Sometimes its ridiculous how the most common (and important) technology in our daily-life is vulnerable to kinds of attacks that could bring nightmares. Still, no one is aware, no one is doing anything. Such is the Case of Today’s GSM — The most popular Cellphone Technology.
Every year, some hacker comes out and breaks something crucial to us, which makes us and authorities learn it the HARD WAY, “We are not safe”.
If you ever went to the DEFCONs, you know what I’m talking about. These guys can take down a military of servers down in couple of hours. They can hack anything from a conventional “lock” to GSM phones.
This year was no exception. Karsten Nohl, a PhD candidate from the University of Virginia gave quite a talk. He wants to generate a rainbow table that will decipher GSM (AT&T and Tmobile) phone calls. A rainbow table is basically a look-up table that could speed up password cracking for almost anything by factor of 10x or even more.
To generate the table, we choose a random set of initial passwords from P, compute chains of some fixed length k for each one, and store only the first and last password in each chain. The first password is called the starting point and the last one is called the endpoint. In the example chain above, “aaaaaa” would be the starting point and “kiebgt” would be the endpoint, and none of the other passwords (or the hash values) would be stored.
These hashes are then used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function.
Whether To DO or NOT to?
Nohl might have declared this publicly, but it has raised a concern among the authorities. Should such attacks be publicized?
If this is allowed, the cellular systems will be fully hacked within 6 months. Analysts appear to be concerned. They are saying methodology required to crack GSM encryption has been available for 15 years. Cellcrypt CEO Simon Bransfield-Garth mentioned:
“Everybody has known for quite some time that a theoretical hack of GSM existed. This news means that the theoretical risk will become a very real one within the next six months.”
Stan Schatt, Vice President and Practice Director, Healthcare and Security at ABI Research pointed out:
“Potentially this news could have as profound an impact on the cell phone industry as the breaking of WEP encryption had on the wireless LAN industry.”
The Dark Secret of GSM
The cryptographic protection is but a small part of the 130 volumes and over 6,000 pages which make up the GSM standard. Unfortunately, the cryptography was designed in secret and is still kept secret, provided to individuals at smartcard and cellphone manufacturers on a “need-to-know”‘ basis.
“As shown so many times in the past, a design process conducted in secret and without public review will invariably lead to an insecure system,” says Marc Briceno, Director of the SDA. “Here we have yet another example of how security by obscurity is no security at all.”
The origin of the breach was when the SDA (smartcard developer association), while designing a smartcard, discovered the cryptographic algorithms used inside the SIM’s and cellphones. The SDA first verified that the algorithms were accurate. The exact details of the algorithms were not known to the public but the verified algorithms matched the facts that were publicly known. Next the SDA brought in David Wagner and Ian Goldberg, researchers in the Internet Security, Applications, Authentication and Cryptography (ISAAC) group at the University of California, Berkeley. Within a day, Wagner and Goldberg had found a fatal cryptographic flaw in COMP128, the algorithm used to protect the identity inside the SIM. They created a system to exploit the flaw by repeatedly asking the SIM to identify itself; by processing the responses they were able to extract the secret from inside the SIM.
“There’s no way that we would have been able to break the cryptography so quickly if the design had been subjected to public scrutiny”, says David Wagner. “Nobody is that much better than the rest of the cryptography research community.” David Wagner was previously known for his work on the breach of CMEA, a cipher used in digital cellphones. As in this case, the cryptographers who did the work on CMEA blamed the design process for the insecurity of the system.
The BIG Impact
Today, there are billions of people using GSM phone technology. So, cracking GSM encryption has BIG concerns underneath.
What’s at stake if GSM-encrypted traffic is no longer secure?
- Loss of Privacy over Voice Calls – Any damn GSM call can be intercepted. This means everything.
- Jamming calls – Today, Jammer’s do exist but new kind of jamming technology can be introduced that can take down communications in larger areas.
- Financial institutions that use text messages as authentication tokens would be in trouble.
- Business – Almost all Business end-customers will be impacted, the potential loss to the business could touch billions.
- PDA and Smart-phone IP Traffic – Users that surf web, use internet over their phones for Business EMail will no longer be secure.
Why Nohl wants this move?
As a cryptography expert, Nohl understands this. He explained-
“We’re not creating a vulnerability but publicizing a flaw that’s already being exploited widely. Clearly we are making the attack more practical and much cheaper, and of course there’s a moral question of whether we should do that.”
It’s not just that he’s the first one to do it. GSM had been hackable since decades. There are devices, today, capable of cracking GSM encryption, though expensive. Nohl plans on offering the solution for free and that’s what could bring trouble.
Now the questions goto the GSM consortium, Telcos –
- If GSM encryption is vulnerable, why haven’t the telcos/GSM done anything about it?
- Why does people like Nohl have to come and show trigger to GSM authorities to get it fixed? Why can’t they fix it, when they know about it!