Weekly Edition
Return to the Security pageRecent Features
| |||||||||||||
Open-Source Effort to Hack GSM (IEEE Spectrum)
IEEE Spectrum
reports on an effort to hack the GSM mobile phone standard.
"Karsten Nohl, chief research scientist with H4RDW4RE, a Sunnyvale, Calif.-based security research firm, is mounting what could be the most ambitious attempt yet to compromise the GSM phone system, which is used by over 3 billion people around the world. Others have cracked the A5/1 encryption technology used in GSM before, but their results have remained secret. However, Nohl, who earned a Ph.D. in computer science at the University of Virginia and is a member of Germany's Chaos Computer Club (CCC), intends to go one big step further: By the end of the year, he plans to make the keys available to everyone on the Internet."
(Thanks to Evgeny Stambulchik).
(Log in to post comments)
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 3, 2009 21:48 UTC (Thu) by mattaw (guest, #24923) [Link]
Why would that be a good idea? The environmental cost of replacing all the mobile equipment would be huge and unfeasible, especially in nations with limited resources. If they broke the encryption and then decided it was dangerously easy or bad releasing it might be a good idea, and only after you have had the courtesy of informing the users.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 3, 2009 22:27 UTC (Thu) by clugstj (subscriber, #4020) [Link]
If the whole of the system depends upon one secret key, then I'd say it is a very bad system.
The "environmental cost"? WTF?
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 3, 2009 23:35 UTC (Thu) by tetromino (subscriber, #33846) [Link]
> The "environmental cost"? WTF?
If the GSM operators cannot easily replace the encryption algorithm, many of the phones with the old algorithm will likely end up as junk. Not many countries have adequate electronics recycling facilities and populations that are law-abiding enough to actually use those recycling facilities. So hundreds of millions of cell phone worths of toxic chemicals will end up in landfills and incinerators.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 0:18 UTC (Fri) by drag (subscriber, #31333) [Link]
It's a good idea because right people foolishly trust the security of
mobile phones. A person can go on and on and tell people that GSM security and DRM is a joke and the only purpose in it's existence is to make it easy to charge subscription fees for services and it's not designed to be secure or protect you in any real manner.
Once it's cracked wide open then people will hopefully realize that if they
I mean it's cracked and insecure right now. The problem is that since the
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 1:44 UTC (Fri) by wahern (subscriber, #37304) [Link]
demonstrable
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 11, 2009 16:29 UTC (Fri) by cry_regarder (subscriber, #50545) [Link]
demonstrable - possible to remove the monsters from. demonstrate - to remove the monsters
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 16:42 UTC (Fri) by cyd (guest, #4153) [Link]
The original poster was arguing that the cost (to society) of replacing legacy equipment outweighs the benefit of moving to a more secure standard. You can argue against that, but your comment instead focuses on security as though security is worth obtaining at any cost, no matter how high. That's not reasonable.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 9:13 UTC (Fri) by dgm (subscriber, #49227) [Link]
Do you realize that all those phones are going to end up as junk anyway? It's my perception that cell phones last two years on average, with that time diminishing with each generation.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 9:50 UTC (Fri) by michaeljt (subscriber, #39183) [Link]
Just so I can disagree with both OPs :) I suspect that a) there are many many mobiles in less-well-off places that are likely to be in service for much longer than two years. These are probably also the places where "clean" disposal of the devices is unlikely. But in my opinion, the owners of these phones are probably not going to start ditching them because the GSM encryption has been cracked and the crack is publicly available. I suspect that for many of them, privacy of their communications against small hackers (the large ones have other means at their disposal anyway) is low on their list of priorities, because they won't think those hackers are that interested in what they are saying.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 13:36 UTC (Fri) by mjr (guest, #6979) [Link]
Indeed. The readers here very likely overgeneralize from themselves how much people actually care about security. Those who do care? Not relying on GSM security already.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 10:31 UTC (Fri) by Los__D (guest, #15263) [Link]
Because they break, or because the owner wants something new?
