Security of Mobiles and Networks to be tested soon

Security researcher Karsten Nohl has issued a hacking challenge that could expose T-Mobile and AT&T cell phone users -- including Gphone and iPhone patrons -- to eavesdropping hacks within six months.

Nohl, a computer science Ph.D/ candidate from the University of Virginia, is calling for the global community of hackers to crack the encryption used on GSM phones. He plans to compile this work into a code book that can be used to decipher encrypted conversations and data that gets transmitted to and from GSM phones.

Nohl’s motive: he wants to compel the telecoms to address a security weakness that has been known for years. He estimates it will take 80 volunteer programmers six months to crunch the data to break the GSM encryption; 160 volunteers could cut that time to six weeks.“It looks like in a matter of months criminals world-wide will be able to intercept mobile phone conversations,” says Simon Bransfield-Garth, CEO of mobile security firm Cellcrypt. “The immediate impact is not just businesses and corporations, but potentially all of us who use mobile phones.”

The Chaos Computer Club has told the FT that in the couple of months it will be releasing code capable of cracking GSM with just a laptop and an antenna.

In comments made to the German edition of the Financial Times, the hacking group claims that governments, and criminals, are already using the technique which can break the encryption used to protect 2G GSM calls in near-real time using existing systems. The group says a public exposure of the technique will take place in the next month or two and allow anyone equipped with a laptop and an antenna to listen in to GSM phone calls.

GSM uses a range of algorithms for key generation, authentication, and encrypting connections. This latest crack is focused on the last element which relies on a range of algorithms known as A5 and numbered from zero to three. A5/0 indicates that no encryption is used, such as in countries still under ITAR* restrictions, A5/1 is the European standard that seems to be the target of this latest breach, A5/2 is used in the USA and generally considered weaker than A5/1, while A5/3 is the strongest of the lot and mandated by the 3G GSM standard.

GSM has been cracked before, the early algorithms used were weak and kept secret (and thus not exposed to public scrutiny), a situation made worse by network operators padding the keys with zeros to reduce the cost of SIM cards. This made a weak algorithm that relied on obscurity even weaker. But since then, the standard has proved surprisingly secure, and even today specialist equipment will take half an hour to break a call, so real-time listening to GSM calls has been restricted to James-Bond types with unlimited budgets.

But the Chaos Computer Club reckons they've found a way to share those super-spy eavesdropping capabilities with anyone, which should have implications for celebrities using mobile phones, but will probably have a more immediate impact on low-level drug dealers who've long relied on the security of GSM for their business.

All encryption breaks eventually, as computing power rises, and systems like GSM are designed with a specific lifetime during which the encryption is expected to remain secure. Changing the encryption is possible, but A5 is managed by the handset rather than the SIM and network operators have to support legacy handsets for long periods even if the latest models could be equipped with better encryption.

But the rest us will probably just hold tight until everyone is using 3G networks, at least in developed countries, where A5/3 is used and should remain secure for another decade or two.

Wireless Cellular Security

Arvind, an old colleague recently spoke in ACM, Bangalore on the topic of Security. Here is his presentation:

Securing Wireless Cellular Systems

View more documents from ACMBangalore.

There are lots of interesting Questions and Answers. One interesting one is:

Does number portability mean that data within an AuC is compromised?

Not really. Number portability does not mean sensitive data from old AuC are transferred to the new AuC. The new operator will issue a new USIM which will have a new IMSI. Number portability only means that MSISDN is kept the same for others to call the mobile. The translation between MSISDN and IMSI is done at a national level register. Such a translation will identify the Home PLMN and the HLR that’s needs to be contacted for an incoming call.
That’s the theory and that’s how it should be done. It will be interesting to know how operators in India do this.

You can read all Q&A's here.

I wrote a tutorial on UMTS security many years back. Its available here.

HSPA based Laptop Enabler/Disabler

Ericsson (NASDAQ:ERIC) today unveiled its most advanced mobile broadband module, uniquely designed with innovative features to provide a richer and cost-effective internet experience for all. The next-generation module marks the latest milestone for Ericsson, furthering the company's vision of an all-connected world.

Ericsson's F3607gw mobile-broadband module for HSPA/GPRS/EDGE networks, to be released in June, will provide enhanced functionality and convenience through its innovative features, reduced power consumption, prolonged battery life and an increased level of integration, reducing the number of necessary components and therefore cost. The new module will also provide built-in mobile broadband support for Microsoft Windows 7.

Mats Norin, Vice President of Ericsson Mobile Broadband Modules, says: "The combination of leading technology and innovative design in the next-generation module is key to delivering a superior user experience at an affordable price. This module release confirms Ericsson's commitment to making the benefits of connectivity available to everyone."

An important facet of the F3607gw is the unique wake-on wireless feature. By remaining connected while a notebook or netbook is in sleep mode, the module's wake-on wireless feature enables users to remotely wake up the device. This innovative technology will allow a new set of applications to be built into the computer to further enhance security and instant-on functionalities, such as the ability to disable the computer in case of theft, or instant distribution of important messages and security updates.

Operators can also combine the wake-on wireless feature and embedded GPS functionality to create a range of differentiating services for consumers and the enterprise market, including remote manageability, security updates, asset protection and tracking and geo-fencing. The module can also be used for content push services, such as podcasts, public warnings, traffic updates and database updates.

