NSA Able To Crack A5/1 Cellphone Crypto 122
jones_supa writes "The most widely used cellphone encryption cipher A5/1 can be easily defeated by the National Security Agency, an internal document shows. This gives the agency the means to intercept most of the billions of calls and texts that travel over radiowaves every day, even when the agency would not have the encryption key. Encryption experts have long known the cipher to be weak and have urged providers to upgrade to newer systems. Consequently it is also suggested that other nations likely have the same cracking capability through their own intelligence services. The vulnerability outlined in the NSA document concerns encryption developed in the 1980s but still used widely by cellphones that rely on 2G GSM. It is unclear if the agency may also be able to decode newer forms of encryption, such as those covered under CDMA."
This is why... (Score:5, Funny)
I only speak in Navajo.
Re: (Score:1)
I only speak in Navajo.
I use a combination of speaking in Valley Girl talk with a Scottish accent.
"Ack! Gack meh widda spoooon!"
VoIP + ZRTP (Score:5, Informative)
I haven't tried it out yet, but ZRTP [wikipedia.org] apparently provides strong (PGP-based) encryption for VoIP. So why not just quit using cellphone "voice calls" entirely? There exist cellphone plans that provide enough data cheaply enough to make this work economically.
Re: (Score:1)
It has nothing to do with PGP. But it uses strong encryption and the user has the option of verifying the session key by reading out a short authentication string that is displayed in the client - if it matches the authentication string displayed at the other end, you know that there is no man-in-the-middle attack going on. It is probably the best VoIP protocol there is in terms of security and user-friendlyness.
Re: (Score:2)
Or use WebRTC, it's encrypted by default with the other encrypted RTP protocol: SRTP.
There is even a system where you can be sure who you are talking to and be sure there is no man-in-the-middle, with an RFC draft to tie it into oAuth or BrowserID protocols:
http://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-07 [ietf.org]
https://air.mozilla.org/intern-presentation-seys/ [mozilla.org]
With BrowserID/Persona your privacy will also be preserved.
Persona is the first implementation by Mozilla of the Mozilla developed protocol.
Don't Worry they Built it that Way (Score:5, Insightful)
The NSA has maintained a policy that any encryption that was able to block their efforts was ILLEGAL in the USA. Do you actually expect anything to work? Bluntly do you expect to have your banking transactions secure when they can crack them. How about your phone call confirmations when they can record them and appear to be you. How about a hacker who walks into the NSA back-door in all of this. This makes the NSA the biggest terrorist and criminal agents in the world and the accomplace to the stunningly biggest crime situation in history where nobody is secure!
Re: (Score:2)
sure, that's why you import your 3g networks.
Re: (Score:1)
Right... and they only looked at the nipples on all the porn they downloaded in between spying on Merkel and $FRENCHGUY too.
Re: (Score:1)
And this is news? (Score:5, Informative)
Hardly rocket science these days, see e.g.https://srlabs.de/decrypting_gsm/
Re: And this is news? (Score:1)
The question isn't the fact that they've been able to break it, the question ultimately is how long have they been able to break it and if they have the processing power to break all of it, all the time.
If they broke that encryption five years ago, that's a lot different from the NSA breaking it 25 years ago, or worse, it being insecure from the beginning due to the NSA knowing the vulnerability (or inserting it).
Re: And this is news? (Score:5, Informative)
A5 has been broken for *years*.
(Since 1994 according to wikipedia: https://en.wikipedia.org/wiki/A5/1#Security [wikipedia.org] , with many improved attacks since then)
So this is hardly "news" ... but it's good to keep shining bright lights on the NSA to keep them scurrying.
Re: (Score:3)
I really have enjoyed the document by document approach. Especially when they are related. Document reveals X and implies Y. NSA says we can legally do X but we would never do Y. Two weeks later a new document that explains how they accomplish Y and they've been doing it for a decade. It is truly amusing!
Re: (Score:3)
GSM has had problems for many years.
But let's have a look at something a bit more modern.
Did you know with LTE Advanced it's all IP-traffic ? Even speech is IP-traffic.
Did you know the encryption they use is IPSEC ? LTE is 2 types of packets: data and control.
Did you know IPSEC is optional ? The network operator decides what you get, when you roam and connect to an other operator you might actually get something else.
So they got proper encryption (at least I hope they pick the right algorithms, we know IPSE
If you don't like them hearing your private speech (Score:3, Insightful)
Well then, just self-censor. Isn't that the road we're heading down?
Re: (Score:2, Insightful)
Why should we self-censor, they shouldn't be listening in without probable cause. I don't care about differing opinions on that front.
Re: (Score:2)
"What has predator missiles got to do with constitutional rights to privacy?"
