Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    SMS
    Guest
    Uh oh. Don't be doing any telephone banking or credit card ordering on
    your GSM phone.

    "A pair of researchers has created a low-cost and simple hack to crack
    the encryption in GSM mobile phones and intercept voice conversations
    and SMS text messages -- within minutes."

    http://www.darkreading.com/document.asp?doc_id=146616



    See More: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes




  2. #2
    SMS
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    Todd Allcock wrote:

    > Why not? We used to do it on unencrypted analog cordless and cellphones
    > all the time. We simply relied on the law of averages- while it was
    > POSSIBLE our calls were being monitored, it was extremely UNLIKELY they
    > were.


    Not me, at least on analog cellular. I had picked up analog cellular
    calls on my SW radio (at least half of the conversation) and that
    convinced me to be cautious. For cordless phones the danger was a bit
    less as you'd have had to be so close to the handset in order to pick it up.

    > And BTW, why cross-post to five different carriers' NGs when we have a
    > perfectly good "generic" NG- alt.cellular- for topics applicable to all
    > cellphone users?


    It's applicable to these carriers. The alt.cellular group isn't well used.



  3. #3
    Diamond Dave
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    On Thu, 21 Feb 2008 16:29:35 -0800, SMS <[email protected]>
    wrote:

    >It's applicable to these carriers. The alt.cellular group isn't well used.


    Don't post GSM crap in the Verizon, Sprint or Alltel newsgroups. Last
    I checked, we use CDMA, which is much more secure!





  4. #4
    SMS
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    Diamond Dave wrote:
    > On Thu, 21 Feb 2008 16:29:35 -0800, SMS <[email protected]>
    > wrote:
    >
    >> It's applicable to these carriers. The alt.cellular group isn't well used.

    >
    > Don't post GSM crap in the Verizon, Sprint or Alltel newsgroups. Last
    > I checked, we use CDMA, which is much more secure!


    Yes, this is true. But it's still applicable, IMVAIO, because at least
    it presents one valid issue that those CDMA users should consider if
    they are considering switching carriers.



  5. #5
    Todd Allcock
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes



    "SMS" <[email protected]> wrote in message
    news:[email protected]

    >> Why not? We used to do it on unencrypted analog cordless and cellphones
    >> all the time. We simply relied on the law of averages- while it was
    >> POSSIBLE our calls were being monitored, it was extremely UNLIKELY they
    >> were.

    >
    > Not me, at least on analog cellular. I had picked up analog cellular calls
    > on my SW radio (at least half of the conversation) and that convinced me
    > to be cautious. For cordless phones the danger was a bit less as you'd
    > have had to be so close to the handset in order to pick it up.


    I guess. I knew such eavesdropping was possible, but it wasn't widespread.
    After all, credit card fraud is too easy to blame it on an overheard
    cellular conversation. Every waiter or store clear I hand my card to
    "overhears" it.


    >> And BTW, why cross-post to five different carriers' NGs when we have a
    >> perfectly good "generic" NG- alt.cellular- for topics applicable to all
    >> cellphone users?

    >
    > It's applicable to these carriers. The alt.cellular group isn't well used.


    Catch-22- it's not "well used" because we're posting generic cellular info
    to five other NGs! I'm just as guilty, at least sort of- I was going to
    post the Voicestick stuff to the alt.cellular NG but used the carrier NGs
    instead because I thought you'd be interested, and since I couldn't find a
    single posting from you in the alt.cellular group, I assumed you didn't read
    it! ;-)









  6. #6
    SMS
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    The Ghost of General Lee wrote:
    > On Thu, 21 Feb 2008 17:58:56 -0800, SMS <[email protected]>
    > wrote:
    >
    >> Diamond Dave wrote:
    >>> On Thu, 21 Feb 2008 16:29:35 -0800, SMS <[email protected]>
    >>> wrote:
    >>>
    >>>> It's applicable to these carriers. The alt.cellular group isn't well used.
    >>> Don't post GSM crap in the Verizon, Sprint or Alltel newsgroups. Last
    >>> I checked, we use CDMA, which is much more secure!

    >> Yes, this is true. But it's still applicable, IMVAIO, because at least
    >> it presents one valid issue that those CDMA users should consider if
    >> they are considering switching carriers.

    >
    > Perhaps, but it still makes you seem no better than Navas, Oxturd, or
    > Butler.


    Hmm, since I have all of them blocked I don't know what exactly you
    mean. I only occasionally post links to any news stories, and only when
    they are directly relevant to the specific newsgroup.



