One Leg of GSM Encryption cracked!


We have heard a lot that GSM is vulnerable to many attacks due to its 64-bit algorithm which cannot save it for long. However, till now no such big incident of cracking took place despite the fact that GSM is the most popular protocol for wireless communications and has been in use by billions of people. But here is a break, a security researcher (Nohl) is trying to build a table which will crack the GSM algorithm and here what he claims is that his efforts to crack GSM frequency hoping algorithm have succeed.

The purpose to spread the word is to make the carriers realize the importance of security in mobile networks. The researcher is publicizing a brute-force attack which when combined with GSM frequency selection algorithm can be used to create an easy and cheap procedure for eavesdropping on the phones which means the attack could be used to tap the call unnoticed.

GSM has two portions of its security, first is the algorithm and second is obscurity part. GSM uses a 64-bit algorithm known as A5/1. In 3rd generation network i-e 3G , the algorithm uses 128-bit known as A5/3 which is an improved form and is assumed to be safe and strong form of security. Now, the researcher has presented a method to make the first portion i-e algorithm part vulnerable to attacks. As mentioned earlier, we haven’t heard of a breach in the life of GSM and this is probably due to its second portion of the security i-e obscurity part.

There are two issues in the proposal. First, the table , which the researcher calls as ‘rainbow table’ which will be used to reconstruct the encryption keys, is much intense when it comes to computation. Second, the table takes a lot of space. However, the researcher (Nohl) seems to have tackled both.

With all that said, it is interesting to see the response from mobile industry seems like “We are not at all impressed”. GSM Association seems to tell everyone that this work is all theoretical and is not a threat to the widely used protocol. It seems unlikely to have a response from the industry unless the theory is translated to wild attack on the mobile networks.

Follow us on Twitter @TechSkipper

Write an email to the author of this post at

, , , , ,

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>