Code that encrypts world's GSM mobile phone calls is cracked

Summary:A German computer engineer said that he had cracked the secret code used to encrypt most of the world's mobile phone calls.

A German computer engineer said Monday that he had cracked the secret code used to encrypt most of the world's mobile phone calls.

In an attempt to expose holes in the security of global wireless systems, 28-year-old Karsten Nohl cracked the 21-year-old GSM algorithm, which is used to encrypt 80 percent of the world's mobile calls, reports the New York Times.

Nohl revealed his success at the Chaos Communication Congress in Berlin, Germany. He said that 24 people worked independently to reproduce the code book, or binary code log, for the algorithm, which contains the equivalent of about two terabytes of data.

He announced his intentions to crack the GSM algorithm at a conference in August.

[Nohl's wiki page for the A5/1 project]

The GSM Association reportedly said that Nohl's actions were illegal in the U.S. and U.K., and said it was unlikely that Nohl had actually cracked the code.

Nohl reportedly said the code book is available on the Internet through BitTorrent.

The issue at the center of it all: should wireless carriers and/or the government take more steps to ensure the security of GSM wireless phone calls?

The GSM algorithm is an A5/1 algorithm, a 64-bit binary code now slightly outdated compared to the 128-bit codes used today to encrypt calls on third-generation networks. A successor, called the A5/3 encryption algorithm, was later developed, but most network operators haven't yet implemented it.

A known encryption expert, Nohl has a PhD. in computer engineering from the University of Virginia.

Earlier this year, he exposed weaknesses in the security algorithm for cordless home phones, prompting the DECT Forum, a standards group, to revisit it (.pdf). Nohl previously studied the security of RFID systems.

About 3.5 billion of the 4.3 billion wireless connections across the globe use GSM. In North America, 299 million consumers use the technology.

Topics: Hardware, Mobility, Networking, Security, Wi-Fi

About

Andrew Nusca is a former writer-editor for ZDNet and contributor to CNET. He is also the former editor of SmartPlanet, ZDNet's sister site about innovation. He writes about business, technology and design now but used to cover finance, fashion and culture. He was an intern at Money, Men's Vogue, Popular Mechanics and the New York Daily Ne... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.