{"id":10318,"date":"2016-10-24T10:03:07","date_gmt":"2016-10-24T10:03:07","guid":{"rendered":"http:\/\/revoscience.com\/en\/?p=10318"},"modified":"2016-10-24T10:03:07","modified_gmt":"2016-10-24T10:03:07","slug":"weakness-of-2g-mobile-phone-networks-revealed","status":"publish","type":"post","link":"https:\/\/www.revoscience.com\/en\/weakness-of-2g-mobile-phone-networks-revealed\/","title":{"rendered":"Weakness of 2G mobile phone networks revealed"},"content":{"rendered":"<p style=\"text-align: justify;\"><em><strong style=\"color: #000000;\">A fast and relatively simple attack on second generation digital mobile phone communications highlights the need to update security on older mobile networks.<\/strong><\/em><\/p>\n<p style=\"text-align: justify;\">\n<figure id=\"attachment_10319\" aria-describedby=\"caption-attachment-10319\" style=\"width: 300px\" class=\"wp-caption alignright\"><a href=\"http:\/\/revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-10319\" src=\"http:\/\/revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg\" alt=\"A fast and relatively simple attack on second generation digital mobile phone communications highlights the need to update security on older mobile networks. \u00a9 filo\/E+\/Getty\" width=\"300\" height=\"360\" title=\"\" srcset=\"https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg 300w, https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568-250x300.jpg 250w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><figcaption id=\"caption-attachment-10319\" class=\"wp-caption-text\">A fast and relatively simple attack on second generation digital mobile phone communications highlights the need to update security on older mobile networks.<br \/>\u00a9 filo\/E+\/Getty<\/figcaption><\/figure>\n<p style=\"text-align: justify;\"><span style=\"font-weight: normal; color: #000000;\">The encryption scheme used for second generation (2G) mobile phone data can be hacked within seconds by exploiting weaknesses and using common hardware, researches at Agency for Science, Technology and Research (A*STAR), Singapore, show. The ease of the attack shows an urgent need for the 2G Global System for Mobile Communications (GSM) encryption scheme to be updated.<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><span style=\"font-weight: normal; color: #000000;\">GSM was first deployed 25 years ago and has since become the global standard for mobile communications, used in nearly every country and comprising more than 90 per cent of the global user base.<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><span style=\"font-weight: normal; color: #000000;\">\u201cGSM uses an encryption scheme called the A5\/1 stream cipher to protect data,\u201d explains Jiqiang Lu from the A*STAR Institute for Infocomm Research. \u201cA5\/1 uses a 64-bit secret key and a complex keystream generator to make it resistant to elementary attacks such as exhaustive key searches and dictionary attacks.\u201d<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><span style=\"font-weight: normal; color: #000000;\">Any encryption scheme can be hacked given sufficient time and data, so security engineers usually try to create an encryption scheme that would demand an unfeasible amount of time to crack. But, as GSM gets older, weaknesses in the A5\/1 cipher and advances in technology have rendered GSM communications susceptible to attack.<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><\/p>\n<p style=\"text-align: justify;\">[pullquote]Using two specific exploits, Lu\u2019s team was able to reduce the effective complexity of the key to a level that allowed a rainbow table to be constructed in 55 days using consumer computer hardware, making possible a successful online attack, in most cases within just nine seconds.[\/pullquote]<\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: normal; color: #000000;\">Straightforward \u2018brute force\u2019 attacks by guessing the secret key from the data stream are still intensively time consuming, and although A5\/1 was reported to have been successfully attacked in 2010, the details of the attack were kept secret. By exploiting weaknesses in the A5\/1 cipher, Lu and his colleagues have now demonstrated the first real-time attack using a relatively small amount of data.<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><span style=\"font-weight: normal; color: #000000;\">\u201cWe used a rainbow table, which is constructed iteratively offline as a set of chains relating the secret key to the cipher output,\u201d says Lu. \u201cWhen an output is received during an attack, the attacker identifies the relevant chain in the rainbow table and regenerates it, which gives a result that is very like to be the secret key of the cipher.\u201d<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><span style=\"font-weight: normal; color: #000000;\">Using two specific exploits, Lu\u2019s team was able to reduce the effective complexity of the key to a level that allowed a rainbow table to be constructed in 55 days using consumer computer hardware, making possible a successful online attack, in most cases within just nine seconds.<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><span style=\"font-weight: normal; color: #000000;\">\u201cGSM is still widely used in telecommunications, but its A5\/1 encryption system is now very insecure,\u201d says Lu. \u201cOur results show that GSM\u2019s 64-bit key encryption is no longer sufficient and should be upgraded to a stronger scheme as a matter of urgency.\u201d<\/span><br style=\"font-weight: normal; color: #000000;\" \/><br style=\"font-weight: normal; color: #000000;\" \/><span style=\"font-weight: normal; color: #000000;\">The A*STAR-affiliated researchers contributing to this research are from the Institute for Infocomm Research<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The encryption scheme used for second generation (2G) mobile phone data can be hacked within seconds by exploiting weaknesses and using common hardware, researches at Agency for Science, Technology and Research (A*STAR), Singapore, show. The ease of the attack shows an urgent need for the 2G Global System for Mobile Communications (GSM) encryption scheme to be updated.<\/p>\n","protected":false},"author":6,"featured_media":10319,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,17,28],"tags":[],"class_list":["post-10318","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-other","category-research","category-techbiz"],"featured_image_urls":{"full":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"thumbnail":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568-150x150.jpg",150,150,true],"medium":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568-250x300.jpg",250,300,true],"medium_large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"1536x1536":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"2048x2048":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"ultp_layout_landscape_large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"ultp_layout_landscape":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"ultp_layout_portrait":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"ultp_layout_square":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"newspaper-x-single-post":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"newspaper-x-recent-post-big":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"newspaper-x-recent-post-list-image":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",54,65,false],"web-stories-poster-portrait":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",300,360,false],"web-stories-publisher-logo":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",80,96,false],"web-stories-thumbnail":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/10\/57f48e9e140ba002638b4568.jpg",150,180,false]},"author_info":{"info":["Amrita Tuladhar"]},"category_info":"<a href=\"https:\/\/www.revoscience.com\/en\/category\/news\/other\/\" rel=\"category tag\">Other<\/a> <a href=\"https:\/\/www.revoscience.com\/en\/category\/news\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/www.revoscience.com\/en\/category\/techbiz\/\" rel=\"category tag\">Tech<\/a>","tag_info":"Tech","comment_count":"0","_links":{"self":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts\/10318","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/comments?post=10318"}],"version-history":[{"count":0,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts\/10318\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/media\/10319"}],"wp:attachment":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/media?parent=10318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/categories?post=10318"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/tags?post=10318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}