When those missiles are killing americans, everything!!
Re: (Score:2)
"Asking people not to listen in on radio communications is like asking people not to listen in on the guy shouting his opinion on a street corner: if you don't want to be heard, don't shout it."
Radios aren't built into our heads. Can't say the same about our ears. Like electronic everything it takes the effort of building the devices and tuning in to listen in which unlike a post card or listening to someone speak it isn't obvious.
Re: (Score:3, Interesting)
It isn't a private speech. You have no reasonable expectation of privacy because it is now widely known that the government spies on our communications. Therefore, it is not reasonable to have an expectation of privacy.
Man, the courts really screwed up when they called it an "expectation of privacy".
Re: (Score:3, Interesting)
Actually it's an expectation a randomly-selected private individual would have, in the absence of specific knowledge. The proverbial "person on the Clapham omnibus" would have the expectation that the government won't act illegally against him. The paranoid wearing the tinfoil hat in the next seat, who considers all governments illegal and intrusive, doesn't count in this case.
It's also called "a reasonable expectation of privacy", where "reasonable[1]" doesn't include admittedly illegal mass collectio
Re: (Score:1)
Turns out the paranoiacs were right.
Re: (Score:2)
Re: (Score:2)
Re:If you don't like them hearing your private spe (Score:4, Insightful)
> [1. It's interesting to note you can't translate "reasonableness" into Latin or modern French. It seems to be something very English-language-specific. My college's motto, "Let Reasonableness Flourish", is in English because of that oddity, and it says interesting things about other countrys' jurisprudence.]
After five years of Latin, I feel fairly confident in saying the following:
rationabilis [latin-dictionary.net] is Latin for "reasonable" or "rational".
-itas [wiktionary.org] is the Latin suffix for "-ness".
Thus, it would be fair to say that "rationabilitas" is Latin for "reasonableness". So no, reasonableness is not an English-language specific concept. And no, it doesn't imply shit about anything.
Re: (Score:2)
Alas, rationabilis was used in non-ecclesiastical latin in strictly the sense of "capable of reasoning", or rational, while we were trying to translate reasonableness in the senses of
If we'd used rationabilis, we would have a real risk of it translating back into English as "let spocky-ness flourish"
Re: (Score:3)
Hey, the DMCA makes it illegal to circumvent DRM no matter how ineffective it is. Surely, since the laws are entirely fair and symmetrical, the expectation of privacy remains when using encrypted communications no matter how ineffective that encryption is... right?
Re: (Score:2)
"It isn't a private speech. You have no reasonable expectation of privacy because it is now widely known that the government spies on our communications. Therefore, it is not reasonable to have an expectation of privacy."
The fact that the government has to go out of it's way to do it says there is an 'expectation of privacy'. Where do you think all the money we pay in taxes goes to? It's sure isn't to help the public.
Re: (Score:2)
^H^H^H^H^H^H^H^Hyes, it is.
Re: (Score:2)
Well then, just self-censor. Isn't that the road we're heading down?
Fuck that.
Our government is thoroughly corrupt and they'll have to kill me to stop me from saying so.
So what? (Score:5, Insightful)
My mobile carrier is AT&T. The NSA doesn't need to break the encryption.
Re: (Score:1)
It is indeed interesting because this means that the NSA or CIA or FBI can listen into your phone calls without a wiretap warrant just by grabbing the electrons flying through the air.
Re:So what? (Score:5, Informative)
FYI, in usual radio communication, what flies through the air are not electrons but photons. These photons are generated by wiggling a few electrons back and forth at the transmitter, and this in turn wiggles a few electrons back and forth on the receiving end.
Re: (Score:2)
without a wiretap warrant
They already have a general warrant to search and seize all the calls that everybody makes. At least, NSA claims this and FISA backs them (and by extension, Chief Justice Roberts).
Re: (Score:1)
There is a difference between the business records containing the metadata and the actual verbal contents of the call. If all they have is the metadata, and they had permission to actually look at it from the court as opposed to simply storing it, they would know that you called Pizza Hut for 5 minutes at 9:30 PM on 01 December 2013. They wouldn't know anything about the content of the call which could be just about anything, such as:
1. Cancel my standing order for tonight.
2. Change my standing order fr
Re: (Score:2)
" At least, NSA claims this and FISA backs them (and by extension, Chief Justice Roberts)."
Except FISA by its very definition is illegal in that it violates the principles defined in the constitution.
Re: (Score:2)
Hey, man, rational basis replaced the Constitution eighty years ago.
A5/1 (Score:2)
By one person. One time. After which, distribution of that expertise in the form of software is relatively trivial.
