[iwar] Historical posting

From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999

Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"

fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

             Here is a article I found that seems to indicate that all is not well with regards to the GSM system. It may not be as secure as most mobile subscribers believe. Regards, Eoin

GSM Phone Hack Recovers Key In One Second 

 A paper by Alex Biryukov and Adi Shamir to be published soon outlines a 

 method to recover the key for an encrypted GSM conversation in less than a second using a PC with 128 MB of RAM and 73 GB of hard drive space.  The security of GSM phone technology a sieve. In 1998, Marc Briceno, Ian Goldberg and David Wagner demostrated that it was possible to clone GSM simcards. The hack occurred because the critical algorithms are flawed <./gsmhack.html> and it is possible to dump the contents of the simcard and emulate <./simcard.html> it using a PC. This latest problem could render GSM phone conversations totally insecure. The paper describes an attack which exploits subtle flaws in the algorithm which may have been apparent if the algorithm had been available for peer review. The GSM MOU had developed the algorithms in secret relying on the discredited "security by obscurity" approach. This approach is certain to guarantee that a failure in security will be a most public event. The attack analyses the out put of the A5/1 algorithm during the first two minutes of a conversation The attack uses the unofficial description of the A5/1 <http://www.scard.org/gsm/a51.html> algorithm, released in May 1999, that appeared on the Smartcard Developer Association <http://www.scard.org/> web site and on John Young's Cryptonym archive. While the existing attacks on the algorithm are feasible for large organisations, this new attack changes things. It brings the system into the range of ordinary hackers without significant technological resources. Indeed it makes the very idea of hacking GSM seem mundane. That, is a terrifying thing for the telephone companies that have used the security of GSM as a selling point to get subscribers to convert from the less secure analogue mobile phones. The smokescreen from the GSM MOU organisation has already started. Speaking to Declan McCullagh of Wired News, James Moran, the fraud and security director of the GSM MOU association claimed that "nowhere in the world has t been demonstrated -- an ability to intercept a call on a GSM network." It was also claimed by the same association that GSM was "designed to conform to the most stringent standards of security possible from the outset". I guess these people believe their own press releases because GSM was hacked because the algorithms and technology did not conform to the most stringent security standards possible.

 "Think of a computer program. Somewhere, there is one key instruction, and everything else is just functions calling themselves, or brackets billowing out endlessly through an infinite address space. What happens when the brackets collapse? Where's the final "end if"? Is any of this making sense?"  Douglas n. Adams, mostly harmless

Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"