Is it a practical threat, or just an academic exercise? A German encryption expert is calling on the mobile industry to fortify its defenses against what he says is a serious security flaw. The leading industry association sees it differently. Enterprise Mobile Today has the full story.
A German security researcher has claimed to have cracked the encryption behind the 22-year-old GSM standard that is used to safeguard phone calls on the majority of the cell phones in use around the world.
In a presentation at a hacker conference in Berlin this week, encryption expert Karsten Nohl demonstrated an interceptor device that he said could listen in on people’s phone calls and snare other wireless transmissions, such as text messages.
The interceptor, which relies on a few thousand dollars worth of equipment and a vast trove of coding tables, treads on sensitive legal ground, and Nohl did not release the device to the public.
Nohl, who earned a doctorate in computer science from the University of Virginia and describes himself as a white hat hacker, said his efforts to crack GSM encryption and demonstrate the process to the public were meant to prod device makers and carriers to improve their security.
“Upgrading GSM’s encryption function should be a mandatory security patch,” Nohl said in his presentation.