Most people that I know, doesn't really buy a new device because they need them, but because they want them (I'm the strange one here, my phone is almost 4 years old, but is also starting to show signs of that, so a new one is finally on the way)
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 3, 2009 23:10 UTC (Thu) by jimwelch (guest, #178) [Link] From the Article or Summary: "Others have cracked the A5/1 encryption technology"!Therefore GSM is already broken, if it is out in the open, more reason to fix it. Wiki:
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 3, 2009 23:38 UTC (Thu) by bangert (subscriber, #28342) [Link]
> The system supports multiple algorithms so operators may replace
> that cipher with a stronger one.
sure, but the mobile needs to support it (first).
generating publicity around this issue may actually establish awareness.
However, changing the algorithm does not fix the much bigger problem.
this flaw has been fixed for both GPRS and UMTS.
[¡] http://laforge.gnumonks.org/weblog/2009/10/27/#20091027-
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 11:06 UTC (Fri) by tialaramex (subscriber, #21167) [Link]
The reasons we don't have IPv6 and DNSSEC are different, from each other and from this example.
We don't have (widespread) IPv6 because there's no economic argument to ever deploy it. IP is the sewers. Every individual dumping their waste into an unlined pit, a tributary or the Thames itself was dimly aware that this contributed to the sickening stench and wave of illnesses - but they had no incentive to stop. If they stopped they'd have nowhere to dispose of waste, and nobody else would stop so they'd still have to put up with the stink and sickness. The government had to step in and build London's sewers with public money (and it arguably only did that because the Parliament building is next to the river).
We don't have DNSSEC because the root isn't signed. That was politics. DNSSEC creates a global PKI and somebody gains a great deal of potential power in the process. Once that (large) obstacle is overcome, it sells itself. The last draft timetable I've seen has a root DNSSEC deployment during 2010, with real keys installed after the infrastructure is proven in mid-2010.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 11:43 UTC (Fri) by Cato (subscriber, #7643) [Link]
Congratulations, that's the most bizarre anti-IPv6 argument I have ever seen... if it is anti-IPv6 - it's really hard to tell.
However, the exhaustion of IPv4 address space in about 2011 will have some impact (i.e. a lot) on IPv6 takeup.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 13:20 UTC (Fri) by nix (subscriber, #2304) [Link]
I think he's saying that when we run out of address space there will be a Great Stink over it and everyone who can afford it will move out of the Internet to their little BBS houses in the country while they rip up the roads and build sewers (even though we already *have* Slashdot). Hopefully they'll dump the spammers into them at the same time.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 19:20 UTC (Fri) by petegn (guest, #847) [Link]
Well theres money on the 2011 time scale being totally false and yet another prime example of FUD
IPv4 exhaustion Posted Dec 4, 2009 20:29 UTC (Fri) by tialaramex (subscriber, #21167) [Link]
No, it wasn't intended as an anti-IPv6 argument, nor a pro-IPv6 argument. I use IPv6 here, and I worked for years on an IPv6 project. But I'm a realist, I have not been blind to the fact that my ISP is still saying that IPv6 is an "interesting future technology" that they're "keeping an eye on" rather than something they're actually incorporating into their decision making by e.g. giving customers IPv6 capable routers.
Exhaustion probably won't happen in the spectacular way people often imagine. What will happen / is happening is transition to a new address management regime. It may be that this regime is obnoxious enough to trigger an instant migration to IPv6. That's one of a number of very unlikely possibilities that has been considered.
Basically at "IANA exhaustion time" five remaining /8s are allocated to the RIRs (one for each region) and IANA ceases to function as a source of new addresses. This is currently expected to happen in 2011. That's the first big transition event. Some months after that, in the natural course of operations at the RIRs, one of them will run out of addresses. Unable to request more from IANA, it will have to terminate its new allocation function as IANA did, and the LIRs it delegates to will no longer be able to obtain fresh addresses.
The RIRs have developed policies for this new era, or regime. They will permit holders of existing allocations to transfer (read: sell) them to new users. The RIRs will simply track the paperwork. So instead of asking their RIR for a block of addresses, LIRs would enter into (commercial) negotiations with other LIRs to transfer their free space. We don't know if this makes sense, and we won't know until exhaustion occurs.
