Computer security researchers say they have cracked the encryption algorithm used to protect most cell phone communications, potentially allowing attackers to listen in on the calls of billions of individuals.
Researchers Karsten Nohl and Chris Paget demonstrated the flaw Sunday in a presentation called “GSM: SRSLY?” at the Chaos Communication Conference in Berlin.
Phones running Global System for Mobile Communications (GSM), a standard communications technology used for transmitting mobile voice and data services, are affected, according to the researchers. There are approximately four billion GSM phones worldwide, representing approximately 80 percent of the world’s mobile market. In North America, there are more than 299 million GSM phones in use, statistics show.
GSM networks use encryption to scramble communications and make it difficult for criminals to intercept and eavesdrop calls, a spokeswoman at the GSM Association, an industry association representingmobile phone makers and operators, told SCMagazineUS.com on Tuesday in an email. Most GSM networks use the A5/1 cryptographic algorithm, which was first developed in 1987, to protect communications.
But Nohl and Paget said their research proves that with a few thousand dollars and widely available open-source tools, A5/1 GSM encryption can be cracked, allowing an attacker to listen in on phone calls.
An attack of this nature would be illegal in many countries, including the United States, but the researchers said that A5/1 GSM encryption is already “constantly being circumvented by intelligence, law enforcement, and criminals.”
A5/1 was first shown to be insecure in 1994 and has since faced considerable scrutiny from the academic community, Nohl and Paget said in their presentation. All of the previous attempts to crack the encryption algorithm, however, were either not made public or were not deemed practical. With their research, Nohl and Paget intended to publicly demonstrate that GSM encryption is insufficient.
As a result of their findings, the researchers argued that GSM’s security “must be overhauled.”
The GSM Association, however, said the researchers of the A5/1 GSM hack have “underestimated its practical complexity.”
“We consider this research, which appears to be motivated in part by commercial considerations, to be a long way from being a practical attack on GSM,” the GSM Association spokeswoman said. “A5/1 has proven to be a very effective and resilient privacy mechanism.”
The GSM Association has developed a new privacy algorithm, called A5/3, which is said to be much stronger than A5/1, she said.
“This new privacy algorithm is being phased in to replace A5/1,” the spokeswoman said.