3G mobile encryption cracked

Not too long ago, we heard that the GSM cellphone encryption was cracked and users were vulnerable to attacks.  After GSM 64-bit A5/1 algorithm was compromised, the 3G algorithm was likely to follow shortly after.

Based on the reports about the 3G encryption cracking, the network relies on a KASUMI system, which only needs a couple of hours for a well-coordinated hacker to crack.  3G uses the KASUMI encryption, which processes 64-bit blocks using a 128-bit key.

What exactly does this mean to 3G users?  We’ll, fortunately for everyone, the crack was found by researchers that used a highly complex mathematical equation and the exploit isn’t available to the public.  The researchers said that their un-optimized single PC can recover 96 key bits in a matter of a few minutes and can complete the full 128 bit key in less than two hours.

Consumers shouldn’t be worried about this just yet, as CDMA has a MISTY encryption prepared.  The MISTY encryption is a more complicated algorithm, which in theory should be harder to crack to a would-be hacker.  Until someone else comes up with a method to crack the 3G algorithm, users data should be safe.

Report a problem with article
Previous Story

Welcome to Neowin 6

Next Story

German Government asks people to stop using IE

17 Comments

Well at least I'm on CDMA with Verizon.

I'm hoping to god that they don't crack CDMA, because if that happens, it's all over.

Sevan said,
Well at least I'm on CDMA with Verizon.

I'm hoping to god that they don't crack CDMA, because if that happens, it's all over.


Individual hackers might have already cracked CDMA and who knows what else, Not everyone wants spreads their own exploits.

Hylands said,
I hate how people basically devote their lives to making other peoples lives crap.

Governments strangely favour this type of defencsive/offensive research

littleneutrino said,
At this point it should be considered that all electronic communication is insecure to one degree or another.

Right, but we assume that in some way, shape or form, that the data that is transmitted is "theoretically" secure.

Intelman said,
Someone will write some program that cracks this on a GPU, GSM/CDMA cracked in 3 minutes.

At some point, encryption technologies will not keep up with the advancement in computing. Imagine the power we'll have a decade from now. 128bit and perhaps 256bit may not simply be secure by the fact it would take "too long" to crack.

Surely though the advancement of technology would also allow for more advance encryption algorithms? It's a cat and mouse game

DomZ said,

Surely though the advancement of technology would also allow for more advance encryption algorithms? It's a cat and mouse game

No doubt encryption will get better, but what happens when hardware encryption becomes standard? The portable hard drives of today have 256bit hardware encryption. At some point , would we have to start replacing hardware just to keep up?
It seems to be that computing power advances much faster than encryption.

Wow, I remember hearing this on a security podcast a couple months ago and it's already been cracked.
Nothing is safe anymore.

Commenting is disabled on this article.