GSM code cracked to expose its loopholes

GSM code cracked to expose its loopholes
Being coined as a hacker sometimes does not connotate a negative image of someone maliciously getting into some kind of computer system. Karsten Nohl, a 28 year old German security expert, recently cracked the GSM’s 64-bit A5/1 algorithm encryption which was adopted way back in 1988. Not to be branded as a faceless intruder, Nohl has some notable credentials and has a doctorate in computer engineering from the University of Virginia and is considered a leading encryption consultant.

Nohl worked diligently with others around the internet and ultimately created a guidebook. He published the secret code used to encrypt most of the world’s digital mobile phone calls – exposing the loopholes surrounding its weakness. Fortunately though, 3G networks utilize a 128-bit encryption along with a new A5/3 algorithm which is being “phased in” according to GSM Association spokesperson Clair Cranton. All of the efforts placed into this was not to just break the code, but to have better security so that it would be virtually impossible to do so.

source: NY Times via Mobile Tech Today



1. vzwman

Posts: 385; Member since: Oct 26, 2009


2. Trevsx1000

Posts: 33; Member since: Dec 08, 2009

They most certainly werent the first to post this article! More like last!

3. SamTime

Posts: 253; Member since: Nov 07, 2009

Yea PhoneArena usually always seems late to the party. And not fashionably late or running on Asian time late but hey sorry the foods gone late.

4. WnnaFghtAboutIt

Posts: 149; Member since: Aug 31, 2009

how about only think left is some fat drunk girls late

5. Striker13084

Posts: 128; Member since: Mar 30, 2009

you all are stupid! he was the first to post! got you back VZWman

6. Striker13084

Posts: 128; Member since: Mar 30, 2009

Furthermore, yes, they are later to get stuff up because they check sources before just randomly posting bad intel!

7. vzwman

Posts: 385; Member since: Oct 26, 2009

Thanks striker. BTW (for everyone else) if you don't like the way phonearena operates go some where else to post your lil comments

9. Trevsx1000

Posts: 33; Member since: Dec 08, 2009

Or I could pretend I'm twelve years old and its five years ago and post "First!!" as a comment. BTW I do apologize that my sarcasm obviously did not sink in well enough before. Hopefully this comment gets the job done. Oh and phonearena is deece but they need to be ahead of the curve and the argument that they "check their sources" is a funny one just like this iPhone tethering article that was not only late but also completely dispelled as false almost a month before phonearena posted the article. I like phonearena and continue to frequent it and BGR every day but I just wish phonearena would realize that people like you and me count on them for phone info that is quick and accurate. There! (Steps of high horse) I'm not picking fights, just stating facts. -a_5983.html

8. Kiltlifter

Posts: 742; Member since: Dec 11, 2008

Does anyone know the bitrate of the CDMA platform, as it is "supposed" to be way more secure than GSM in the first place. I would like to know how much more difficult it would be to hack than GSM. Just for my own curiosity.

10. sinfulta

Posts: 279; Member since: Dec 11, 2008

CDMA1x / EV-DO uses the 512-bit algorithm in OTASPLCM (Over the Air Secured "Private Long Code Mask") to exchange keys between the mobile device and the Access Node-Authentication Authorization Accounting (AN-AAA) server. Both technologies utilize strong authentication key exchange protocols to ensure identity. The PLCM portion (Private Long Code Mask) is utilizes both the mobile and the network to change the characteristics of a Long code. Long code is used for voice scrambling above and beyond 512bit encryption, which adds an extra level of privacy over the CDMA air interface. The Private Long Code Mask doesn’t encrypt information, it replaces the known hacked value used in the encoding of a CDMA signal with a private value (Example like a fake code that's not real if found) known only to both the mobile and the network. So...... in theory it's extremely difficult to eavesdrop on conversations without knowing the Private Long Code Mask... And even if you do... you must then past the 512bit encryption. The technology was developed by Qualcomm (My company).

11. sinfulta

Posts: 279; Member since: Dec 11, 2008

I forgot to mention that AT&T's WCDMA network (HSPA), in the states is using 256bit encryption where we've tested build outs of HSPA+, 128bit encryption where there is HSPA, and is 64bit over non-HSPA signals. So by the time someone cracks those, 3G will be probably end of life and even AT&T will be deep in 4G by then with much higher encryption. Ian Goldberg which was the Graduate student researcher and founding member for (ISAAC) at UC Berkeley hacked the GSM 32bit encryption signal and was able to clone devices at the end of 97/98 (can't remember exact time frame). So it took almost 11yrs do decrypt 64bit? We have nothing to worry about. Your GSM is safe guys. :) NYTimes are idiots sometimes and talk about stuff they don't know enough about to create articles and ratings to grab readers. Because believe it or not they are hurting. Advertising for them and revenue is down over 20%. I bet you won't see them post articles about that huh? They are just trying to grab attention and readers lately. It's really sad.

12. *HOVA*

Posts: 564; Member since: Dec 11, 2008

Hopefully the gems here at PA don't delete your comments again like they did in a previous article. Very informative, not sure why they did before, little troubling.

14. sinfulta

Posts: 279; Member since: Dec 11, 2008

It's because when they delete a post it deletes everything with it underneath. So if they delete post #8 - Kiltlifter, then all our posts beneath get removed. It's dumb, I know.

13. Dood

Posts: 269; Member since: Mar 23, 2009 no one knew that GSM was a less secure signal? I knew that back in 2004. This time Phone Arena actually is really late in the game. hahaha.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.