back to article Hackers crack crypto for GPRS mobile networks

A cryptographer has devised a way to monitor cellphone conversations by exploiting security weaknesses in the technology that forms the backbone used by most mobile operators. Karsten Nohl, chief scientist of Berlin-based Security Research Labs, said the attack works because virtually all of the world's cellular networks deploy …

COMMENTS

This topic is closed for new posts.
  1. Bob H
    Flame

    Dear Network Operators

    Sort it out!

    They've had more than a decade to get their ducks in a row and haven't done nearly enough to protect their networks.

    1. Velv
      Big Brother

      Encryption

      If the network operators do "sort it out", how many governments around the world are going to ban mobile phones as they can no longer listen in whenever they want?

      1. Gerhard Mack
        FAIL

        @velv

        The call is decrypted once it hits the carrier's network anyways so it can be monitored no matter what encryption is used between the cell tower and phone.

    2. Helena Handcart
      Mushroom

      Buzzword bingo

      Indeed! These companies should be singing from the same sheet to leverage the synergy created by a performant globalization of best-of-breed services, and industry standard best practices, all hammered out in a whitepaper.

    3. Ammaross Danan
      Coat

      Encryption

      Likely, the "feature phones" or the even dumber ones would lose battery life having to encrypt/decrypt 128+bit comms. Perhaps this is a way to mask the battery drain from having signal towers too far apart?

  2. Anonymous Coward
    WTF?

    Oh noes!

    Now the News of the Screws will find out about my 'Uh dear I'm on the train, be home soon' calls. The world is about to end....meh!

  3. bh
    Big Brother

    not their fault....

    seem to remember governments insisted they made it weak to make it easier for them to intercept calls...

  4. Chris Miller

    Monitor cellphone conversations

    My reading of the article is that he claims to have broken the GPRS *data* service. So unless you're using it for VoIP traffic, this has nowt to do with voice interception. GSM remains just as vulnerable as before ;)

    1. Dave 64 Silver badge

      VOIP

      And if you're using something like Skype, then the VOIP traffic itself should be heavily encrypted anyway

      1. This post has been deleted by its author

      2. Archimedes_Circle
        Mushroom

        Not Really

        Skype's encryption may be secure but their implementation is still vulnerable to a sidechannel attack analyzing outgoing bitrates, and it's a fairly simple analysis at that

        http://www.esecurityplanet.com/news/article.php/3930886/Side-Channel-Attack-Beats-Skype-Encryption.html

        Edited for exhaustion induced errors

  5. Piloti
    WTF?

    Now, really... ?

    I was under the impression that GPRS essentially used GSM authentication. Meaning, a GSM or circuit switched connection was made first, 'through' the HLR and the AUC [Authentication Centre]. a GPRS PDP Context is made, after this, either on demand or 'permanently', but, none the less, on the back of the GSM.

    Or am I pudding ?

  6. Dazed and Confused

    Governments don't need to decrypt it.

    When the gubberment want to know what you're doing on the phone they ask the mobile operator to intercept the calls. They don't need to listen in to your mobile and decrypt the over the air traffic. That is Vodorange2's job, they hand over the clear voice to the "authorised" dept.

    The GSM encryption is only for over the air traffic, it isn't end point to end point.

    There used to be a rumour that GSM in France wasn't encrypted since the French didn't used to allow any form of encryption.

    The problem the operators face is that no encryption system should be viewed as safe. Properly implemented quantum might well be, but that relies on the proper implementation. Lets face it the German enigma system was unbreakable by 1940s technology, but the actual implementation and usage punched great big wholes that could be exploited. Anyway, any encryption system should be seen as having a finite life. You have to be prepared to move on. Sufficient flexibility needs to be built into all the hardware, and that would include your phone, to allow for regular upgrades to the security. I've no idea whether that was taken into account when the GSM standard was written. But it is usually the weakness.

  7. Uberseehandel
    IT Angle

    This Is A Non Story

    The idea that somebody is publishing a report in 2011 on cracking GSM/GPRS/UMTS security in cetral Europe is a joke, and everybody who takes it at face value is being duped.

    I'm not giving away any secrets when I say that back in the 90s, there was an agreement between the Federal authorities and the MNOs that encryption over the network would be 'crippled', so that 'government agencies' could decrypt in real time, without access to the network infrastructure.

    The real story is one of collusion between Governments and Operators, this 'scientist' should be nominated for an ignoble.

  8. NoneSuch Silver badge
    Thumb Down

    Any "Official" encryption standard...

