Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE ID: WVE-2008-0007
Type: Vulnerability
Status: Candidate
Classification:
Cryptographic
Information Disclosure
Description:
The A5/1 cipher is vulnerable to an offline key-state attack that allows an attacker to decrypt encrypted information without key knowledge. A5/1 is leveraged by cellular GSM networks to protect voice conversations and SMS messages.
Discussion:
A5/1 is a stream cipher used in GSM networks for confidentiality of voice conversations and SMS messages. Multiple weaknesses weaken the security of the cipher such that an attacker can mount a precomputed key-state lookup attack against information collected during connection setup-up between a base station and a GSM handset. Using known plain-text and cipher-text pairs, the 64-bit cipher is effectively reduced to 1/64 of the keyspace, or approximately 288 quadrillion key states.
Leveraging an array of FPGA's, it is possible to precompute all 288 quadrillion key states, resulting in 2 TB of data. Using this data, an attacker can determine the per-session key derived for voice and SMS messages and successfully decrypt the data. One effort is underway to generate this data, with the intent on making the use of this data open to the public.
Credits
Author:
Steve
: THC
Author:
David
Hulton
: Pico Computing
References
URL:
http://dewy.fem.tu-ilmenau.de/CCC/CCCamp07/video/m4v/cccamp07-en-2015-The_A5_Cracking_Project.m4v
URL:
http://wiki.thc.org/cracking_a5
URL:
http://www.blackhat.com/html/featured_media/bh08-002-Stream-1.mov
Released: 2007-05-25
Submitter
Joshua
Wright
(jwright@arubanetworks.com)
: Aruba Networks
Submitted: Wed Apr 09 18:07:20 -0700 2008
Candidate Date: Wed Apr 09 19:15:03 -0700 2008
