The
researchers, from the Technion Institute of Technology in Haifa,
revealed they had discovered a basic flaw in the encryption system of
the GSM (Global System for Mobile)specification, allowing them to
crack its encoding system.

The GSM Association, which represents vendors who sell the world's
largest mobile system, confirmed the security hole but said it would
be expensive and complicated to exploit.
 
Eli Biham, a professor at the Technion Institute, said he was shocked
when doctoral student Elad Barkan told him he had found a fundamental
error in the GSM code, according to a Reuters report on Wednesday
(Sept. 3). The results of the research were presented at a recent
international conference on cryptology.

"We can listen in to a call while it is still at the ringing stage,
and within a fraction of a second know everything about the user,"
Biham told the news agency. "Then we can listen in to the call."

"Using a special device it's possible to steal calls and impersonate
callers in the middle of a call as it's happening," he added. GSM code
writers made a mistake in giving high priority to call quality,
correcting for noise and interference and only then encrypting, Biham
said.

The GSM Association said the security holes in the GSM system can be
traced to its development in the late 1980s when computing power was
still limited. It said the particular gap could only be exploited with
complex and expensive technology and that it would take a long time to
target individual callers.

"This [technique] goes further than previous academic papers, [but] it
is nothing new or surprising to the GSM community. The GSM Association
believes that the practical implications of the paper are limited,"
the group said in a statement.

The association said an upgrade had been made available in July 2002
to patch the vulnerability in the A5/2 encryption algorithm.

It said any attack would require the attacker to transmit distinctive
data over the air to masquerade as a GSM base station. An attacker
would also have to physically stand between the caller and the base
station to intercept the call.

The researchers claimed they also managed to overcome the new
encryption system put in place as a response to previous attacks.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list