Comments on: Security Review - GSM Cellphones http://cubist.cs.washington.edu/Security/2008/03/16/security-review-gsm-cellphones/ Mon, 06 Oct 2008 14:26:05 +0000 http://wordpress.org/?v=2.6.2 By: burgerdeluxe http://cubist.cs.washington.edu/Security/2008/03/16/security-review-gsm-cellphones/#comment-4510 burgerdeluxe Thu, 27 Mar 2008 02:23:41 +0000 http://cubist.cs.washington.edu/Security/2008/03/16/security-review-gsm-cellphones/#comment-4510 Even with good encryption between the handset and base station, there is no encryption for the voice call when travelling on the carrier's network, or the PSTN. Anyone who wants to eavesdrop can do so by having access to the switch processing the call. Only by having the call encrypted end-to-end with strong encryption, can you really have a conversation with a real expectation of privacy. Even with good encryption between the handset and base station, there is no encryption for the voice call when travelling on the carrier’s network, or the PSTN. Anyone who wants to eavesdrop can do so by having access to the switch processing the call. Only by having the call encrypted end-to-end with strong encryption, can you really have a conversation with a real expectation of privacy.

]]> By: Kaboupas http://cubist.cs.washington.edu/Security/2008/03/16/security-review-gsm-cellphones/#comment-4427 Kaboupas Mon, 24 Mar 2008 11:30:09 +0000 http://cubist.cs.washington.edu/Security/2008/03/16/security-review-gsm-cellphones/#comment-4427 First of all id like to point that im not a telecomunications engineer or a gsm guru, just an average technically informed person. I agree with you that the A5 algorithm is not that secure, but you have to take into account: 1) It is an old algorithm used (about) 10 years now 2) 10 years ago was impossible to have enough processing power to crack the algorithm 3) Its impossible to update some billion handsets already sold with a new algorithm 4) Finally even in present time it is difficult to crack the algorithm. You state the 30 minute crack time but please have a look at: http://wiki.thc.org/cracking_a5 it states that the requirements for cracking A5 are: 2008-02-22: Our project received some media. Some people had questions and I decided to answer them here: 1) The 30-60 minutes cracker cost 1.000 USD. You need 2x1TB harddrives and a LX50 FPGA. 2) The 1.000 USD cracker can crack any A5/1 communication regardless how long. E.g. 10 seconds or 10 minutes does not make a difference. It still requires 30-60 minutes to crack. The intercepted ciphertext is passed to the cracker which returns the plaintext after 30-60 minutes. i havent seen any torrent 2TB big with A5 rainbow tables, and the people who created those table i dont think they will give them away that easy. We are talking about months of processing time. First of all id like to point that im not a telecomunications engineer or a gsm guru, just an average technically informed person.
I agree with you that the A5 algorithm is not that secure, but you have to take into account:
1) It is an old algorithm used (about) 10 years now
2) 10 years ago was impossible to have enough processing power to crack the algorithm
3) Its impossible to update some billion handsets already sold with a new algorithm
4) Finally even in present time it is difficult to crack the algorithm. You state the 30 minute crack time but please have a look at: http://wiki.thc.org/cracking_a5
it states that the requirements for cracking A5 are:
2008-02-22: Our project received some media. Some people had questions and I decided to answer them here:

1) The 30-60 minutes cracker cost 1.000 USD. You need 2×1TB harddrives and a LX50 FPGA.
2) The 1.000 USD cracker can crack any A5/1 communication regardless how long. E.g. 10 seconds or 10 minutes does not make a difference. It still requires 30-60 minutes to crack. The intercepted ciphertext is passed to the cracker which returns the plaintext after 30-60 minutes.

i havent seen any torrent 2TB big with A5 rainbow tables, and the people who created those table i dont think they will give them away that easy. We are talking about months of processing time.

]]>