User: Password:
Subscribe / Log in / New account



Posted Jan 7, 2010 23:47 UTC (Thu) by Nimos (guest, #62863)
In reply to: UMTS by quotemstr
Parent article: GSM encryption crack made public

It's very easy for IT armchair experts to just say "use AES" because it is proven, but little consideration is given to the computing complexity of telecommunication systems.
We are not talking about a simple web or SSH server here, but network equipment that continually encrypt/decrypts thousands of sessions simultaneously. If complicated algorithms and keys are used, the processing power would be astronomical and a pratical implementation not feasible. Processing power of mobile devices also needs to be taken into consideration although they have increased massively, but the network side often gets forgotten.

UMTS also has network authentication, integrity protection and 128 bit keys, which is also a big improvement on GSM. There is also a stronger UMTS encryption algorithm that is based on the SNOW 3G cipher, but many devices don't support this.

Interesting in LTE, the two ciphers in the stardard initially are SNOW 3G and AES.

(Log in to post comments)


Posted Jan 8, 2010 13:42 UTC (Fri) by anton (subscriber, #25547) [Link]

With a well-designed protocol the content is encrypted end-to-end and the provider does not need (and ideally should not be able to) decrypt it. So the provider only needs to decrypt some meta-data, which is not that much. Also, AFAIK AES is designed (and was selected) to be cheap to encrypt and decrypt. The chances that the UMTS designers found something significantly cheaper that's as secure are very small.


Posted Jan 8, 2010 15:08 UTC (Fri) by anselm (subscriber, #2796) [Link]

This is well and good from an end-user's point of view, but of course the last thing that mobile communications systems are supposed to do is provide arbitrary thugs with communication methods that law enforcement cannot intercept and decrypt (and free with the basic service at that). The nice thing about the present system, from the point of view of law enforcement, is that communications are only encrypted on the air, but available for interception in the clear from where they enter the backbone network.

So if the thugs want to communicate securely, they will need to provide their own end-to-end encryption, without help from the network operators. As far as the operators are concerned, this isn't a problem as long as their protocols are secure enough to prevent things that eat into their revenue, such as large-scale fraud by users impersonating others for billing purposes.


Posted Jan 8, 2010 16:05 UTC (Fri) by anton (subscriber, #25547) [Link]

The priorities of the NSA are not necessarily the priorities of the mobile providers and their paying customers. However, the ideal of not being able to decrypt the messages in the middle with an ordinary mobile phone is probably hard to attain, because there is no end-to-end authentication, so I don't see how man-in-the-middle attacks could be detected. Hmm, the SIM cards could identify themselves, and so one could detect a change in SIM cards after the first time one has had a call to that number; so the man-in-the-middle would have to be there from the start to avoid getting noticed (but that assumes that the NSA does not have the data necessary for faking this identification). So yes, if citizens value their privacy, they have to do end-to-end encryption themselves, do their own key management, and they have to be sure they can trust their encryption device.

If a provider conspires with the NSA (or similar organizations) to subvert the privacy of their paying customers, then decrypting and reencrypting the connection will be the least of the costs that is incurred in that action: They have to pay for some human or voice-recognition computer to understand what was said, and either of these options will be more expensive than decrypting and re-encrypting the connection.

Your use of "thugs" for citizens who value their privacy appears to come from the idea that innocent citizens have nothing to hide. Do you wear clothes in warm weather? Do you have curtains in your home? If yes, why? Do you have something to hide?

Why do you think that users impersonating others will eat into the provider's revenue (especially if all the providers have that problem)?


Posted Jan 8, 2010 16:28 UTC (Fri) by anselm (subscriber, #2796) [Link]

Your use of "thugs" for citizens who value their privacy appears to come from the idea that innocent citizens have nothing to hide.

Read again. That was from the point of view of the non-endusers.

If it was up to me I'd let everybody communicate securely. However, unfortunately neither the government nor the mobile operators have seen fit to consult me for my opinion. Quite on the contrary -- over here in Europe they're busy building a large infrastructure based on the assumption that everybody is a potential criminal, hence everyone's use of telecomms (phone calls, SMS, e-mail, ...) must be monitored and stored for an extended period of time for the benefit of the police and assorted three-letter agencies. It was all the German Constitutional Court could do to keep them from exploiting the data to try to identify, e.g., traffic transgressors and Internet downloaders here in Germany, pending a more thorough judicial review.


Posted Jan 11, 2010 12:17 UTC (Mon) by marcH (subscriber, #57642) [Link]

> If a provider conspires with the NSA (or similar organizations) to subvert the privacy of their paying customers,...

This is only one type of interceptions the NSA might be interested in. But it is also also very interesting for the NSA to have weak air encryption by default, because 1) it leaves no traces at the provider, or 2) it allows eavesdropping on ANY provider, even a not friendly one. See the Crypto AG scandal for an example of what the NSA is capable of.

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds