In all cryptography, there needs to be ample time to switch between algorithms, and even more time after the algorithms...
are made publicly available for analysis. This public and open analysis in the cryptographic community is used to identify weaknesses in the cryptographic algorithms. The GSM industry should switch to the newer and more secure A5/3 algorithm. The GSM Association reports there are 4 billion GSM phones in use throughout the world, so this switchover will be a massive effort that won't happen overnight, and as of mid-2010, the planning doesn't appear to have even started on this massive effort. Researchers point out that "A5/1 is constantly being circumvented by intelligence, law enforcement and criminals" (pdf), so the real-world risk is the switch to A5/3 won't happen fast enough and eavesdropping on GSM phone calls could become trivial if someone has access to the hardware necessary to record the radio signals, which the GSM Association says is complex to perform, but researchers say can be assembled . Hopefully the ongoing GSM research will prompt the GSM industry to migrate as quickly as possible to show their concern for their customers' security and privacy.
Karsten Nohl's attack was generating hashes for the codebook for A5/1 and collecting the related research to show the world how risky it is to continue to use the current GSM encryption algorithm. The generated hashes for the codebook are essentially the decryption keys that can be used to decrypt the encrypted voice call and were created by hashing all of the potential encryption keys. While the GSM Association says specialized software and hardware are needed to be able to intercept calls, the researchers point out that by using the codebook, some open source projects and some hardware, someone could intercept GSM traffic (phone calls, etc) with only a radio receiver and signal processing software that the researcher specifies. The risk to enterprises is that GSM communications like phone calls or SMS messages secured using A5/1 will not be addressed before attackers are able to use it to attack their organizations.
Dig Deeper on Disk and file encryption tools
Related Q&A from Nick Lewis
An Apache Struts vulnerability is still being exploited, even though it has already been patched. Expert Nick Lewis explains why the Struts platform ...continue reading
A revamped Poison Ivy RAT campaign has been using new evasion and distribution techniques. Expert Nick Lewis explains the new attack methods that ...continue reading
Fileless malware hidden in server memory led to attacks on many companies worldwide. Expert Nick Lewis explains how these attacks fit in with the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.