That didn't take long - encryption used in 3G networks broken too

14 January, 2010 | Comments (30) | Post your comment

Tags: Misc

The GSMA is having a tough time keeping encrypted things encrypted. Just over a couple of weeks ago the GSM encryption was broken, now the 3G encryption it seems is no longer secure. The transition to 3G networks and their more secure encryption algorithm was one of the ways some downplayed the importance of breaking the GSM encryption.

The original algorithm intended for UMTS is called MISTY1, but was too computationally intensive, so it was replaced by a revised version called KASUMI (Japanese for "mist"). The new algorithm was supposed to be easier on the hardware, but not any less secure.

It turns out that's not the case. An attack on the algorithm takes just several hours on a regular computer to break the encryption. So, it doesn't enable real-time eavesdropping (at least not using a single computer), but the researches that broke the code say their implementation wasn't optimized, so there's probably room for improvement.

This attack however doesn't work on the original MISTY1 encryption. Still, unless it's possible to switch to it from the current algorithm that doesn't help the situation much.





That didn't take long - encryption used in 3G networks broken too - reader comments

  • Anonymous

Clinton has nothing to do with unauthorized listening to phone calls. You may remember 2-3 year old scandal with telcos helping to monitor phone conversations without court orders on Bush orders and then Congress protecting them retroactively from li...

  • Reply
  • 2010-01-24 22:16
  • q{Xw
  • Tommyguns

i say we all go back to the old tdma network!!! or juand to be honest the world leaders are prob already listening to me talk to my mom!

  • Reply
  • 2010-01-16 18:50
  • 9yML
  • tooday

Actually yes, no court ordered needed anymore. bill clinton signed a bill that would enable those (government) the right to listen in on any phone call. The fact of the matter is, law has deficated on our right to enjoy privacy. So with the progress ...

  • Reply
  • 2010-01-16 15:28
  • 5%rr