Encryption for GSM voice calls cracked

By Shane McGlaun/Dec. 29, 2009 6:36 am EST

Encryption protects much of our data around the world. Our credit card transactions are encrypted, online medical records are encrypted, online banking transaction are encrypted along with all sorts of other data. When that encryption fails, our information can be accessed by nefarious users.

The 21-year-old encryption standard used to protect GSM voice calls has been cracked by a group of 24 hackers in Berlin. The A5/1 algorithm is 64-bit and encrypts voice calls placed over GSM networks. Encryption specialist Karsten Nohl has taken the raw binary data and turned it into a 2TB codebook that allows for decoding of the valid encryption key.

The GSM congress is understandably miffed and says that cracking the encryption standard is illegal in the US. The GSM congress also wants to point out that a hacked encryption key doesn't mean that voice calls are unprotected and mobile carriers can update to a new algorithm to increase security. A stronger A5/3 algorithm is available already for GSM networks.