  7. #7
    Larry
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    SMS <[email protected]> wrote in news:47be0f7e$0$36330
    [email protected]:

    > Uh oh. Don't be doing any telephone banking or credit card ordering on
    > your GSM phone.
    >
    > "A pair of researchers has created a low-cost and simple hack to crack
    > the encryption in GSM mobile phones and intercept voice conversations
    > and SMS text messages -- within minutes."
    >
    > http://www.darkreading.com/document.asp?doc_id=146616
    >


    Anything the cops can listen to....is insecure by design.

    That's why there's Skype....(c;

    2.3 Session Cryptography
    All traffic in a session is encrypted by XORing the plaintext with key
    stream generated by 256-bit AES (also known as Rijndael) running in integer
    counter mode (ICM). The key used is SKAB. Skype sessions contain multiple
    streams. The ICM counter depends on the stream, on salt, and the sequency
    within the stream




  8. #8
    Steve Sobol
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    ["Followup-To:" header set to alt.cellular.verizon.]
    On 2008-02-22, Larry <[email protected]> wrote:

    > That's why there's Skype....(c;


    It's only 256 bits. It's crackable too.


    --
    Steve Sobol, Victorville, CA PGP:0xE3AE35ED www.SteveSobol.com
    Geek-for-hire. Details: http://www.linkedin.com/in/stevesobol




  9. #9
    John Navas
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    On Thu, 21 Feb 2008 20:37:01 -0500, Diamond Dave
    <[email protected]> wrote in
    <[email protected]>:

    >On Thu, 21 Feb 2008 16:29:35 -0800, SMS <[email protected]>
    >wrote:
    >
    >>It's applicable to these carriers. The alt.cellular group isn't well used.

    >
    >Don't post GSM crap in the Verizon, Sprint or Alltel newsgroups. Last
    >I checked, we use CDMA, which is much more secure!


    CDMA has also been cracked. (I posted citations long ago.)

    --
    Best regards,
    John Navas <http:/navasgroup.com>

    "Usenet is like a herd of performing elephants with diarrhea - massive,
    difficult to redirect, awe inspiring, entertaining, and a source of mind
    boggling amounts of excrement when you least expect it." --Gene Spafford



  10. #10
    John Navas
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    On Thu, 21 Feb 2008 22:10:17 -0500, The Ghost of General Lee
    <[email protected]> wrote in
    <[email protected]>:

    >On Thu, 21 Feb 2008 17:58:56 -0800, SMS <[email protected]>
    >wrote:
    >
    >>Diamond Dave wrote:
    >>> On Thu, 21 Feb 2008 16:29:35 -0800, SMS <[email protected]>
    >>> wrote:
    >>>
    >>>> It's applicable to these carriers. The alt.cellular group isn't well used.
    >>>
    >>> Don't post GSM crap in the Verizon, Sprint or Alltel newsgroups. Last
    >>> I checked, we use CDMA, which is much more secure!

    >>
    >>Yes, this is true. But it's still applicable, IMVAIO, because at least
    >>it presents one valid issue that those CDMA users should consider if
    >>they are considering switching carriers.

    >
    >Perhaps, but it still makes you seem no better than Navas, Oxturd, or
    >Butler.


    Steven is, of course, a hypocrite (among other things).

    --
    Best regards,
    John Navas <http:/navasgroup.com>

    "Usenet is like a herd of performing elephants with diarrhea - massive,
    difficult to redirect, awe inspiring, entertaining, and a source of mind
    boggling amounts of excrement when you least expect it." --Gene Spafford



  11. #11
    John Navas
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    On Thu, 21 Feb 2008 15:58:40 -0800, SMS <[email protected]>
    wrote in <[email protected]>:

    >Uh oh. Don't be doing any telephone banking or credit card ordering on
    >your GSM phone.
    >
    >"A pair of researchers has created a low-cost and simple hack to crack
    >the encryption in GSM mobile phones and intercept voice conversations
    >and SMS text messages -- within minutes."
    >
    >http://www.darkreading.com/document.asp?doc_id=146616



    That you think this is news speaks volumes about your "expertise" --
    it's anything but news, and not the biggest threat.

    "Real-Time Cryptanalysis of GSM's A5/1 on a PC"
    by Alex Biryukov and Adi Shamir
    December 9, 1999:
    http://cryptome.org/a5.ps (Postscript, 292K)

    Abstract:

    A5/1 is the strong version of the encryption algorithm used by about
    100 million GSM customers in Europe to protect the over-the-air
    privacy of their cellular voice and data communication. The best
    published attacks against it require between 2^40 and 2^45 steps.
    This level of security makes it vulnerable to hardware-based attacks
    by large organizations, but not to software-based attacks on multiple
    targets by hackers.

