Secure GSM & CDMA Mobile Phones Prevent Bugging

Mobile phones are generally not safe from being eavesdropped and blocked by mobile phone jammers.

The ability to clone ESD in analogue AMPS phones and to use them to make free calls and to listen in to calls is legend, popularized by notorious hackers like Kevin Mitcnick who was one of the first to hack into Nokia phones.

Digital phones are of course a lot more difficult to hack into, but are easy to jam.

I
n October 2003, an Israeli scientific team showed a way to break into mobile phone calls on ubiquitous GSM networks, potentially allowing eavesdroppers to listen in on conversations and even take on a caller's identity. They cracked the A5 algorithm which is mean to encrypt calls  The GSM Association says they're "not worried" though.

Security Concerns ate still slowing Mobile Application Deployment [more...]

In 1998, the Smartcard Developer Association (SDA) and two U.C. Berkeley researchers jointly claimed that GSM cellphones are susceptible to SIM cloning.
See: GSM SIMs hacked

See also:

GSM calls even more secure thanks to new A5/3 Algorithm


Secure Mobile Phones
A number of manufacturers have released phones that prevent bugging over the air. These encrypt calls using for example GSM data channel to carry the voice call. The Korean Government recently admitted to developing Anti-Tapping Mobile Phones.
 


General Dynamics
Sectera Secure

Siemens Topsec Secure
 

The security aspects of GSM are detailed in GSM Recommendations:

02.09 - Security Aspects
02.17 - Subscriber Identity Modules
03.20 - Security Related Network Functions
03.21 - Security Related Algorithms"

The subscriber is uniquely identified by the International Mobile Subscriber Identity (IMSI). This information, along with the individual subscriber authentication key (Ki), constitutes sensitive identification credentials analogous to the Electronic Serial Number (ESN) in analog systems such as AMPS and TACS.

The design of the GSM authentication and encryption schemes is such that this sensitive information is never transmitted over the radio channel. Rather, a challenge-response mechanism is used to perform authentication. The actual conversations are encrypted using a temporary, randomly generated ciphering key (Kc).

Components Required:
For the authentication and security mechanisms to function, three elements (SIM, handset, and GSM network) are required. This distribution of security credentials and encryption algorithms provides an additional measure of security both in ensuring the privacy of cellular telephone conversations and in the prevention of cellular telephone fraud.

 

  • GSM handset or MS
    The MS identifies itself by means of the Temporary Mobile Subscriber Identity (TMSI), which is issued by the network and may be changed periodically (i.e. during hand-offs) for additional security.

  • Subscriber Identity Module (SIM)
    The SIM contains the IMSI, the individual subscriber authentication key (Ki), the ciphering key generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number (PIN). The GSM handset contains the ciphering algorithm (A5). The encryption algorithms (A3, A5, A8) are present in the GSM network as well.
  • GSM Network
    The Authentication Center (AUC), part of the Operation and Maintenance Subsystem (OMS) of the GSM network, consists of a database of identification and authentication information for subscribers. This information consists of the IMSI, the TMSI, the Location Area Identity (LAI), and the individual subscriber authentication key (Ki) for each user.





 
  http://www.cellular.co.za


 

ii


Get FREE updates on the latest ringtones,
logos, alerts, mobile news, & free downloads.
Join our newsletter now