Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Cellphones Communications Encryption Security IT

Open Source GSM Cracking Software Released 112

angry tapir writes "The GSM technology used by the majority of the world's mobile phones will get some scrutiny at next week's Black Hat security conference. An open source effort to develop GSM-cracking software has released software that cracks the A5/1 encryption algorithm used by some GSM networks. Called Kraken, this software uses new, very efficient, encryption cracking tables that allow it to break A5/1 encryption much faster than before."
This discussion has been archived. No new comments can be posted.

Open Source GSM Cracking Software Released

Comments Filter:
  • Awesome (Score:1, Interesting)

    by Anonymous Coward

    Will this allow me to finally clone my multiple V2 sim cards on a single super card so I won't have to carry multiple GSM cards when I travel abroad?

    • I'm still not clear on why my Android phone can't emulate SIM cards in software so I can have multiple numbers on one phone. I'm aware only one phone number could be active at a time if the phone only has one radio.
      • Re: (Score:3, Insightful)

        by guruevi ( 827432 )

        Because then you could copy the card and put it on another phone having effectively multiple phones with the same number. I don't know how the network handles that but I think at least chaos ensues.

        • Re: (Score:3, Informative)

          by kent_eh ( 543303 )

          I don't know how the network handles that but I think at least chaos ensues.

          No, actually the network notices that the same phone number is in 2 (or more) different locations, recognizes that's a fraudulent scenario, and shuts them all down.
          Then the legitimate owner of the number complains about being shut down, and is issued a new SIM.

          • It's called TwinSim technology:
            http://www.jo.zain.com/ENGLISH/PERSONAL/ZAINSERVICES/CALLRELATEDSERVICES/Pages/TwinSim.aspx [zain.com]
            • Firefox menu > view > page style >no style


              Sounds tempting !
              Finds image intensifier.
              Has second thoughts, borrows mask and apron from welder's workshop.
              "Brace, brace, brace for impact!"
              Didn't even make my eyeballs itch. [DISAPPOINTED, returns gear to welder and bridge.]

              • You're right. Doesn't look so bad on my dev PC.
                My PC at home is setup for games, so is bright with an enhanced contrast.
                that pink seared my eyes at home.
                • My PC at home is setup for games, so is bright with an enhanced contrast. that pink seared my eyes at home.

                  That's a PEBCAK class problem :







          • by cyb97 ( 520582 )

            Or you can pay for it and have it both ways. This is available in quite a few countries where cloned SIMs is a legitimate use case.

            Depends on your locality. Around here it is not uncommon for companies to have one number, but several phones - or even people. So you can have the same number on your desktop phone, mobile phone and car phone without having to move sims around or do cumbersome bluetooth magic.

      • by Amouth ( 879122 )

        Maybe it just temnology

        only one iccid can be active per imei

        as for phone numbers you canhave more than one attached to a iccid - you just have to get your provider to assign the number(s)

      • Re:Awesome (Score:5, Informative)

        by athakur999 ( 44340 ) on Thursday July 22, 2010 @02:56PM (#32994034) Journal

        There is a key value on the SIM. The same key value is also provisioned in your subscriber profile in your provider's main subscriber registry (aka an HLR - Home Location Register).

        When you're connecting to a mobile network, the serving switch sends a request to your provider's HLR. The HLR sends a set of tokens and an "expected result" value to the serving switch. The serving switch then sends those tokens down to your mobile. Your mobile then sends those tokens to your SIM card and your SIM card sticks them into a function along with the key value and produces a result value. The result value is passed back to your phone and your phone passes it back to the serving switch. The serving switch then compares the result value from your phone with the "expected result" value from your provider's HLR and if they match up, you're good to go.

        Only the SIM and the HLR know your individual key value. Your mobile and the serving network are never provided this value. That's why your phone can't simply replicate the function of your SIM, because it would need to know the key value.

        I think the problem alot of people have is they think of the SIM as just a dumb piece of storage. It really is a separate little computer in it's own right that just so happens to live behind your phone battery.

        • Thank you for the informative post!
          • Re: (Score:2, Funny)

            by davester666 ( 731373 )

            and kindly refrain from ever posting on Slashdot again!

            There is a limit of 1 informative post per user. And now you've made me use up mine explaining this to you.

        • Not to forget, too, because it has its own OS, providers can upload their own software onto the device at any point as long as the device is on. Because of this, you get the 'extras' menu on a lot of providers - as I am sure you are aware, they are links pointing to their (high cost, we are talking ~£5 for a ringtone) services.
      • by gr8dude ( 832945 )

        This is not possible because the card contains secret keys that are used when the phone registers on the network and authenticates itself.

        These keys cannot be read, think of them as private members of a class - they can be accessed by the class itself (i.e. the SIM), but they are not seen on the outside.

        The difference is that smart cards (a SIM card is a smart card with a file system that contains data specified in a standard, such as GSM 11.11) are designed to be tamper proof, so reverse engineering them a

  • by Anonymous Coward on Thursday July 22, 2010 @01:04PM (#32992150)

    Release the Kraken!

  • Please, please... (Score:4, Informative)

    by fuzzyfuzzyfungus ( 1223518 ) on Thursday July 22, 2010 @01:08PM (#32992202) Journal
    Get with the times, guys. This isn't "GSM cracking" this is "GSM lawful intercept"... At least that is what the folks who already do it routinely call the practice...
    • Re: (Score:1, Flamebait)

      by KZigurs ( 638781 )

      Uhm? No. The Goverment just has a copy of every conv shipped to them directly from exchange.

  • by Anonymous Coward

    Does this lead to more wiretapping, or free cellular service?

  • by rickb928 ( 945187 ) on Thursday July 22, 2010 @01:19PM (#32992396) Homepage Journal

    TFA also points out that eavesdropping as 'easy' as making a fake tower, getting phones to connect to it, commanding them to drop encryption, and having enough disk space to save the conversations. Not very expensive, and not very difficult.

    So this would work well if you brought a fake tower with you to an event, like a convention or even a press conference, and just gather conversations at will. Setting up a tower near the White House would not be impossible, unless they already understand this and have an onsite tower they can secure. The Secret Service is no doubt already working with this, if not already in place. If VZW or Sprint is their most common carrier, well, those are different standards so this is not the problem.

    All said and done, it is not impractical to be able to eavesdrop on GSM phones, though it is nontrivial. Data intercept I don't know a lot about.

    • Re: (Score:3, Interesting)

      by BitZtream ( 692029 )

      You do realize, that in order for a fake tower to work, it actually has to be part of the network right?

      How do you intend to connect to the phone network with your fake tower?

      Putting up a fake tower and getting phones to connect isn't hard, but its just about only useful for stop calls.

      If you want to listen in on calls with a 'fake tower' it actually has to function as a tower and connect you to a phone network so you can have a conversation. Not much to record otherwise.

      Still not impossible, but its not s

      • by pjt33 ( 739471 )

        Forward (over wire or on a different frequency) to another tower elsewhere which pretends to be the phone?

      • Why would it be hard to connect the phone network?
        You could for example use a phone line... or a voip service...
        to receive and route calls TO mobile phone would be difficult or perhaps impossible but outbound calls would be trivially easy.

      • by Rigrig ( 922033 )

        Couldn't the fake tower just connect to a real tower?

      • by chill ( 34294 ) on Thursday July 22, 2010 @03:10PM (#32994248) Journal

        These have been sold in kits for a few years now. Google "micro cell". You can uplink them to a voip gateway and plop down your own tower on the cheap. Popular for conferences and things like that.

      • FTFA (Score:3, Informative)

        by rickb928 ( 945187 )

        "Meanwhile, another Black Hat presenter, Chris Paget plans to demonstrate a completely different way to intercept GSM calls. He's setting up a fake cellular tower that masquerades as a legitimate GSM network.

        According to Paget, using open-source tools and a US$1,500 USRP radio, he can assemble his fake tower, called an IMSI (International Mobile Subscriber Identity) catcher. In a controlled experiment, he's going to set one up at Black Hat and invite audience members to connect their mobile phones. Once a p

    • The majority of phones have the ability to display an icon when operating in an unencrypted mode, but the carriers turn the icon off.

      I seriously doubt the secret service relies on the security of the cell phone network, regardless of who the carrier is.

      • Which is why I suspect the Secret Service either has towers on site, or has the carriers locate them onsite. After this article, I would expect that. Now how to prevent such a hack when the users get off the property.

        Oh, wait, surely WH staffers have properly encrypted phones, not just carrier encryption. And those that don't, they must be told to discuss nothing on the phone. Nothing.

  • "used by the majority of the world's mobile phones"

    I don't know much about mobile phone tech, but this sounds strange. This is 2010, I don't know anyone still using a GSM-phone, most of us switched to 3G 6-7 years ago. If it's true, surely GSM users are in the minority in the developed world?
    • I'm not a cell phone guru, but it's something like this: 3G is a "standard" (not an official one IIRC) of how fast data transfers are on a cellular network. If a phone is 3G capable, it supports these faster speeds. The GSM spectrum is divided into different bands, depending on where you're at in the world. Eg, a phone that gets 3G service in the US most likely won't get 3G service in Europe. On the flipside, you can get 3G speeds on CDMA networks (VZW is CDMA) but it's more commonly referred to as EV-DO. 3
      • by nxtw ( 866177 )

        3G is referring to UMTS here.

        My phone that gets 3G service in the US will get 3G service in most countries - European countries included. This is true for many AT&T phones.

    • Re:Really? (Score:4, Informative)

      by Eponymous Coward ( 6097 ) on Thursday July 22, 2010 @01:34PM (#32992660)

      From the GSM wikipedia page:

      In 2010, threatpost.com reported that "A group of cryptographers has developed a new attack that has broken Kasumi, the encryption algorithm used to secure traffic on 3G GSM wireless networks. The technique enables them to recover a full key by using a tactic known as a related-key attack, but experts say it is not the end of the world for Kasumi."[17] Kasumi is the name for the A5/3 algorithm, used to secure most 3G traffic.