    In this paper we describe a new attack on A5/1, which is based on
    subtle flaws in the tap structure of the registers, their
    noninvertible clocking mechanism, and their frequent resets. The
    attack can find the key in less than a second on a single PC with 128
    MB RAM and two 73 GB hard disks, by analysing the output of the A5/1
    algorithm in the first two minutes of the conversation. The attack
    requires a one time parallelizable data preparation stage whose
    complexity can be traded-off between 2^37 and 2^48 steps. The attack
    was verified with an actual implementation, except for the
    preprocessing stage which was extensively sampled rather than
    completely executed.

    Remark: The attack is based on the unofficial description of the A5/1
    algorithm at http://www.scard.org. Discrepancies between this
    description and the real algorithm may affect the validity or
    performance of our attack.

    [MORE]

    --
    Best regards,
    John Navas <http:/navasgroup.com>

    "Usenet is like a herd of performing elephants with diarrhea - massive,
    difficult to redirect, awe inspiring, entertaining, and a source of mind
    boggling amounts of excrement when you least expect it." --Gene Spafford



  12. #12
    carcarx
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    On Feb 29, 9:12 am, John Navas <[email protected]> wrote:
    > On Thu, 21 Feb 2008 20:37:01 -0500, Diamond Dave
    > <[email protected]> wrote in
    > <[email protected]>:
    >
    > >On Thu, 21 Feb 2008 16:29:35 -0800, SMS <[email protected]>
    > >wrote:

    >
    > >>It's applicable to these carriers. The alt.cellular group isn't well used.

    >
    > >Don't post GSM crap in the Verizon, Sprint or Alltel newsgroups. Last
    > >I checked, we use CDMA, which is much more secure!

    >
    > CDMA has also been cracked. (I posted citations long ago.)


    Strange. I asked you specifically for them, but there was never a
    response.
    Please retrieve them and post them again.



  13. #13
    carcarx
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    On Mar 1, 2:57 pm, carcarx <[email protected]> wrote:
    > On Feb 29, 9:12 am, John Navas <[email protected]> wrote:
    >
    > > On Thu, 21 Feb 2008 20:37:01 -0500, Diamond Dave
    > > <[email protected]> wrote in
    > > <[email protected]>:

    >
    > > >On Thu, 21 Feb 2008 16:29:35 -0800, SMS <[email protected]>
    > > >wrote:

    >
    > > >>It's applicable to these carriers. The alt.cellular group isn't well used.

    >
    > > >Don't post GSM crap in the Verizon, Sprint or Alltel newsgroups. Last
    > > >I checked, we use CDMA, which is much more secure!

    >
    > > CDMA has also been cracked. (I posted citations long ago.)

    >
    > Strange. I asked you specifically for them, but there was never a
    > response.
    > Please retrieve them and post them again.


    And here's the thread in which I asked:

    http://groups.google.com/group/alt.c...bc3ce7ba2a2b94



  14. #14
    DTC
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    carcarx wrote:
    > On Feb 29, 9:12 am, John Navas <[email protected]> wrote:
    >> CDMA has also been cracked. (I posted citations long ago.)

    >
    > Strange. I asked you specifically for them, but there was never a
    > response.
    > Please retrieve them and post them again.


    Navas must have gotten his information from this...

    But first...consider the source, Steve "Black Helicopter" Gibson

    From http://www.grc.com/sn/SN-130.txt
    [quoting the relevant part]

    STEVE: Both types of cellular technology, both GSM and CDMA,
    unfortunately use encryption that was - I mean, I can just hear our
    listeners getting ready for this - was designed by engineers and not by
    crypto people.

    LEO: Just like WEP.

    STEVE: In their defense, in defense of the cell technology, back when
    this was first done, it was much more expensive to have processing power
    than it is now. At least in the case of GSM, it's based on a shift
    register, I think it's three different shift registers with multiple
    taps, which is one way of generating pseudorandom data. They've tried,
    the people doing it tried to keep this as a trade secret, tried to keep
    it proprietary. Bottom line is it's been cracked.

    LEO: Now, you understand first of all this isn't - this is CDMA. And
    it's EVDO, it's EVDO. It's Sprint.

    STEVE: Right. Right. Now, exactly. Now, but CDMA has been cracked
    also. So...

    LEO: And I don't know if EVDO really uses CDMA technology. It's on
    those frequencies, but it might use something else.

    STEVE: Actually it does. All EVDO is really doing is aggregating a
    bunch of channels together. And essentially that's where you get all
    this extra bandwidth...

    LEO: Oh, interesting.

    STEVE: ...is it just pulls a bunch of cell channels together and uses
    them all in parallel in order to increase its speed.

    LEO: How interesting.

