Looks like all that GSM code-cracking is progressing faster than we thought. Soon after the discovery of the
64-bit A5/1 GSM encryption flaw last month, the geniuses at Israel's Weizmann Institute of Science went ahead and cracked the KASUMI system -- a 128-bit A5/3 algorithm implemented across 3G networks -- in less than two hours. If you must know, the method applied is dubbed 'related-key sandwich attack' where multiple values of known differentials are processed through the first seven rounds of KASUMI, then using resulting quartets that are identified sharing key differences, subkey materials can be obtained in round eight to build up the 128-bit key. Sure, it's hardly snooping-on-the-go at this speed, but worryingly this was only an 'unoptimized implementation... on a single PC.' At the same time, the paper condemns the presumably red-faced
GSM Association for moving from MISTY -- a more computationally-expensive but much stronger predecessor algorithm -- to KASUMI. Guess we'll just have to stick with Skype.
posted January 15th 2010 6:45AM
"(...) for moving from MISTY (...) to KASUMI."
Somewhere, someone related to this is a Pokémon fan.
@Nosgoroth I collected all 151 Pokémon cards yet still failed to spot the connection until now!
@Richard Lai
You don't know about Misty from Pokemon ?
doh ...
@kiyu727 Well, I had mostly Japanese cards instead of US ones.
@Nosgoroth
your avatar deserves a trevr award
(trust me, thats a good thing)
@Nosgoroth
i could name all 493 pokemon if you showed me a picture.
at 19... i guess thats a bad thing. honestly though, i dont give a fuck. pokemon's the shit.
@Nosgoroth
Israel's Weizmann Institute of Science Used related-key sandwich attack!
It's SUPER EFFECTIVE!
@Nosgoroth
Also Misty is Kasumi in the Japanese version.
Just thought i should mention that :)
@chrisp Yeah, that's the idea.
@Nosgoroth Let's be honest. How many of you guys get laid. Everynight? Once a month? Once a year? You guys should learn how to be semi-geeks...fashionable and like-able by the mass population but still maintain a love for all things geeky. Like myself. :D Not a bash my friends. Just an uplifting suggestion.
Ahhh... Israel :)
Looks like the US government was indeed listening in....
@(Unverified)
Let them listen all they want.. unless they gots Soop Diggity Dog working for them...
These izzles wizzle undershizzle a wizzle wazzle izzle sizzles my shizzle ya dizzle?
Break THAT encryption ya Bizzles!
@(Unverified)
The cell phone companies allowed the NSA to install routing equipment in their primary routing centers. In addition, cellular hubs are required to have what is basically a jack that the Feds can plug into and listen to whatever they want, without a warrant, and without encryption (obviously).
They didn't even need this, since the big companies are all too eager to bend over to the Feds
If you're that worried about someone listening in, encrypted VoIP via SIP or just plain Skype is the perfect answer. My question is - what about CDMA?
TRUST ME. Skype is WAY easier to hack.
For all I care, this goes to show that all technology is, is man made machines that perform basic calculations at high speeds. So any man that takes a machine can do the reverse calculations (way of speaking).
@Philip Han
What are you basing that on? As far as I know, Skype encryption has not been hacked (other than by brute force which is simply unfeasible as a practical technique). Even the NSA admits to not being able to eavesdrop Skype calls. Here is an evaluation by an independent security and cryptology expert: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf
His bottom line evaluation? "I started as a skeptic. I thought the system would be easy to defeat. However, my confidence in the Skype grows daily...The designers of Skype did not hesitate to employ cryptography widely and well in order to establish a foundation of trust, authenticity, and confidentiality for their peer-to-peer services. The implementers of Skype implemented the cryptographic functions correctly and efficiently. As a result, the confidentiality of a Skype session is far greater than that offered by a wired or wireless telephone call or by email and email attachments."
@tonicboy I stand corrected.
Maybe it was MSN... I guess I can start using Skype more often ;)
What about Skype on iPhone? Is the encryption employed on it?