Re: (Score:3)
The original wiretap laws passed in 1968 were clear in that it was the use of devices to intercept a conversation with a "reasonable expectation of privacy" that was a violation, not simply owning them.
The current laws banning cell phone receivers were not created from logic. The laws were created in a poorly-thought-out reaction to some incident involving a VIP; I think some reporter recorded some congressman's cordless phone chat with his mistress, and published it. The wiretap laws passed in 1968 were
Re: (Score:2)
It's important to note that the cell phone frequencies that must be blocked in consumer receivers sold in the US are the old AMPS analog phone frequencies. They are not the same frequencies as what your GSM phone uses. I'm not sure it's even legal for the carriers to support AMPS anymore, in fact.
More Haystack, less Needle (Score:2, Interesting)
I get the feeling they're just drowning themselves in data now. Back in the day, a lot of Turing's great work was for nothing because there wasn't enough staff to process the reams of decrypted traffic coming in, and that was just from the German navy. Yea they can do dumb-ass word-level matching automatically, but I guess most of the potentially useful semantic stuff goes straight down the drain.
Re: (Score:2)
Just like Counterfeiters (Score:2)
Only Logical (Score:1)
Re: (Score:3)
The problem is that they can apparently issue their own warrants, in secret.
Re:Only Logical (Score:4, Interesting)
Re: (Score:1)
Is that the actual problem? Or is it something else? Keep in mind that the Congress operates in both open session for matters for the general public, and closed session to deal with confidential matters such as classified information.
Wyden’s Stunt Was Congress at its Worst [commentarymagazine.com]
... though I have little sympathy for Clapper, whose policy positions on the Islamist threat are highly questionable, lumping him together with Holder would not be fair. Far from being an honest probe into what the government was doing, it’s actually yet another example of how congressional grandstanding does the country little good. Wyden, who was already well briefed on PRISM and other intelligence operations, already knew the answer to the question when he asked it. But he also knew that it would have been inappropriate, if not illegal, for Clapper to answer the question honestly since doing so would have required him to publicly reveal highly classified information that ought not to be made available to America’s enemies. Wyden’s purpose wasn’t to shed light but to merely embarrass Clapper and the administration.
Edward Snowden’s leak about the existence and purpose of PRISM made sure that Wyden’s questioning of Clapper would become a major story, thus giving the Oregon senator the prize he sought. As the clip of Clapper’s lie is shown in a seemingly endless loop on the cable news stations, Wyden is back in the spotlight posturing about the need for “straight talk” from the administration. But the senator, who has carefully built up a reputation as a sober advocate of civil liberties, is the one who is being disingenuous, not Clapper.
You, like many people, have been played as part of political showmanship.
Re: (Score:2)
Re: (Score:1)
If they had already told the truth to Congress behind closed doors or in reports, then I think it is hard to argue that they lied to Congress since Congress had been informed of the truth, and Wyden knew that. It would be more proper to describe this as providing a cover story when asked an inappropriate question at an inappropriate time. Wyden comes off as kind of a jerk.
If the programs were legal, which they apparently are, there would be nothing for Congress to do as long as they were consistent with p
Re: (Score:2)
Eh.. why would Clapper need to lie to congress. Why couldn't he have instead, said, "I cannot answer that question in open session as it would be inappropriate and possibly illegal to answer the question as doing so would require me to publicly reveal highly classified information that ought not be made available to our enemies."
Also, the answer to a question like, “Does the N.S.A. collect any type of data at all on millions or hundreds of millions of Americans?” doesn't provide any operational
Re: (Score:1)
People keep trying to pull this rhetorical nonsense of describing the American people as "the enemy," and it is utter nonsense - just plain stupid. If you want to do that, then please describe how you could inform 300,000,000 Americans about the most secret inner working of the intelligence agencies without the information also leaking to the thousands or tens of thousands of spies and terrorist group members or associates in the US, and ultimately to foreign countries that are enemies? I think you need t
Re: (Score:1)
I'm assuming you're referring to the US. If I understand you correctly, you either question or don't think there are (or could be?) any foreign spies, or associates or members of terrorist groups running lose in the US?
One recent famous case: How the FBI Busted Anna Chapman and the Russian Spy Ring [slashdot.org]
FBI Investigating Possible Russian Spy Recruiting In U.S. [freebeacon.com]
After the Cold War, Russian Espionage in the U.S. [npr.org]
Russian spying at cold war levels, say experts [ft.com]
China's Growing Spy Threat [thediplomat.com]
Spy case patterns the Chinese styl [csmonitor.com]
Re: (Score:2)
"There is a process for properly releasing classified information."
Now if there were a process to define what should be classified other than 'it being politically damaging to my campaign/career'.