    STEVE: I don't know one way or another for sure whether there's an
    additional layer of encryption on top of the standard cell technology.
    And when I - again, as I started saying, I don't want to freak out our
    listeners. It's not like, you know, CDMA and GSM has been cracked to
    the degree, for example, that WiFi has been. But there are papers on
    the 'Net that talk about how this stuff can be cracked. So it's not
    like there's super-strong, industrial-grade, current state-of-the-art
    crypto. The problem is, these technologies, these digital cellular
    technologies are so old, and now so widely deployed, that they can't be
    updated without obsoleting the entire network. And they're, I mean,
    they're encrypted to the extent that you have to really, really, really
    want to crack them in order to get inside them. But it is possible.
    Has been done.

    LEO: I'm reading here that EVDO uses a 42-bit pseudo-noise sequence
    called a "long code" to scramble the transmissions.

    STEVE: Right. I mean, and...

    LEO: That's not very long.

    STEVE: No, it's not. And again, it's...

    LEO: And then it uses AES.

    STEVE: On top of it.

    LEO: Yeah. Well, wait a minute.

    STEVE: Okay.

    LEO: Now, wait a minute. The long code scrambles transmissions through
    the standardized cellular authentication and voice-encryption algorithm,
    which is probably the one that's broken, to generate a 128-bit sub-key
    called Shared Secret Data, SSD. This key feeds into an AES algorithm to
    encrypt transmissions.

    STEVE: Well, that does sound pretty good.

    LEO: If it's using AES with a 128-bit key generated by random, by
    pseudo-noise...

    STEVE: Yeah, it doesn't sound like it's using any kind of a public key
    technology. And I don't know where the shared secret comes from. It
    might be based on the phone number, or maybe it's established ahead of
    time? Anyway, it is on my list of things to research deeply. So I can,
    you know, we'll spend an hour here before too long talking in detail
    about cellular encryption technology because I know lots of people are a
    little anxious about it.

    LEO: Well, the thing that makes me anxious is maybe EVDO is secure, the
    data's secure. But it sounds like voice transmissions over GSM and CDMA
    are not.

    STEVE: Right. They would be relying on that initial level of
    obfuscation, which you really cannot consider as being encryption.

    LEO: Right. You know, it's funny because, when we went from analog to
    digital cell phones, I remember, as we talked about earlier, analog cell
    phones, just like analog land lines, were completely, completely
    monitorable. And I remember asking hackers; and they said, well, we
    don't know how, but probably you could hack into it.

    STEVE: Probably.




  15. #15
    carcarx
    Guest

    Re: News: Encrypted GSM Voice Calls & SMS Messages Hacked in Minutes

    On Mar 1, 6:32 pm, DTC <[email protected]> wrote:
    > carcarx wrote:
    > > On Feb 29, 9:12 am, John Navas <[email protected]> wrote:
    > >> CDMA has also been cracked. (I posted citations long ago.)

    >
    > > Strange. I asked you specifically for them, but there was never a
    > > response.
    > > Please retrieve them and post them again.

    >
    > Navas must have gotten his information from this...


    No, that has no reference to North Korea.

    I also focus in on this that you posted:



    > But first...consider the source, Steve "Black Helicopter" Gibson


    > LEO: Now, wait a minute. The long code scrambles transmissions through
    > the standardized cellular authentication and voice-encryption algorithm,
    > which is probably the one that's broken, to generate a 128-bit sub-key
    > called Shared Secret Data, SSD. This key feeds into an AES algorithm to
    > encrypt transmissions.
    >
    > STEVE: Well, that does sound pretty good.
    >
    > LEO: If it's using AES with a 128-bit key generated by random, by
    > pseudo-noise...
    >
    > STEVE: Yeah, it doesn't sound like it's using any kind of a public key
    > technology. And I don't know where the shared secret comes from. It
    > might be based on the phone number, or maybe it's established ahead of
    > time? Anyway, it is on my list of things to research deeply. So I can,
    > you know, we'll spend an hour here before too long talking in detail
    > about cellular encryption technology because I know lots of people are a
    > little anxious about it.
    >
    > LEO: Well, the thing that makes me anxious is maybe EVDO is secure, the
    > data's secure. But it sounds like voice transmissions over GSM and CDMA
    > are not.
    >
    > STEVE: Right. They would be relying on that initial level of
    > obfuscation, which you really cannot consider as being encryption.


    Yet, when one delves into the encryption of 1xRTT one sees (section 2
    of
    http://www.cdg.org/technology/cdma_t...y_overview.pdf
    )
    the 128 bit AES key and the 42 bit long code. (reference Fig. 3 in in
    section 2.2).

    So, there it appears that the voice encryption has the strength of the
    data encryption. so, according to the interview
    posting, voice is secure, too.

    So, we're still waiting for Navas' references and dates.



  • Similar Threads




  • Page 1 of 2 12 LastLast