@Philip Han
I wouldn't call the factorization of a 2048 bit semiprime a basic calculation. Or the reversal of a 512 bit SHA hash function for that matter. None of these can currently be reversed. The problem with mobile transport algos is that usually the ones that are easy and cheap to implement on silicon are chosen for the job.
Bottom line: want to secure your data? Use SSL/TLS aware services (voip/banking/etc) for your 3G connection.
@Dudeman Since you're really good on this kind of stuff.
How do I set up a VPN on my home computer so my iPhone can go through it? Let's say my schools blocks a plethora of websites if I use a VPN I can get by that right? Would it be secure?
Sorry for the off topic question but I've been asking, searching and trying but Hamachi is a PITA when you don't know what to do!
@Philip Han
VPN is an overkill for that kind of job. What you are looking for is a proxy server (that supports encrypted sockets). Set it up on your home computer, password protect it then go to your iphone network settings (i have no idea where it is) and type in your credentials.
@Philip Han
"TRUST ME. Skype is WAY easier to hack."
Nope! Not Skype! By its nature, its very difficult (think strongly encrypted voice pkts on different P2P nodes w/o the keys). There no one point to listen in on like a landline or mobile. The data is all over the place.
According to an old NY Times article, the Germans claimed to have the ability to pick Skype's cherries at will. I havent heard anything on that since.
@Dudeman I have it all set up but I don't think that SERVER, PORT and AUTHENTICATION are right... I can't find them in Hamachi.
This is a related key attack, meaning that you need a related key. This is not a real world implementation. This is more about the weakness of the algorithm than it is about live implementation. It still requires brute force attacking of one key, then, if you happen to find a related key, you can crack this second (or third) key much faster.
encrypt it using 512 encryption then, you take each one of the resulting keys and encrypt them in 512 encryption. lets see them hack that!
@Captain Underpants and the Bring
that is of course to say the resulitng 512 bit string code, IE:fahfoiashfoabgan22392uosiasfan etc.. each one of those letters is encoded at a 512 bit code itself.
@Captain Underpants and the Bring
The algo was crappy in the first place.
Can current mobile devices handle 512 keys w/ a decent algo? Wouldnt latency be a factor at some point?
There is no privacy as long as you use a cell phone or computer, or live in any industrialized country.
I guess its good we are on the way to 4G then?
The superviza is pleased.
Now for that taxi number...
Man, whomever wants to hack in and listen to my conversations would find themselves bored silly. I say go for it.
What's so bad about this?
@Comment there is nothing bad, 128bit encryption is useless, and has been known to be useless for quite some time now. maybe this will force them to use the normal 256/512bit cypher standard.
gotta love it when someone cracks a 128bit encryption block cypher with 1 pc in 2 hours. just think what you can do with a cluster or a bot net?
what a great application for cloud computing this is :)
I can't wait till the geek horror Attack of the Related-Key Sandwiches hits the theaters.
i have to give engadget props tho for using the outline of KSAUMI for the graphic for this article...nice job
is there any need for source code alterations to be done by web developers who work on high security demanding web applications.
Dang, that was fast.
SRA International is getting ready to unveil a new solution called OneVault Voice. It enables secure P2P communications with a hardened SD chip with crypto engine that allows real-time encryption between devices. (up to sbu level). It is in a private beta test right now and will be unveiled at RSA Conference in March. Initially the solution will be available on Blackberry and Winmo devices. Management of the system occurs through the "trust center" which allows users to customize "trust groups."
@RealTime steve
Yet another single critical point of failure. Hackers can just go after the said "trust center" and cripple its defenses. The users wouldn't even know the "trust center" has been compromised.
@jcpb It seems they are deploying a HW/SW bundle. Getting into the "trust center" would be useless unless your supposed hacker had also stolen the special SD chip. I hear it's NIST compliant and more... Guess we will have to wait and see.
I've always heard anything encryption with less then a 256-bit cipher is useless...
I mean you can easily break 8 and 16 bit by hand...64 bit as well with a little bit more work...why did they even bother with the old standard.