German scientist cracks secret mobile phone code
By ANIWednesday, December 30, 2009
LONDON - A German computer scientist has cracked the secret algorithm used to maintain privacy in the conversations of cell phone users.
Karsten Nohl worked with a team for the last five months and finally cracked the code used to encrypt calls using GSM technology.
The findings can allow anyone to listen to private phone conversations.
Speaking at the Chaos Communication Congress in Berlin he said his conclusions proved that security of GSM, the most used mobile technology in the world, was “inadequate”.
“We are trying to inform people about this widespread vulnerability,” the BBC quoted Nohl as saying.
The expert added: “We hope to create some additional pressure and demand from customers for better encryption.”
However, the GSM Association (GSMA), which created the code, said Nohl’s work would be “highly illegal” in Britain and many other countries.
A spokesperson said: “This isn’t something that we take lightly at all.”
But Nohl insists that he spoke to lawyers before releasing his work publicly and said it was “legal”.
Talking about his study Nohl said: “Any cryptographic function is a one way street…You should not be able to decrypt without the secret key”.
To break the code Nohl and others computer networks to look through “every possible combination” of inputs and outputs. Nohl pointed out there were “trillions” of possibilities.
All the outputs are now listed in a vast table.
Nohl explained: “It’s like a telephone book - if someone tells you a name you can look up their number.”
The codebook, a “beefy gaming computer and 3,000 dollars worth of radio equipment” would enable anyone to decipher signals from billions of people around the world using GSM technology, he stated.
The GSMA says the technology would remain unaffected by the new research, since there had been “a number” of such studies describing how A5/1 algorithm could be broken but “none to date have led to a practical attack”.
The spokesperson added: “All in all, we consider this research, which appears to be motivated in part by commercial considerations, to be a long way from being a practical attack on GSM.” (ANI)