Security Review – GSM Cellphones

By aodle56 at 9:29 pm on March 16, 2008 | 3 Comments

I’ve seen a few people on this blog cover various aspects of cellphone security, including the new iphone 3rd party support and GPS tracking, however I haven’t seen anything covering the most basic of cellphone features, voice communication. It seems to me there are just as many, if not more, security implications that arise by the simple act of eavesdropping or account spoofing as there are in the more modern functions of cell phones.

For this security review I will analyze the security of GSM cellphones since it is the most widely used cellphone technology in the world. GSM utilizes encryption schemes and an optional authentication handshake to help protect user data and voice communication over the airwaves. Specifically, authentication uses a 128 bit challenge followed by a 128 bit response stored on the user’s device, helping ensure that the call isn’t being spoofed by another user. The encryption algorithm used is called A5 and has several different levels of security. A5/1 is the original algorithm and is widely used in Europe, and A5/2 is a weaker version of the algorithm that is used by most U.S. phone providers (some speculate this is because the Government requires that they be able to eavesdrop on our cellphones).

Assets

  • Actual phone conversation: The voice communication between two parties is obviously important information to be kept private. The individuals speaking are expecting that they are not being overheard and might be talking about sensitive information.
  • User information sent over the airwaves: The cell phone sends out metadata about the user it is transmitting voice data for. Such information might include authentication info, serial numbers, SIM data, etc. Adversaries could use this towards spoofing or identity theft.
  • Reputation of the cell phone company: The cell phone company relies on its reputation in order to stay in business. Publicity it would receive from personal conversations being compromised would be a deterrent for current and potential customers.

Adversaries

  • Enemy of the end users: If the end users on the cell phone conversation had anyone who might want to harm them, cell phone conversations could be used against them.
  • The government: The government might want to eavesdrop on cell phone conversations under the banner of National Security.
  • Identity thieves: Identity thieves could use cell phone conversations and meta data passed during cellphone transmission to gather information about an individual.
  • Nosy people: Nosy people might simply want to listen in on other people’s private conversations. This might be for malicious purposes or simply due to curiosity.

Potential Weaknesses

  • Authentication scheme: The authentication is designed to protect users against having their accounts used by others. However, the authentication needs to be intentionally turned on and the vast majority of users don’t even know it exists.
  • Encryption scheme: The A5/1 encryption can be broken by an average computer in just under a half hour. The A5/2 encryption scheme used in the U.S. can be broken much faster.

Potential Defenses

  • Require the authentication handshake. This would require cellphone spoofers to transmit a correct 32 digit serial number before their calls were accepted.
  • Use a better encryption scheme. This seems too obvious, but it would certainly help. There are encryption algorithms out there that are very hard to break, but perhaps latency is the underlying issue here?

Given the fact that the authentication is rarely used and that even the stronger A5/1 encryption can be broken in under a half hour, there are obvious security implications with using cellphones. Any one of the assets I listed above could easily be compromised, likely unknowingly by the end users. Despite this fact, the vast majority of articles I found using the Google search “cellphone security” argued that digital cellphones were indeed very secure. It’s probably due to this that I found no mention of improvement on cellphone security on the horizon.

Unless something drastically changes, it is highly advisable that those using cellphones be aware that their conversations could at any point be overheard by a malicious eavesdropper, perhaps an enemy of the user, the government, an identity thief, or simply a nosy neighbor. Until then it will be interesting to see if this ever becomes a widely publicized issue or not.

Sources –

What algorithm is utilized for encryption in GSM networks?

http://www.gsm-security.net/news/Digital_Cell_Phone_Code_Cracked.shtml

http://www.forbes.com/2008/02/21/cellular-spying-decryption-tech-security-cx_ag_0221cellular.html?feed=rss_popstories

Filed under: Privacy,Security Reviews3 Comments »

3 Comments

  • 1
    Get your own gravatar for comments by visiting gravatar.com

    Comment by Kaboupas

    March 24, 2008 @ 3:30 am

    First of all id like to point that im not a telecomunications engineer or a gsm guru, just an average technically informed person.
    I agree with you that the A5 algorithm is not that secure, but you have to take into account:
    1) It is an old algorithm used (about) 10 years now
    2) 10 years ago was impossible to have enough processing power to crack the algorithm
    3) Its impossible to update some billion handsets already sold with a new algorithm
    4) Finally even in present time it is difficult to crack the algorithm. You state the 30 minute crack time but please have a look at: http://wiki.thc.org/cracking_a5
    it states that the requirements for cracking A5 are:
    2008-02-22: Our project received some media. Some people had questions and I decided to answer them here:

    1) The 30-60 minutes cracker cost 1.000 USD. You need 2x1TB harddrives and a LX50 FPGA.
    2) The 1.000 USD cracker can crack any A5/1 communication regardless how long. E.g. 10 seconds or 10 minutes does not make a difference. It still requires 30-60 minutes to crack. The intercepted ciphertext is passed to the cracker which returns the plaintext after 30-60 minutes.

    i havent seen any torrent 2TB big with A5 rainbow tables, and the people who created those table i dont think they will give them away that easy. We are talking about months of processing time.

  • 2
    Get your own gravatar for comments by visiting gravatar.com

    Comment by burgerdeluxe

    March 26, 2008 @ 6:23 pm

    Even with good encryption between the handset and base station, there is no encryption for the voice call when travelling on the carrier’s network, or the PSTN. Anyone who wants to eavesdrop can do so by having access to the switch processing the call. Only by having the call encrypted end-to-end with strong encryption, can you really have a conversation with a real expectation of privacy.

  • 3
    Get your own gravatar for comments by visiting gravatar.com

    Comment by Rafael

    October 31, 2008 @ 3:39 am

    I’m using PhoneCrypt (www.phonecrypt.com) to secure my conversations and dates, it’s developed by

    securstar.

    It’s very good, works perfectly.

    I recommend!

RSS feed for comments on this post