Is Cell Phone Security A Virtual House Of Cards?

Mobile service providers insist there is nothing wrong with their security standards. Are they whistling past the digital graveyard?
Mobile service providers insist there is nothing wrong with their security standards. Are they whistling past the digital graveyard?GSM is the world's dominant mobile communications technology. Today, nearly 3.5 billion people in over 200 countries use mobile handsets that employ the standard.

Most knowledgeable users assume that their GSM handsets use encryption to secure voice and data transmissions. In fact, GSM uses a particular encryption algorithm, known as A5/1, to encrypt voice calls in Europe and the United States.

A variant called A5/3 is mandated for use with 3G data services. It uses a longer encryption key; as a result, it is considered less vulnerable -- but not invulnerable -- to attack.

Last year, a group of hackers started a project to attack known weaknesses in the A5/1 algorithm using off-the-shelf hardware and open-source software tools. The result: A compelling theoretical blueprint for a GSM scanner that could, in a matter of seconds, capture and crack encrypted cell phone traffic.

For a while, the GSM encryption-busting initiative appeared to drop off the radar. Last month, however, the organizers appeared at the Black Hat conference in Las Vegas to reaffirm their approach to exposing fundamental flaws in GSM encryption.

Does the initiative represent an immediate threat to cell phone data security? It is difficult to say.

In the first place, there is often a considerable gap between a proof-of-concept project and functional exploits. On the other hand, it looks like that gap will close in a matter of months, at the latest.

Also, it appears that 3G traffic -- potentially a gold mine of sensitive data -- doesn't yet figure in this story.

The real problem involves the mobile industry's response to the issue. It's laughable, and it does not bode well for the future.

According to one recent article covering the issue, mobile operators scoffed at the fact that the GSM exploit requires the generation of a 2TB "rainbow table," a type of data array that greatly simplifies the process of cracking an encryption algorithm.

It's true that creating such a table on a single PC could, in theory, take thousands of years. According to Dr. Karsten Nohl, however, the lead developer working on the GSM decoding proof-of-concept project, a far more efficient approach involves using a distributed computing infrastructure. An ad hoc, peer-to-peer network of this sort can use high-end desktop graphics processors -- known for their massive parallel computing capabilities -- to generate the rainbow table in a matter of weeks.

Once that work is done, the table can be distributed to anyone "with a laptop and an antenna" who wants to listen in on GSM voice calls or text messages.

GSM network operators don't have much to say about all of this. Instead, they're fixated on the fact that the rainbow table would be around 2TB in size -- or as an industry trade group puts it, "equivalent to the amount of data contained in a 20 kilometre high pile of books."

I would put it a different way. I can buy 2TB of storage for less than it would cost to buy a new GSM smartphone. That's a far more relevant analogy than a feeble attempt to make 2TB of data sound super-scary-big by comparing it to a pile of books.

The industry group representing GSM operators also scoffed at the cost and complexity of a radio receiver necessary to capture raw cell phone data. Here too, these companies are stuck firmly in the 1980s: Anyone can buy the hardware necessary to capture GSM radio signals for around $700; those with electronics expertise can build their own for even less.

The other piece of the GSM data-capture puzzle, software capable of converting the GSM radio signals, is available for free.

Last year, security expert Bruce Schneier looked at the GSM encryption issue and noted that "attacks never get better; they always get worse. This is why we tend to abandon algorithms at the first sign of weakness."

We're seeing this trend in action as WPA wireless encryption joins its worthless cousin WEP on the technology trash-heap. And we are certainly seeing it happen as hackers turn a complicated, expensive GSM data-grabbing scheme into a relatively cheap and simple technical exercise.

Mobile service providers need to take this problem a lot more seriously. Security through obscurity is a terrible way to do business, but security through denial is even worse.