The long term problem for IPv6 (and thus for everyone using the Internet indirectly) is that it's always incrementally cheaper to find a way to get along with IPv4. Each individual decision will be completely rational, but the resulting whole is insane. ISPs just don't have the long term vision needed to see that this is a bad idea and spend /their/ money now, on solving everyone's problems tomorrow.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 11:07 UTC (Fri) by drag (subscriber, #31333) [Link] The ultimate practical solution, unfortunately, is just to ignore it and if you care about having a secure link between two individuals then you use Peer-2-Peer encrypted VoIP tunnel. Education is very important.If it becomes a problem with people hacking into phone networks and casing disruptions then the phone companies will end up fixing GSM in some meaningful way. The only thing is whether you can establish a business case for fixing problems... the negative costs have to outweigh the cost savings you get by simply ignoring the issue. A example of this is credit card fraud. There is credit card fraud and 'identity thieves' that do target people and companies. There are lots of well known ways to work around and dramatically limit this fraud, but it's now to the point were you have diminishing returns. That is they have just put enough effort into fixing the holes in the system to were the cost of the fraud is less then fixing the system... so it's not really going to get better unless it gets much worse. ------------------ Everybody has to deal with the same issues with meeting people in public, walking down the street, using http, using ftp, email, etc etc. Real secure communications has a lot of overhead, and not just in terms of CPU or system resources, but in terms of the technical requirements and knowledge that a user must have. Having general knowledge of encryption schemes and how to exchange keys securely or whether or not you should trust a certificate authority and why that is important is not something that is easy to grasp or get right. And like everything else it's going to be difficult to 'fix' the telephone system to the point were you can really trust it. What makes it worse not just industry trying to avoid costs.. it's government. Governments do not want people to have the ability to securely communicate with other individuals. They want to have back doors and holes and ways to eavesdrop in a effective and inexpensive manner. This means that in most places, including USA, there is government requirements for built-in insecurity. Besides obvious things like providing for wiretaps and intelligence gathering efforts.. Like most people I am sure that you've noticed that it is a big problem that governments have with cell phones during civil unrest or whatever. Despite most government's attempts to restrict information it is now possible for individuals to get the word out. It's very easy when all you had to deal with was identifiable corporations running radio stations or newspapers.. but when you have individuals taking the initiative to post news and information from their cell phones or other mobile devices then it's almost impossible to filter information and try to control public and international opinion. The word would get out one way or another. So it's going to be big business, if it is not already, for the government (whatever one you happen to live under) to have the ability to not only have a 'kill switch' and shut off all wireless access to cities and whatnot, but have the ability to track and monitor individuals so that they can do intimidation tactics to further restrict information leakage. It's a battle that governments can't really win, but as long as it can delay action by third parties for a few days or even a few hours then that is usually enough. Needless to say that if all you had to do was to design a fully encrypted system then that would be difficult enough.. but when you have to integrate support for all the restrictions your facing by law and you have to do it in a very cost effective manner, while preserving the ability to have backwards compatibility with existing systems, then it's going to be nearly impossible. I am a big fan of security disclosures.. especially when it comes to major infrastructure that people depend on in their daily lives like GSM radio, but I am just trying to say that besides fixing some low-hanging fruit (like using a better encryption scheme) I don't expect much real progress in fixing it. So basically having a 'secure pipe' is going to be up to parties participating in a phone call to setup on their own. With smartphones and IP access between parties then that should be quite achievable even if a bit unpleasant...
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 10, 2009 2:29 UTC (Thu) by BenHutchings (subscriber, #37955) [Link]
"sure, but the mobile needs to support it (first)."
Actually, no. One of the good things about GSM is that encryption and authentication are handled by the SIM, not the handset. This means an operator should only need to issue new SIMs, which are relatively cheap. (Also, most parts of GSM networks would not need to be upgraded to support new algorithms.)
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 10, 2009 11:16 UTC (Thu) by jonth (subscriber, #4008) [Link]
That's wrong. Authentication and key generation are handled by the SIM. Encryption is handled elsewhere - typically in dedicated hardware blocks, but in some chipsets with powerful DSPs, it's done in software.
So you might be able to improve the authentication process by replacing the SIM, but you can't replace A5/1 without replacing the handset. In the infrastructure, it's easier to do: they tend to be DSP dominated, so it's typically a software upgrade.
That's not to say you couldn't roll out a new encryption algorithm. The way to do it is to add it into the 3GPP standards, making it a mandatory feature in the UE. It would then take 1-2 years for this to make it into real-world products (both infrastructure and mobiles). In the developed economies, mobiles typically have a life of a year or two, so if you wanted to replace A5/1 with something else, then you could expect the system as a whole to be largely upgraded within 5 years.