Specifically, the wake-on wireless feature supports security solutions based on Intel's Anti-Theft PC Protection Technology. An anti-theft management service in the network can send a message via SMS to the mobile-broadband module inside the notebook, which securely transfers the message to Intel's Anti-Theft function inside the processor platform. This takes appropriate actions, such as completely locking the computer and making it unusable. When the notebook is located and recovered, an unlock message can be sent to the notebook that makes the data accessible again.

100% secure Zumba Lumba Phone to be available soon

Its a really catchy name and I may just buy it because of the name ;)

Rather than being developed by one of the world's large, well known handset manufacturers, the Zumba is being developed by IA Technologies, based in Hereford in the UK, using the brand name, Zumba Lumba.

It is being touted as potentially revolutionising the industry, due to what its makers claim is the world’s most accurate voice recognition system.

The Zumbafone could be available by the end of this year, according to reports.

The innovation is a circular pad that can be placed over the ear and detaches from a small handset that contains a circular dial pad and screen. Simply removing the earpiece pad from the handset activates a connection to the internet. You then simply say the name of a contact to dial a number or send a text. When you receive a text it can them be read out to you.

No contact information is stored on the handset itself, with all data being held ‘in the cloud’, which the makers say makes the phone 100 per cent secure. As it is fully tied to voice recognition, the claim is that if lost, the phone cannot be used by anyone else.

The phone is aimed as a low cost, or secondary phone, so eschews features such as high resolution screen and camera.

What is Zumba?

Low cost, simple and a refreshing new way to communicate

Unlike any other mobile phone or phone service

Designed and developed to become a real and exciting alternative

An everyday phone, or simply a back-up phone, Zumba strips away the complexity and expense of heavily featured handsets and introduces a fresh new way of making calls. Zumba does away with the need to remember phone numbers - you simply say your contact’s name and Zumba will connect you.

Because the Zumbafone is so exceptionally light and small it can be worn. As you can see from the pictures, it has a detachable keypad and screen which means you can wear it by slipping it over your ear.

Zumba has already been in development for three years and is in the final stages of development this year. We are looking forward to bringing our service to market and making its many benefits available to all.


You can watch Youtube video of ZumbaLumba:

LTE Femtocells Killer App: Wireless HDD

Just read this article:

Security appears to be all washed up, as USB sticks with sensitive data are being left regularly in pockets when workers take their clothes to be cleaned at laundrettes.

According to a survey from Credant Technologies, who claims that 9,000 USB sticks have been forgotten and left in pockets of clothes taken to dry cleaners. These figures were obtained from phone interviews with 500 dry cleaners across the UK, who found an average of two USB keys per year. Extrapolating this to the 4,500 dry cleaners in the UK leads to the 9,000 figure.

Data sticks are most frequently found in city centres and commuter areas with one proprietor in the City of London finding 80 memory sticks in 2008 alone.

Back in the LTE world summit last year, one of the things I mentioned was, that once LTE Femtocells are available we may be able to create innovative and groundbreaking applications to run on it. I was aware of some people suggesting that the broadband providers may throttle the backhaul traffic on the Femto but I was assured by one person from Sweden (or Finland ... cant recall for sure) that in the Nordics there is already upto 100Mbps speeds available and most of the people use P2P networks thereby consistently loading the ISP's. He did not think that there will be a problem.

One of the applications I suggested was a wireless Hard Disk Drive (HDD) or maybe a better term would be mobile USB (MUSB). The following slides are extracted from my presentation as I am being a bit lazy (and busy) to put them here.

As always, I am happy to receive feedback, comments, criticisms, etc, etc.

Security Upgrade from Release 7

For those familiar with the 3G Security (Ciphering + Integrity) architecture will know this well that there is only one Integrity algorithm (UIA1) defined and it is mandatory. On the other hand there are two ciphering algorithms (UEA0 and UEA1) defined. UEA0 in reality means no Ciphering ;). UIA1 and UEA1 are both based on Kasumi algorithm. UEA1 is f8 and UIA1 is f9 algorithms of Kasumi. (Please feel free to correct my terminology if you think its wrong).

From Release 7 there are some additional provisions made for increasing the security.

First lets talk about GSM. Initially only a5_1 and a5_2 algorithms were defined for GSM. They have not been compromised till date and are still secure. Still some new algorithms have been defined to make sure there is a backup if they are ever compromised. a5_3, a5_5 and a5_8 have been defined for GSM/GPRS and GEA3 defined for EDGE.

For UMTS, UEA2 and UIA2 have been defined. They are based on 'Snow 3G' algorithm. Kasumi is a 'blockcipher' algorithm whereas Snow 3G is 'streamcipher'. The interesting thing as far as I understand is that even though this is defined and mandatory for UEs and N/w from Rel7, it wont be used but will only serve as backup. More on this topic can be learnt here.

More detailed information on UIA2 and UEA2 is available here.

There are some enhancements coming in the SIM as well. At present all the Keys are 128bits but there should be a provision that in future, 256 bits can be used.

There are some extensive overhauling of IMS security as well but I havent managed to get a good understanding of that yet.

All the reports from the 3rd ETSI Security Workshop held on Jan 15-16 2008 are available here.