7 comments

[ 3.6 ms ] story [ 30.7 ms ] thread
Other articles about GSM encryption being cracked haven't made it clear that the attack is essentially a known-plaintext one, which had me scratching my head about how you could construct a rainbow table for a stream cipher. Okay, not curious enough to do follow-up research, but still.

I assume the "hash" chain for the tables is generated by picking a random key to seed the cipher, advancing it to the position of the known plaintext, XORing with said plaintext, and using the ciphertext as the next element's key. (or at least using it to derive the next key) Unless I've missed something, the fact that it's a stream cipher seems to make it easier to target specific known bits, not necessarily whole bytes.

US Android users can try out the free RedPhone app from Whisper Systems for end-to-end encrypted phone calls:

http://whispersys.com/

Check out TextSecure whilst you're there if you want to protect your SMS storage and transmission with public key encryption.

Is this open source? How do we know it's encrypted?
They say they're going to make the source available soon:

http://www.whispersys.com/support.html#8

Moxie Marlinspike is the guy behind it, and he has a pretty good reputation. But yeah, you might want to wait until the source is available and compile your own.

From a comment on his blog:

  Wasn't that long ago (j10 years?) that only governments and large businesses could do that.
  Which sort of implies that some of them probably were.
Painful to see that kind of logic applied.
Governments can just take control of the ground stations - much easier that way.
In their own country, they can.

To eavesdrop in a foreign country, they'll have to purchase the commercial GSM sniffing equipment.