However, GSM is largely an legacy backwater these days. All the major development work is in HSPA/HSPA+ and LTE. Network operators are more likely to simply turn off their 2G networks and reclaim the spectrum for 3G and beyond.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 16:26 UTC (Fri) by gmaxwell (subscriber, #30048) [Link]
"by the end of the year"
Translation: "With more than enough delay for someone to get an injunction against it"
I wouldn't be holding my breath! :) It isn't big news in any case; there are already devices available for sale that crack A5/1, the only question is the price.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 5, 2009 20:03 UTC (Sat) by laf0rge (subscriber, #6469) [Link]
it's hard to obtain an injunction against a distributed project where people anonymously compute partial rainbow tables and put them on bittorrent.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 6, 2009 4:15 UTC (Sun) by gmaxwell (subscriber, #30048) [Link]
Good point. That article was pretty uninformative. Anyone with a high end ATI or NVIDA GPU (and the associated drivers
) can contribute to this:
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 4, 2009 22:19 UTC (Fri) by clugstj (subscriber, #4020) [Link]
If all he is trying to do is to crack one session key (in several months), I don't see how much of a problem it would be for normal users. Do you really think that you can't already be wiretapped because the GSM traffic is encrypted?
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 5, 2009 20:01 UTC (Sat) by laf0rge (subscriber, #6469) [Link]
the question is: wiretapped by whom. sure, those who have legal authority to do so (law enforcement) can use the regular lawful interception features in the core network.
however, those who do so illegaly (organized crime, secret services in foreign countries, etc.) are only able to do so because the GSM industry is too lazy to fix long-known security problems.
This is unlikely to change without public pressure, which in turn can only be reached by doing practical demonstrations of what is already technologically possible for quite some time. Nobody will listen or believe otherwise.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 7, 2009 3:38 UTC (Mon) by jamesh (guest, #1159) [Link]
From my reading of the article they aren't trying to crack a single session key, but create the tables necessary to crack any session key.
The key that they aren't trying to crack is the SIM's secret key that is used to derive the session key. And if your aim is to eavesdrop calls rather than impersonate someone else's SIM then that is enough.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 7, 2009 18:26 UTC (Mon) by martinfick (subscriber, #4455) [Link]
Maybe I missed it, but where does open source come into play here?
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 7, 2009 23:20 UTC (Mon) by gdt (subscriber, #6284) [Link] Anyone else here troubled by the ethics of making a tool available to the public which will cause poor people for whom GSM is the only affordable communications technology to have calls which are insecure[1] against local eavesdroppers? Local eavesdroppers such as the local banditry. Anyone else here troubled by the thought that this distress for the poor is for the benefit of raising the public profile of some comparatively rich individuals? As someone else noted, this project isn't about open source, the reporter has confused open source with distributed public computation. Unlike open source, which has a strong ethical underpinning inherited from the free software movement, public computation lacks a moral underpinning. I would hope that the obvious evil of this project prompts the development of such a moral framework. I also hope that the obvious evil of the project limits the number of participants so that it cannot reach its goal. [1] Sure, it's already insecure in the lab. But I mean insecure in the field, where people have hired a ten minutes on a GSM phone and are conducting transactions with their produce purchasers and bank. In some countries just letting people know when you expect to sell your crop is an invitation to robbery that evening. GSM phone banking services offer security against that, a security which will now be removed.
Open-Source Effort to Hack GSM (IEEE Spectrum) Posted Dec 8, 2009 11:11 UTC (Tue) by nye (guest, #51576) [Link]
>Anyone else here troubled by the ethics of making a tool available to the public which will cause poor people for whom GSM is the only affordable communications technology to have calls which are insecure[1] against local eavesdroppers? Local eavesdroppers such as the local banditry.
You assume anybody actually cares. People happily used non-encrypted mobile phones for years without worrying about it, and it's pretty much only the nerdiest of people that consider the security of a system at all.
>I would hope that the obvious evil of this project prompts the development of such a moral framework. I also hope that the obvious evil of the project limits the number of participants so that it cannot reach its goal.
I don't think the project is an 'obvious evil', nor that framing it that way is at all helpful. Though the project may be misguided, it seems that the initiators believe that allowing the status quo to remain would be an 'obvious evil', and a greater one than breaking it - which no doubt they see as a temporary inconvenience necessary in order to make progress.
It's certainly not so black and white.
|
|||||||||||||