
Eavesdropping on GSM Calls - gthank
http://www.schneier.com/blog/archives/2011/01/eavesdropping_o_5.html
======
pmjordan
Other articles about GSM encryption being cracked haven't made it clear that
the attack is essentially a known-plaintext one, which had me scratching my
head about how you could construct a rainbow table for a stream cipher. Okay,
not curious enough to do follow-up research, but still.

I assume the "hash" chain for the tables is generated by picking a random key
to seed the cipher, advancing it to the position of the known plaintext,
XORing with said plaintext, and using the ciphertext as the next element's
key. (or at least using it to derive the next key) Unless I've missed
something, the fact that it's a stream cipher seems to make it easier to
target specific known bits, not necessarily whole bytes.

------
mike-cardwell
US Android users can try out the free RedPhone app from Whisper Systems for
end-to-end encrypted phone calls:

<http://whispersys.com/>

Check out TextSecure whilst you're there if you want to protect your SMS
storage and transmission with public key encryption.

~~~
nodata
Is this open source? How do we know it's encrypted?

~~~
mike-cardwell
They say they're going to make the source available soon:

<http://www.whispersys.com/support.html#8>

Moxie Marlinspike is the guy behind it, and he has a pretty good reputation.
But yeah, you might want to wait until the source is available and compile
your own.

------
corin_
From a comment on his blog:

    
    
      Wasn't that long ago (j10 years?) that only governments and large businesses could do that.
      Which sort of implies that some of them probably were.
    

Painful to see that kind of logic applied.

~~~
bdonlan
Governments can just take control of the ground stations - much easier that
way.

~~~
cnvogel
In their own country, they can.

To eavesdrop in a foreign country, they'll have to purchase the commercial GSM
sniffing equipment.

