GSM Security 2

On the previous article on GSM security here. We have briefly discussed about the network element and the network architecture of GSM, including the encryption that are widely used in GSM network.
At the end of that article as we have discussed about how the network identify the SIM (Subscriber identity module), this is an important part of the GSM security. 

At this point you must think about the algorithm that are used in GSM network, have the A3 and A8 algorithm been broken.

“Ian Goldberg and David Wagner of the University of California at Berkeley demonstrated that all A8 implementations they looked at, including the few that did not use COMP128, were deliberately weakened. The A8 algorithm takes a 64-bit key, but ten key bits were set to zero. The attack on the A8 algorithm demonstrated by Goldberg and Wagner takes just 2^19 queries to the GSM SIM *Subscriber Identity Module), which takes roughly 8 hours.”
Now authentication center (AuC) generates RAND(128-bit random) and uses along with Ki(128-bit individual) to check the expected response of user.If the response is equal to expected response means the SIM is authentic.
Now where is the problem, The first is that the voice data is only encrypted up to the base station, which sits between the ME and the MSC. If the link between the base station and the MSC is wireless (for example, via microwave dish), the data will be sent unencrypted, and anyone with the proper sniffing equipment can gather unencrypted voice data. Another problem is that it is not unfeasible for a malicious user (or more likely, a government or security agency) to obtain a microcell, or base station, which can be configured to act as a man-in-the-middle. 

GSM Hacked Claims German Scientist Karsten Nohl

Karsten Nohl and his team claimed to break the GSM code, the 24-person team spent five months trying to decrypt the algorithm that prevents eavesdropping on GSM networks, finding allow anyone to listen the private conversion on phone. Billions of mobile user’s around the world are at risk of having their calls recorded.

The team actually broken the A5/1 algorithm that used to encrypt GSM cell phone conversation.

Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...