GSM eavesdropping

Frank A. Stevenson frank at
Mon Aug 2 11:38:17 EDT 2010

On Mon, 2010-08-02 at 11:02 -0400, Bill Squier wrote:
> "...In his presentation at the Black Hat Conference, German GSM expert Karsten Nohl presented a tool he calls Kraken, which he claims can crack the A5/1 encryption used for cell phone calls within seconds."

A quick list of bullet points on what is new here:

* 2TB (1.7 compressed) of GSM A5/1 rainbow tables have been created
* These tables leverage the fact that A5/1 suffers from "keyspace
convergence". After the initial 100 warm-up clockings, only 16% of the
keyspace remains valid.
* The rainbow tables only sample the converged space, such samples are
equivalent to sampling all of the on average 13 initial states that
converge to the sampled point.
* Efficient ATI GPU code has been written, that allowed us to compute
the tables in 8 "GPU months", and were effectively completed in just 4
weeks, using 4 computers and 850kWh of power.
* Depending on the random access speed of the storage medium, 64 bits
keys for a particular conversation can be cracked in minutes or seconds.
* We have made all software and the tables freely available.

Frank A. Stevenson

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list