A security researcher known for his work on cracking cryptographic ciphers on mobile networks has found a method that enables him to capture and decrypt data traffic on virtually any GPRS network. The attack, developed by Karsten Nohl, enables him to eavesdrop on traffic within a radius of about three miles.
Nohl plans to release a software tool that will enable other researchers to perform the same attack this week, according to reports. Nohl discussed his findings and the technique at a conference in Germany sponsored by the Chaos Computer Club. GPRS (general packet radio system) is one of the handful of mobile standards employed by carriers around the world, including T-Mobile and others in Europe. It was meant to be a replacement for the GSM system and still carries quite a lot of traffic now.
To execute his attack, Nohl modified a low-end Motorola phone and used some free software to gather GPRS traffic and then decrypt it. In an interview with The New York Times, Nohl said he found that a couple of operators in Italy–TIM and Wind–did not use any encryption at all on their networks and that the encryption used by most other operators was sub-standard.
The work by Nohl and his colleague Luca Melette has broad implications for mobile network operators and device manufacturers. Fixing a problem of this kind likely involves modifications to the operators’ networks as well as the devices themselves. Mobile phones are built to run on one or two specific networks–say GSM or GPRS–and making modifications to the way that the networks operate can disrupt service.
Nohl, who works for Security Research Labs in Berlin, is well-known for his previous work on decrypting the A5/1 GSM cipher. That algorithm is an older one, although it’s still in use in some places. A second GSM cipher, known as Kasumi, which is used on 3G GSM networks, also was broken last year.