Securing the Mobile Enterprise

August 30, 2009

hacking A5/1

Filed under: Mobile Security — Balaji Prasad @ 11:52 pm
Tags: , ,

A5/1 is a stream cipher that is used to provide OTA security on GSM wireless networks. Vulnerabilities in this protocol have been known for years. It has been rumored that these vulnerabilities were left unfixed more due to political concerns than technical.Earlier this month, researcher Karsten Nohl has unveiled software that uses the distributed computing power of thousands of graphics processors (a la-‘ SETI) to construct a massive rainbow table  of GSM codes. A rainbow table is just a fancy name for a look up table that allows one to “invert” a hash. This hack in its most benign form would allow the community to come up with an open-source GSM protocol (though the market and business case for this is as yet unclear), however a more sinister manifestation would allow a hacker to snoop the airwaves and listen in on any cellular conversation(shudder!!). In the US, Verizon and Sprint are unaffected by this flaw, though AT&T and T-Mobile are potentially vulnerable. Presently there is no software or technique out there that can exploit this, however that could change soon. The GSM Association is said to be working on updating this decades old protocol and address some of its security flaws. About time!!

Blog at WordPress.com.