In all cryptography, there needs to be ample time to switch between algorithms, and even more time after the algorithms...
are made publicly available for analysis. This public and open analysis in the cryptographic community is used to identify weaknesses in the cryptographic algorithms. The GSM industry should switch to the newer and more secure A5/3 algorithm. The GSM Association reports there are 4 billion GSM phones in use throughout the world, so this switchover will be a massive effort that won't happen overnight, and as of mid-2010, the planning doesn't appear to have even started on this massive effort. Researchers point out that "A5/1 is constantly being circumvented by intelligence, law enforcement and criminals" (pdf), so the real-world risk is the switch to A5/3 won't happen fast enough and eavesdropping on GSM phone calls could become trivial if someone has access to the hardware necessary to record the radio signals, which the GSM Association says is complex to perform, but researchers say can be assembled . Hopefully the ongoing GSM research will prompt the GSM industry to migrate as quickly as possible to show their concern for their customers' security and privacy.
Karsten Nohl's attack was generating hashes for the codebook for A5/1 and collecting the related research to show the world how risky it is to continue to use the current GSM encryption algorithm. The generated hashes for the codebook are essentially the decryption keys that can be used to decrypt the encrypted voice call and were created by hashing all of the potential encryption keys. While the GSM Association says specialized software and hardware are needed to be able to intercept calls, the researchers point out that by using the codebook, some open source projects and some hardware, someone could intercept GSM traffic (phone calls, etc) with only a radio receiver and signal processing software that the researcher specifies. The risk to enterprises is that GSM communications like phone calls or SMS messages secured using A5/1 will not be addressed before attackers are able to use it to attack their organizations.
Dig Deeper on Disk and file encryption tools
Related Q&A from Nick Lewis
Locky ransomware has, again, changed tactics by moving to using LNK files for distribution. Expert Nick Lewis explains how enterprises can adjust ...continue reading
Hajime malware was discovered to have links to the Mirai botnet that launched powerful DDoS attacks last year. Expert Nick Lewis explains how Hajime ...continue reading
Drammer, or a deterministic Rowhammer attack, was found to be more effective on ARM-based mobile devices. Expert Nick Lewis explains the issue with ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.