    ...can be read by the government with ease. This is why RIM is being given such a hard time as their encryption was not designed by the NSA and therefore reasonably secure.

  9. Anonymous Coward
    FAIL

    GPRS != Calls

    Ummm, GPRS as in General PACKET Radio Service

    That would be the data services then not your calls, unless you want to try some really crappy VoIP over that kind of connection.

    So they can snoop on your browsing traffic, hey welcome to the Internet, you are using SSL for the important stuff right?

    Get it right Reg.

  10. Anonymous Coward
    FAIL

    Author should get his facts checked

    GPRS is a data service and transmission protocol, therefore breaking or intercepting it does not allow one to intercept or "peek" on calls. It merely allows you to capture data traffic and probably MMS messages, at best.

  11. Tom Richardson

    GPRS != your conversations

    Cracking GPRS allows you to intercept people's data, not their conversations.

  12. Alan Brown Silver badge
    WTF?

    Why would...

    ... "government entities" need to listen in, unless they're doing it illegally?

    Legal intercepts are done at the switch. Court orders for such usually come with a gagging clause preventing disclosure of the existance of an order, or an intercept.

    If the grumble mill is accurate about the reasons for weak cyrpto this raises a whole barrel of worms about human rights issues and state entites exceeding their authority.

  13. Buzzby
    Big Brother

    Old News

    Unfettered access to the UK telephone network has been available to the spooks for a long while now. I cant see how the same access is available from the mobile operators. I would reckon it would be a condition of the operators license.

  14. Anonymous Coward
    Stop

    Look at History

    If you go back to the history of the GSM networks developing out of the analogue ones it was interesting. The analogue mobile phone networks were completely unencrypted. When the GSM standard was being drawn up we were still in the tail end of the cold war. Germany lobbied hard to have strong encryption on GSM, France and Britain lobbied hard for only weak encryption. It was believed at the time that Germany lobbied for strong encryption to stop the Eastern Bloc from listening in on phone messages. France and Britain won. No one has bothered to try and change this since, probably because of government intervention.

  15. Trevor 7

    He is gonna do that at a German event

    Doesn't Germany have the laws about providing tools that could be used to do hacking?

    I would think of another venue to reveal and release that information.

  16. John Smith 19 Gold badge
    Boffin

    A few pointers

    GPRS is a *data* transmission standard separate from voice. it is one (of lots) of standards within the whole GSM standards package.

    In the 2nd decade of the 21st century it is p**s poor that *all* subscriber data channels on *all* networks are not encrypted.

    How serious this is to any *real* subscriber depends on what services rely on GPRS for delivery and how much encryption they apply *before* their data goes into it, and how easily it would be to shift to another delivery mode by sliding in a different element in the protocol stack (you did implement your app as a layered architecture, didn't you). I'm not sure what does use it IRL.

    *All* GSM neworks have tapping by *authorised* users built into the network standards. Who "authorised" is depends on that countries record on observing human rights. Hopefully there would be some kind of *legal* oversight and audit trail.

    This looks like yet *another* case where the GSM standard relies on "Security by obscurity," which has worked *so* well all the other times the network operators have depended on it in the past. See previous El Reg articles.

    And in case anyone thinks I don't think this is a big thing let me repeat that In the 2nd decade of the 21st century it is p**s poor that *all* subscriber data channels on *all* networks are not encrypted.

    1. Anonymous Coward
      Anonymous Coward

      MNO - Government Agreement

      Back in the Nineties, it was agreed that the x-most significant bits used to encrypt mobile phone comms would be set to 0.

      Consequently, governments did not need to ask the MNOs for access to their network, they could decrypt in real time by processing the external intercepts.

      Any real German academic would know this (to paraphrase Molesworth)

  17. Anonymous Coward
    Anonymous Coward

    2 basic points

    Nobody can convince me that GSM operators doesn't "play stupid" to be nice to governments and military. A state of art system also doesn't check the "operator tower" identity too... Who needs terabytes of tables? Just set own tower! All those advanced smart phones will pick it not because they are stupid, it is just not in standard.

    Solution is cheap but complex. Use a VPN. Complex part is "trust" and it is not technical. Do you trust that VPN provider? Do you trust your ISP? (if you set own vpn at home).

    On the bright side, if you want to fool yourself and lazy... If some organisation is after you to pick your gprs signal or set a fake tower, you are way into deeper issues... Enjoy your remaining life :)

This topic is closed for new posts.

Other stories you might like