The Smartcard Developer Association (SDA) and two U.C. Berkeley researchers jointly claimed on April 13 1998 that digital GSM cellphones are susceptible to cloning.

Here's what they had to say.....

"GSM (Groupe Spéciale Mobile) is the most widely used cellphone standard in the world, with more than 79 million GSM phones in use worldwide. In contrast, there are about 58 million U.S cellphone users of all kinds both analog and digital, including some GSM.

The SDA became involved with GSM security because GSM phones have a small smartcard inside them which holds the identity of the cellphone. This small smartcard is called a SIM, for Subscriber Identification Module. The SIM must keep the identity inside a secret and uses cryptography to

protect it. The SDA has organized and coordinated the activities leading to a breach in the cryptographic protection. The breach allows the extraction of the secret inside the SIM, after which the secret may be inserted into a different SIM. A cellphone with the new SIM has the same identity as the original phone.

The GSM standard was designed by an association of European cellular network operators and equipment manufacturers. The cryptographic protection is but a small part of the 130 volumes and over 6,000 pages which make up the GSM standard. Unfortunately, the cryptography was designed in secret and is still kept secret, provided to individuals at smartcard and cellphone manufacturers on a ``need-to-know'' basis.

``As shown so many times in the past, a design process conducted in secret and without public review will invariably lead to an insecure system,'' says Marc Briceno, Director of the SDA. ``Here we have yet another example of how security by obscurity is no security at all.''

The origin of the breach was when the SDA discovered the cryptographic algorithms used inside the SIM's and cellphones. The SDA first verified that the algorithms were accurate. The exact details of the algorithms were not known to the public but the verified algorithms matched the facts that were publicly known. Next the SDA brought in David Wagner and Ian Goldberg, researchers in the Internet Security, Applications, Authentication and Cryptography (ISAAC) group at the University of California, Berkeley.

Within a day, Wagner and Goldberg had found a fatal cryptographic flaw in COMP128, the algorithm used to protect the identity inside the SIM. They created a system to exploit the flaw by repeatedly asking the SIM to identify itself; by processing the responses they were able to extract the secret from inside the SIM.