- If you have an iPhone 3G signal (for example), you're using UMTS (not GSM), which has longer encryption keys (128-bit) and an enhanced protocol. Brute-forcing this keyspace (as in the CCC paper) is unlikely, though they mention the cipher (KASUMI) is "academically broken".
- Neither system has end-to-end privacy. Data is encrypted to your operator's equipment. All other hacks apply.
NYT: In 2007, the GSM developed a 128-bit successor to the A5/1, called the A5/3 encryption algorithm, but most network operators have not yet invested to make the security upgrade.
As far as I can determine, this is wrong. Europe has UMTS broadly deployed and the US came late to this party.
- If you have an iPhone 3G signal (for example), you're using UMTS (not GSM), which has longer encryption keys (128-bit) and an enhanced protocol. Brute-forcing this keyspace (as in the CCC paper) is unlikely, though they mention the cipher (KASUMI) is "academically broken".
- Neither system has end-to-end privacy. Data is encrypted to your operator's equipment. All other hacks apply.
NYT: In 2007, the GSM developed a 128-bit successor to the A5/1, called the A5/3 encryption algorithm, but most network operators have not yet invested to make the security upgrade.
As far as I can determine, this is wrong. Europe has UMTS broadly deployed and the US came late to this party.
For more: http://www.google.com/search?q=umts+encryption