If you are still using GSM phones based on earlier signal standards, you better be a bit cautious while using your phone.
According to recent reports from foreign media, security researchers have found that they only need to use three NVIDIA GeForce GTX690 graphics cards (GPU) to crack the GSM A5 encryption algorithm.
What Is the A5 Encryption Algorithm?
The A5 algorithm was developed by a Frenchman in 1989 and is a stream cipher primarily used in GSM systems. The A5 encryption algorithm is used to encrypt communication connections from mobile phones to base stations. There are three versions of this algorithm: A5/1, A5/2, and A5/3; unless otherwise specified, A5 usually refers to A5/1.
Regarding the encryption issues of GSM, some believe that the security of the algorithm will hinder the promotion of GSM phones; others think that the strength of the A5 encryption algorithm is too weak to resist eavesdropping from intelligence agencies. The A5 encryption algorithm is characterized by its high efficiency, making it suitable for efficient hardware implementation, and it can also be subjected to known statistical tests.
In summary, the basic idea of the A5 encryption algorithm is not problematic, and its execution efficiency is very high. However, from a cryptographic and security perspective, this algorithm has many security issues.
Serious Security Issues in GSM Communication Encryption
Recently, a group of security researchers from the Agency for Science, Technology and Research (A*STAR) in Singapore stated that with the help of ordinary GPU processors, they can crack the encryption algorithm used for GSM mobile data in just a few seconds.
In fact, people have known about the serious security issues in the A5/1 encryption algorithm since 2009.
Before the 2G communication technology was officially put into use, relevant departments did not disclose the existing security problems in 2G communication encryption, and due to confidentiality, these encryption algorithms were not submitted for security audits by peers, leading to the current situation.
The A3 encryption algorithm is specifically used for authentication, the A5 encryption algorithm is used for information encryption, and the A8 encryption algorithm is used for key generation.
GSM only verifies the identity of users accessing the network. Therefore, the encryption security layer can only provide data confidentiality and authentication functions. However, it is important to note that this is a limited form of authentication, as it does not possess the characteristic of non-repudiation.
To achieve communication security, GSM employs various encryption algorithms. For example, GSM uses A5/1 and A5/2 stream ciphers to ensure the security of user voice call data. However, both of these encryption algorithms have serious security issues, and attackers can crack these two encryption algorithms through the following methods:
1. Crack A5/2 through real-time ciphertext-only attacks;
2. Crack A5/1 using rainbow table attacks;
Some Major Security Issues in GSM Are as Follows:
1. Communication data transmitted over fixed networks is not encrypted;
2. Unable to resist certain active attacks;
3. GSM communication security can only be guaranteed when connected to a secure fixed network;
4. Legal interception in GSM is merely a remedial measure after the fact;
5. The terminal identification code is not trustworthy;
From a purely technical perspective, the 3G communication network has abandoned the insecure A5/1 stream cipher in favor of the KASUMI block cipher, but the KASUMI block cipher also has many serious security issues.
Cracking the GSM A5/1 Encryption Algorithm
Information and Communication Security Expert Jiqiang Lu from A*STAR Explained:
“GSM uses a stream cipher called A5/1 to protect the security of communication data, and A5/1 uses a 64-bit key and a very complex keystream generator to resist some basic attacks, such as key exhaustion and dictionary-based brute force attacks.”
First, security researchers exploited two security vulnerabilities in GSM communication encryption and, with the help of ordinary commercial hardware, spent 55 days calculating a rainbow table.
It is reported that the size of this rainbow table is 984GB. After obtaining the rainbow table, security experts can determine the key used for encrypting communication data in just nine seconds.
We can see that this new type of attack not only greatly increases the success rate of traditional brute force attacks but also significantly reduces the time required for calculating passwords and launching attacks.
Jiqiang Lu Added:
“During the attack process, we used a rainbow table generated through offline iterative calculations, which contains keys and their corresponding output passwords.
When the attacker receives the output data during the attack, they can determine the validity of the output data by identifying the correspondence between keys and passwords in the rainbow table.”
In terms of testing equipment, security researchers used a computing device consisting of three NVIDIA GeForce GTX 690 graphics cards, which cost approximately $15,000.
Security Researchers Wrote in Their Published White Paper:
“We used a general-purpose graphics processing unit (GPGPU) computer composed of three NVIDIA GeForce GTX690 graphics cards, which cost about $15,000.
We spent 55 days calculating a rainbow table, and with the help of this rainbow table, we can crack the A5 encryption algorithm in just nine seconds through online attacks.
With prior access to four key sequences, the success rate of cracking is 34%; if we can access eight key sequences in advance, the success rate can reach 56%, with each key sequence being 114 bits long.
If we can use two such rainbow tables for the attack, then with prior knowledge of eight key sequences, our success rate for online attacks within nine seconds will be as high as 81%.
The experimental results show that the A5/1 encryption algorithm is indeed very weak, and therefore GSM should immediately stop using this encryption algorithm.”
* Reference Source:securityaffairs, FB Editor Alpha_h4ck compilation, please indicate fromFreeBuf.COM