Re: (Score:1, Flamebait)
I suggest you do more reading, and read more carefully. That "300" is cases, not 300 people, in similar cases mentioned there 12 people went to jail. There are hundreds to low thousands of Hezbollah in the US. There are more than 3,000 Chinese front companies alone used for espionage.
Peter King warns: Hezbollah agents in U.S. [politico.com]
American Universities Infected by Foreign Spies Detected by FBI [bloomberg.com]
When you start adding in Hamas, al Shahab, and plenty of other extremist organizations, spies from Russia, China, Cu
Re: (Score:1)
Lets read that comment again.
Tell me, how do you know, on good authority, that there are all these spies and terrorists IN OUR COUNTRY
He was questioning knowledge of any spies.
Are you the one playing fast and loose with the facts? It seems so. I think that also clarifies where the BS is, and it isn't from me.
Re: (Score:2)
That apparently terrorists are so lazy or unwilling to terror act that with a presence of thousands and an action rate equal to what we've see over the past 10 years, most of them will die of old age before committing a single terrorist act?
Re: (Score:1)
Now if only we could get commenters not simply making things up.
Re: (Score:1, Flamebait)
If you trouble yourself to actually read some on the information you wouldn't make such silly comments.
Many of them, such as those associated with Hezbollah, are generating highly valuable funds for the organization, gather intelligence, and make preparations should they be called upon to act. And they certainly could engage in violence if called up. In the case of Hezbollah, they remain a "trump card" for Iran to play if things get too dicey in some future confrontation, such as an invasion. Activating
Re: (Score:1, Troll)
Its not a question of paranoia, but ignorance. I'll let you guess who that applies to.
Here is a hint: China, just by itself, has more than 3,000 front companies devoted to espionage. Russian spies are back a Cold War levels. There are plenty of other countries with an interest in the US.
American Universities Infected by Foreign Spies Detected by FBI [bloomberg.com]
China also has more than 3,000 front companies in the U.S. “for the sole purpose of acquiring our technology,” former CIA officer S. Eugene Poteat, president of the Association of Former Intelligence Officers in McLean, Virginia, wrote in the fall/winter 2006-2007 edition of “Intelligencer: Journal of U.S. Intelligence Studies.”
Peter King warns: Hezbollah agents in U.S. [politico.com]
Rep. Peter King (R-N.Y.) warned Wednesday that there are hundreds — maybe even thousands — of Hezbollah agents inside the United States capable of launching a terror attack if U.S.-Iran tensions continue to escalate.
“The American intelligence community believes we are very much at risk for an attack by Iranian operatives, which would be Hezbollah, that is a terrorist-trained force in this country. It really is the ‘A’ team of international terrorism — far more sophisticated than Al Qaeda,” the chairman of the Homeland Security Committee said on CNN’s “Starting Point.”
Note that is just Hezbollah, not including Hamas, al Qaida, al-Shabaab, or many other terrorists or narco-terror
Re: (Score:2)
"closed session to deal with confidential matters such as classified information."
In a country whose government system is defined by open process this is a dramatic fail.
Comment removed (Score:5, Interesting)
Re:Hysterics (Score:5, Informative)
I'm not NSA (Score:1)
Can you hear me now? (Score:4, Funny)
Thst's 14 year old news (Score:5, Informative)
Many governments have warned industrialists not to discuss secrets when using a mobile phone near the country borders. Only the radio channels are encrypted in GSM, lawful interception happens on the wired network that interconnects the base stations so eavesdropping on A5/1 is mostly used when lawful interception is not an option, e.g. listening to the GSM traffic of other countries.
Cryptome seems to be having a sale on gsm a5 (Score:1)
Anyone can do it from 2009 (Score:2)
http://media.ccc.de/browse/congress/2009/26c3-3654-en-gsm_srsly.html [media.ccc.de]
It is already well known that you can break A5/1 offline anytime you want, and at the 26th CCC there was the "GSM: SRSLY?" conference which outlined the 2 main problems of GSM and UMTS.
GSM A5/1 can be broken (and the give plenty of details), but it is not used in UMTS. No worries, for UMTS you just need a fake station and you are set. No offline decoding though.
Re: (Score:1)
What about one time pads?
*burp* (Score:1)
http://cryptome.org/0001/gsm-a5-files.htm [cryptome.org]
The problem is that the NSA never told (Score:2)
NSA is the biggest Ettus customer. (Score:2)
NSA and its subcontractors are the biggest Ettus customers, they love USRP SRD platform.
Lemme know... (Sqore:300, Yupper) (Score:1)
...when they can rip a BD.
That's totally un-breakable encryption.