Wednesday, December 30, 2009

GSM is "NOT" Encrypted now !

A German computer engineer said Monday Dec 28 that he had deciphered GSM encryption that most of the world’s digital mobile phone calls, saying it was his attempt to expose weaknesses in the security of global wireless systems.

Karsten Nohl, the encryption expert, put the effectiveness of the 21-year-old G.S.M. algorithm in a challenge, the code developed in 1988 and still used to protect the privacy of 80 percent of mobile calls around the world. In an attempt to expose holes in the security of global wireless systems, 28-year-old Karsten Nohl cracked the 21-year-old GSM algorithm, which is used to encrypt 80 percent of the world's mobile calls, reports The New York Times.

In a presentation given at the Chaos Communication Conference in Berlin, the researcher said that he had compiled 2 terabytes worth of data -- cracking tables that can be used as a kind of reverse phone-book to determine the encryption key used to secure a GSM (Global System for Mobile communications) telephone conversation or text message.

While Nohl stopped short of releasing a GSM-cracking device " that would be illegal in many countries, including the U.S." he said he divulged information that has been common knowledge in academic circles and made it "practically useable."

Intercepting mobile phone calls is illegal in many countries, including the U.S., but GSM-cracking tools are already available to law enforcement. Knoll believes that criminals are probably using them too. "We have just basically copied what you can already buy in a commercial product," he said.

There are about 3.5 billion GSM phones worldwide, making up about 80 percent of the mobile market, according to data from the GSM Alliance, a communications industry association representing operators and phone-makers.


" 2010 will face the hottest struggle for innovating a more secure encryption algorithm" said Yahia Megahed, Vice President of Symbyo Technologies USA - a Global leader in Mobile software application development - " GSM organizations are at risk now, as within few months if their developers don't reach to a more secure encryption algorithm they will be in a hard situation and the whole industry will face its biggest challenge" he said in a statement.

No comments:

Post a Comment