70’s Encryption Method Leaves 750 Million Phones Vulnerable to Hackers

by Istvan Fekete on July 23, 2013

In the era when your digital identity is more valuable than ever, your phone can become an access door for hackers, according to two-year research performed by a German mobile security expert and shared with The New York Times.

As Karsten Nohl, a mobile security expert and founder of Security Research Labs in Berlin, points out, he has found a flaw in the encryption technology used in some SIM cards, the chips in handsets, which could grant cyber criminals access to the user’s phone.

During the past two years, Nohl has tested roughly 1,000 SIM cards on cellphones running mobile networks in Europe and North America. The result: about 25%of the SIM cards running an older decryption standard exhibited the flaw.

Nohl said the encryption hole allowed outsiders to obtain a SIM card’s digital key, a 56-digit sequence that opens the chip up to modification. With that key in hand, he said, he was able to send a virus to the SIM card through a text message, which let him eavesdrop on a caller, make purchases through mobile payment systems and even impersonate the phone’s owner.

He said he had managed the whole operation in about two minutes, using a simple personal computer. He estimates as many as 750 million phones may be vulnerable to attacks.

“We can remotely install software on a handset that operates completely independently from your phone,” he said. “We can spy on you. We know your encryption keys for calls. We can read your S.M.S.’s. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account.”

The catch is that some of the SIM cards use an encryption method developed in the 1970s, called data encryption standard (DES), which is currently used on about 6 billion cellphones on a daily basis. There is a new, much stronger method adopted over the past decade, known as the Triple DES, but unfortunately many SIM cards are still using the old standard. The encryption is used to disguise the SIM card and with it the phone’s unique digital signature.

As a result, Nohl advised chip makers to use better filtering technology to block the type of messages he sent during his research: he was able to obtain the SIM card’s digital key by sending a text message masked as having been sent from the mobile operator, which triggers a digital signature verification process between the carrier and the device. While in 75% of the cases the handset recognized the false signature, 25% of the disguised SMS messages successfully have returned with an error message, carrying the device’s own encrypted digital signature.

Nohl will disclose his findings at the Black Hat Conference, a computer hacker’s gathering in Las Vegas, on August 1.

Did you like this post? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Istvan Fekete. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

{ 1 trackback }

Android Authentication Flaw Leaves Users and Businesses Vulnerable to Malware Attacks — TheTelecomBlog.com
August 7, 2013 at 6:30 am

Comments on this entry are closed.

Previous post:

Next post: