Hack GSM cryptographic protection is now possible for a thousand dollars
At the Black Hat conference, a new method of hacking GSM encryption was demonstrated, which is distinguished by its simplicity and low cost. It requires equipment that costs only $ 1000 and about half an hour to decode the signal and select keys.
Thanks to the work of two young specialists, David Halton and Steve Muller, soon the remote wiretap of GSM phones will become available not only to the special services, but also to any citizen. The inventors used a well-known vulnerability in a standard protocol. According to MĂĽller, GSM protection was hacked back in 1998, when theoretical papers on this topic were published. They just put the exploit into practice.
Already in March of this year, Hulton and Muller plan to launch a quick version of their spy system, which will hack protection in just 30 seconds. However, such a system will cost at least $ 200 thousand. Hulton and Muller have already defended the development of a patent.
For comparison, at the moment, the special services for passive interception use equipment costing about a million dollars: these are the “number crushers” who select the keys using the brute force method. Mobile fake base stations are used for active interception, but they only work at close range and are easily vulnerable to detection.
')
If there is no special equipment, then in Russia, wiretapping is carried out directly through the switches of cellular operators, since all domestic telecom operators are ready to meet these questions.
The new method of hacking should be a signal for mobile operators, who for many years refused to pay attention to the fundamental vulnerabilities of the GSM protocol, said cryptography bruce Schneier. “This is a new job, but it is not surprising,” he says. “We have been talking for years about the weakness of the algorithm. Representatives of the communications industry responded, they say, only in theory. Well, now it is in practice. "
Thanks to the work of two young specialists, David Halton and Steve Muller, soon the remote wiretap of GSM phones will become available not only to the special services, but also to any citizen. The inventors used a well-known vulnerability in a standard protocol. According to MĂĽller, GSM protection was hacked back in 1998, when theoretical papers on this topic were published. They just put the exploit into practice.
Already in March of this year, Hulton and Muller plan to launch a quick version of their spy system, which will hack protection in just 30 seconds. However, such a system will cost at least $ 200 thousand. Hulton and Muller have already defended the development of a patent.
For comparison, at the moment, the special services for passive interception use equipment costing about a million dollars: these are the “number crushers” who select the keys using the brute force method. Mobile fake base stations are used for active interception, but they only work at close range and are easily vulnerable to detection.
')
If there is no special equipment, then in Russia, wiretapping is carried out directly through the switches of cellular operators, since all domestic telecom operators are ready to meet these questions.
The new method of hacking should be a signal for mobile operators, who for many years refused to pay attention to the fundamental vulnerabilities of the GSM protocol, said cryptography bruce Schneier. “This is a new job, but it is not surprising,” he says. “We have been talking for years about the weakness of the algorithm. Representatives of the communications industry responded, they say, only in theory. Well, now it is in practice. "
Source: https://habr.com/ru/post/20662/
All Articles