      • It's been broken in a way that probably does not allow it to be used to decrypt phone traffic - big difference. That said, it's unfortunate that KASUMI has this weakness, even though it appears to be the result of new cryptographic research, given the speed with which new ciphers can be rolled out.
    • 3G is GSM.

    • by mzs ( 595629 )
      If you put a SIM card into your 3G phone, then it is GSM. The term 3G has become little more than marketing rubbish at this point.
      • by bz386 ( 1424109 )

        If you put a SIM card into your 3G phone, then it is GSM. The term 3G has become little more than marketing rubbish at this point.

        That is incorrect. 3G is UMTS, but can seamlessly hand over calls to the 2G GSM.

        • by mzs ( 595629 )
          You are right a UMTS phone that takes a SIM card is almost always really a UMTS/GSM phone that works on both. It is also 3G. But a EVDO, CDMA2000, and EDGE (also takes a SIM BTW) phone are also 3G. EDGE is a part of the 3GPP GSM standard in fact. True though that GSM itself is considered 2G or 2.5G. The 3G is an ITU standard, but pretty much anything with certain minimum peak performance and that can handle data and voice concurrently is allowed. I was trying to be cute with a short reply. it's all actually
  • What I don't understand is why they don't use something along the lines of a Diffie-Hellman key exchange when a call is being set up. In the case of wireless communication, all data gets broadcast in all directions, so setting up an MitM attack wouldn't work, or at least be instantly recognized as such, unless one could somehow intercept 100% of the signal before it reaches its destination, which I'd think isn't generally going to be feasible.
    • Re: (Score:3, Insightful)

      by Anonymous Coward

      Part of the issue... you have to remember how old the GSM standards are. The processing chips didn't have nearly as much oomph as they do today. Most more modern encryption schemes would not have been feasible to even put in a chip that would a) physically fit in a cell phone b) be low enough power to have any meaningful cell phone usage c) have costs low enough to be considered cheap enough to put into cell phones.

    • by Timmmm ( 636430 )

      They don't need to. Diffie-Hellman is for key exchange, but the mobile company already has a copy of the key stored on your SIM card, so they don't need to do any key exchange.

      The problem is that they used weak encryption, not that they used symmetric encryption.

      • by mark-t ( 151149 )
        Okay, so they'd know what phone the transmission was coming from... the content of the communication could still be encrypted by software on the end user's phone.
        • by Timmmm ( 636430 )

          Erm, it is. They just cracked the encryption algorithm.

          • by mark-t ( 151149 )
            You can't crack a Diffie Hellman key exchange except for a single session, because every session has a different set of keys and you have to start from scratch.
            • by Timmmm ( 636430 )

              I never said you could. You seem confused. There is no need for key exchange in thhis case. They just needed to use a better encryption method, e.g. AES.

  • Commercial: (Score:5, Funny)

    by DoofusOfDeath ( 636671 ) on Thursday July 22, 2010 @01:28PM (#32992554)

    "Can you hear me now?"

    "me too!"

  • Which networks? (Score:2, Interesting)

    by MadGeek007 ( 1332293 )
    It would be nice to know exactly which GSM carriers use A5/1 encryption, and to what extent it is used. Is it a de facto standard, or a fallback algorithm?
    • by dwye ( 1127395 )

      In fact, it is deprecated, and no one is supposed to even test whether a phone can handle it, anymore. At least according to the last PTRCB Bulletin entries that I read, on my old account of 4 years ago.

      Using it is actually WORSE than broadcasting in clear, apparently.

  • Could this be used to both eavesdrop on calls as well as snatch arbitrary data transfer as in wi-fi wireless sniffing? I see a lot more dastardly uses of the data than random calls from schmoopy to schmoopy. I always felt like banking on the phone for example was more secure than on an arbitrary computer.
  • by Anonymous Coward

    I know I will probably be called troll or something, but here it goes anyway...

    I worked as a consultant for the defense ministry of certain latin american country (which routinely uses its military for police purposes). While being there I befriended some people who had access to complex eavesdropping systems. They showed me how they had the ability to almost instantly intercept any mobile phone call. They even did it with one of my phone calls for amusement. There were 4 cell phone operators in the country

  • What's new, compared to other past announcements that "GSM has been broken" is that, 3 days ago, the A5/1 Project just wrote the piece of code to perform lookups in the "Berlin rainbow table set". The table set is 2TB and has been computed some time ago and can be obtained from various origins (the project member who wrote the lookup code --Frank Stevenson-- offered the arrangement of swapping preloaded disks for cash at the Schiphol airport). See my blog for some more info [zorinaq.com] about these recent developments.
  • by Veovis ( 612685 ) * on Thursday July 22, 2010 @05:33PM (#32996434)
    .... Can anyone hear me now?.... Good!

"I prefer the blunted cudgels of the followers of the Serpent God." -- Sean Doran the Younger