From New York times, A German enginner Karsten Nohl claimed that he’d already defeated by deciphering and showing weakness in GSM security which used in almost cellular system in worldwide in chaos Communication Congress. The Chiphering algorithm known as A5 claimed weak and no secure anymore.
As we know that GSM standard using A5 for privacy algorithm named Ciphering algorithm which has 64 bit binary code, but for now it is available for 128 bit binary code. The latest known as algorithm A5/3, and for 64bit binary code known as A5/1 which is claimed already weakness and should be replaced.
Maybe if you are not familiar with telecom term, you can analogy it with another one like Wireless technology Wi-Fi which has security standard like WEP ” Wired Equivalent Privacy“. But it has been changed to WPA (Wi-Fi Protected Access ) or WPA2.
I remind you again with this GSM infrastructure picture :
GSM network
Simply, GSM use send TMSI (Temporary Mobile Subscriber Identity ) rather than IMSI ( International mobile subscriber identity ) in radio link between Mobile station to BTS.
I back to the main topic for A5 Algorithm. Two major aspects in GSM Security is about Authentication and Encryption. Basicly we have some algorithm methods :
A3 used for Authentication algorithm, A5 for Ciphering algorithm, A8 for Ciphering key computation, Ki for Secret encryption key and Kc computed based on Ki.
The basic idea is that information from mobile station to network using non-ciphered mode because ciphering requires a spesific and identified key, and the network should recognize and determine it before the request from Mobile station can be used.
As mentioned above, A5 is algorithm that used doing encryption in data and voice signalling from Mobile Station to BTS. The newest version is A5/3 Algorithm which used 128 bit binary code. But currently there many operators stil used A5 /1 and A5 /2.
A5 /3 designed using KASUMI algorithm which input 64 bit with 128 control bit, and result 64 bit output. It results 114 bit used for encryption uplink and 114 bit for downlink.
When Karsten Nohl stated that A5 /1 is weak, it seems like marketing strategy to mobile operators to change their Algorithm method. Many operators which still use A5 /1 refuse to upgrade to newer technology based on budget counting they have. For some mobile operators which adopt budget operators will consider it before it implemented.
If you still corious about this A5 please see this picture :
K5-ciphering
Signalling and user data is encrypted together for dedicated signalling channel ( SDCCH ) . The encryption signalling and user data performed at mobile station, and from the picture you can conclude that for symmetric encryption , Ciphering and dechiphering are performed with same algotihm A5 and same Kc.
So if the engineer Karsten Nohl claimed he can hack GSM security in algorithm A5, you can imagine what kind of data in mobile station like data and voice can be stolen from the others. So consider this if you are in GSM network planning to avoid this case.
( from various sources) ..
Most search word in this article
- gsm a5 (3)
- A5 algorithm (2)
- change A5 algorithm (2)
- gsm security algorithms (2)
- latest security algorithm (1)
- hacking aha esia internet (1)
- gsm weak security (1)
- GSM security weakness (1)
- gsm hacker android (1)
- gsm cellular system network (1)
- Chaos Communication Congress SMS weak (1)
- android TMSI (1)
- android send TMSI (1)
- android gsm security (1)
- android gsm hacker (1)
- send gsm algorithm android (1)
What a wonderful blog! Please continue this great work I will be sure to check back regularly…
thanks