[ISN] Hackers crack crypto for GPRS mobile networks

From: InfoSec News <alerts_at_private>
Date: Thu, 11 Aug 2011 04:39:56 -0500 (CDT)
http://www.theregister.co.uk/2011/08/10/gprs_cellphone_call_snooping/

By Dan Goodin in San Francisco
The Register
10th August 2011

A cryptographer has devised a way to monitor cellphone conversations by 
exploiting security weaknesses in the technology that forms the backbone 
used by most mobile operators.

Karsten Nohl, chief scientist of Berlin-based Security Research Labs, 
said the attack works because virtually all of the world's cellular 
networks deploy insecure implementations of GPRS, or general packet 
radio service. Some, such as those operated by Italy's Wind or Telecom 
Italia, use no encryption at all, while Germany's T-Mobile, O2 Germany, 
Vodafone, and E-Plus use crypto that's so weak that it can easily be 
read by unauthorized parties.

He plans to release software on Wednesday at the Chaos Communication 
Camp 2011 that allows hobbyist hackers to snoop on GPRS traffic that 
uses no encryption. He will also demonstrate ways to use cryptanalysis 
to decrypt GPRS traffic that's protected by weaker ciphers.

“The interception software to be released tomorrow puts GPRS operators 
with no encryption at an immediate risk,” he told The Register on 
Tuesday evening. “All other GPRS networks are affected by the 
cryptanalysis that will be presented but not released at tomorrow's 
conference. Those operators will hopefully implement stronger encryption 
in the time it takes others to re-implement our attacks.”

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Thu Aug 11 2011 - 02:39:56 PDT

This archive was generated by hypermail 2.2.0 : Thu Aug 11 2011 - 02:37:37 PDT