Cracking the GSM encryption protocol

But who could listen to your phone calls?

A team of Israeli scientists has revealed the existence of a vulnerability in the data transmission system of the GSM mobile protocol. It has allowed them to crack its data encryption algorithm. It is a weakness that means anyone who has the right equipment can spy on calls, Elad Barkan, the scientist who made the discovery said. The GSM Association, which represents over 585 operators in 200 countries, confirmed to Reuters that the flaw does exist. The association also explained, however, that exploiting the weakness would need expensive and complex technology. The fact remains that such technology would be well within the grasp of mafia and other terrorist groups. Since the announcement, Barkan has patented his method of bypassing GSM encryption, which will now solely be used by security forces, he told Reuters. For Louis Granboulan, a researcher who specialises in cryptography at France's prestigious higher education and research institution, ENS, Barkan's discovery is "a scientific advance". "This shows that with the right equipment... GSM communications are easily decryptable," he told silicon.com's sister site, ZDNet France, adding: "It's worth noting that this attack uses the weakness in the GSM protocol itself. It therefore makes it different to the classic cryptographic attacks, where the algorithm itself is targeted." "In my [scientific] opinion, one of the main results will be a renewed interest from the cryptography community in communication protocols. It's an area of research that, until now, has been largely neglected and which will now enjoy rapid growth," Granboulan said. Christophe Guillemin writes for ZDNet France. Translation by Jo Best.