Mobile operators pooh-pooh universal phone-snooping plan
Mobile operators have struck back at organizers of an open-source project that plans to crack the encryption used to protect cell phone calls, saying they are a long way from devising a practical attack. "The theoretical compromise presented at the Black Hat conference requires the construction of a large look-up table of …
So that's about 15 140Gb hard drives.
About 1 office draw full.
GSMA should get their replacement plans in place now.
Security by obsecurity? we've heard of it.
So yeah 3 Terabytes is equivalent to the amount of data contained in a 20 kilometre high pile of book, or, simply put it, a couple of cheap hard disks you can buy at the local electronics store for $300.
But then there is a complex radio receiver to process the raw radio data to acquire. Oh my. Might be that they are referring to a Universal Software Radio Peripheral which sells for $500 on the interwebs? And then use Wireshark (cost $0) to analyze the traffic.
So the press release should read something like "Someone with $800, a laptop, a modicum of skills and access to the data in such a table could use it to analyse an encrypted call and recover the encryption key." Much better.
First the A5/1 and then the WPA cracks. Not a good week if you're the shareholder of a telco with poor security.
"The GSMA went on to say that even if such a table were built, the researchers still would need to build a complex radio receiver to process the raw radio data."
Or alternatively, buy a mobile phone and take some of the bits out of it. The bad guys don't care about EMI and EMC, unlike a real handset dev.
"The complex knowledge required to develop such [signal-processing] software is subject to intellectual property rights, making it difficult to turn into a commercial product," it states.
So? By definition, the people who try to break such stuff don't care about IP - the primary purpose of building such a system is to eavesdrop and copy sensitive information!
Every time I read an article like this I so wish the asshats at whichever company/organization being featured would read El Reg for a much needed reality check. Stacks of books? IP prevents hacking? ...seriously?
Paris because she can actually pull off living in an alternate reality.
... to realise I apparently have a 10 kilometer pile of books on my desk (eg a 1 Tb drive). Not sure what thats got to do with the price of fish, or its relevance to whether or not the encryption can be broken though. What on earth lead the GSMA to issue this pile of drivel?
On PC World's website, the going rate for a 1TB external drive is £70 or so. As others have pointed out, any 13year old knows there's no problem getting 2TB of storage these days, and nor is there any problem getting hold of someone else's "IP" (what do people store on 1TB drives anyway, except "someone else's IP"). Connecting it all together might take longer than an episode of The Simpons, but maybe not much longer.
GSMA, your PR people need to talk to their teenagers.
Is for a 95% success rate and the complete table is 128 Petabytes I think.
Most executives will have 3G phones if they make any money. This tech will let people listen and record calls close enough to their location, best use would be those telephone banking calls where people have to type in their password assuming they call from the same place often enough and this software allows you to pick out their phone.
I'd love to know who had the job of binding 2 terabytes of data printed onto sheets, just to confirm how it stacks against books!
Seriously though, these guys are clueless, but they do have a vested interest. If GSM is easily broken, and it becomes common knowledge, there's going to be a few upset customers!
As a PHY layer has been compromised as early as 1974, now thats ALL wireless signals...... ho ho ho, go figure
I guess if it's within the reach of your average spotty teen then the NSA et. al. have been capable of this for years.
It's called Echalon.
http://www.cyber-rights.org/interception/echelon/
Given that hard drives with a capacity of one terabyte are now widely available, using the requirement for a 2 TB lookup table as evidence of impracticality does sound odd. Now, though, if they had said that one had to do a linear search of that table frequently during decryption, then they might have had a case for it being at least inconvenient.
You *never* have to do a linear search of a look-up table. The simplest sane algorithm is to order the data sequentially by key, and do a binary chop. You can get more speed by pre-ordering it into a search tree rather than a sorted list.
If you are searching disk-resident data, each access costs you a few milliseconds, so an efficient lookup into 2Tb will cost ~30mS if all the data is on disk, and ~10mS if you make constructive use of a couple of GB of RAM to cache the top of the tree. The question then becomes, do you have to do this so many times that the attack is impractically slow, or not?
Sign up, sign up for The Register's weekly IT security newsletter - click here
