BH DC 08 Steve Dhulton

You might also like

Download as pdf or txt
Download as pdf or txt
You are on page 1of 35

Mar2008

Intercepting GSM traffic


Mar2008
Agenda
Receiving GSM signals
Security
Cracking A5/1
Mar2008
GSM Netwrk
Mar2008
!"S
Mar2008
Ca#uflage !"S
Mar2008
Su##ary GSM
GSM is ld
GSM is $ig
GSM / %G / &M"S / '(G' / )C(MA / *
!ase statins all ver t+e place
Mar2008
Receiving
Nkia %%1, / 'ricssn / "SM
&SR-
"I.s /MA- dev kit
C##ercial Interceptr
Mar2008
'0a#ple 1
Mar2008
'0a#ple 1
Mar2008
Su##ary Receiving
It.s c+eap
It.s easy
It.s getting easier
Mar2008
Security
Mar2008
Security
Mar2008
Security
Mar2008
C##ercial Interceptin
Active '2uip#ent3
4 56,k 7 55,,k* /rder via internet*
-assive '2uip#ent3
4 51M
Mar2008
Radi Security
A5/,8 A5/18 A5/1* All $rken in 199:*
S#e algrit+#s prprietary
IMSI / ;catin Infr#atin clear7te0t
<ey is artificially weakened
<ey #aterial is reused
N indicatin t user
<ey Recvery Syste#s availa$le
Mar2008
SIM "lkit
"+ere is a =>M n yur SIM?
"+e /peratr can install prgra#s via
/"A @AA re#tely8 wit+ut yu knwingB
Scary standard3 Invisi$le flags8 $inary
updates8 call7cntrl8 prprietary8 ****
Mar2008
Security Su##ary
Nne
Mar2008
A5/1 Cracking
A:@<iB A:@<iB
Aut+enticate
A5@<cB A5@<cB
Cnversatin
<c <c
Mar2008
A5/1 Cracking
A5@<c8Cra#eB A5@<c8Cra#eB
-lain7te0t -lain7te0t
+ +
Cra#e Cra#e
Cnversatin
-+ne Sending t !"S
Mar2008
A5/1 Cracking
Clck in DE7$it <c and 117$it fra#e nu#$er
Clck fr 1,, cycles
Clck fr 11E ti#es t generate 11E7$its
Mar2008
Cracking A5/1
/t+er attacks are acade#ic !S*
%7E Cra#es* Cully passive*
C#$inatin f Rain$w "a$le attack
and t+ers*
Mar2008
Cracking A5/1
E fra#es f knwn7plainte0t
A5/1 is a strea# cip+er
)e can derive E fra#es f keystrea#
utput
Mar2008
Sliding )indw
F,G1G1G,G1G,HHHHHHHHH****H*H****H*G1G,G1G1I
F DE $it Cip+erstrea# , HHH*I
F DE $it Cip+erstrea# 1 HH******I
F DE $it Cip+erstrea# 1 **HHH*I
HHHHHHHHHH*
F DE $it Cip+erstrea# 5, **HHH*I
Mar2008
Sliding )indw
"tal f E fra#es wit+ 11E7$its
11E 4 DE J 1 A 51 keystrea#s per fra#e
51 0 E fra#es A 1,E keystrea#s ttal
Mar2008
Rain$w "a$le
DE7$its keystrea#
-asswrd ;an#an Kas+
Mar2008
Rain$w "a$le
!uild a ta$le t+at #aps DE7$its f
keystrea# $ack t DE7$its f internal
A5/1 state
1,E data pints #eans we nly need
1/DE
t+
f t+e w+le keyspace
1
5:
A 1::81%,8%6D8151861186EE
A$ut 11,8,,, ti#es larger t+an t+e
largest ;an#an Rain$w "a$le
Mar2008
Kw d we d t+isLL
1 -C
4 55,8,,, A5/1.s per secnd
4 %%81%5 years
Currently using D: -ic '71D C-GAs
4 6185%%8%%%8%%% A5/1.s per secnd
4 % #nt+s
!uilding new +ardware t speed t+is up
Mar2008
Kardware
Mar2008
Rain$w "a$le
C+eap Attack @M%, #inB
4 D %5,G! Kard (rives @1"!B
4 1 C-GA @r a $tnetB
/pti#al Attack @M%, secB
4 1D 11:G! Clas+ Kard (rives @1"!B
4 %1 C-GAs
4 Can speed it up wit+ #re C-GAs
Mar2008
Rain$w "a$le
1,E data pints will give us 1,E / DE A %
A5/1 internal states
S w+at d yu d nwL
Mar2008
Reverse Clcking
;ad A5/1 internal state
Reverse clck wit+ knwn keystrea# $ack t
after <c was clcked in
)ill reslve t #ultiple pssi$le A5/1 states
Mar2008
Reverse Clcking
Reverse all % A5/1 internal states
"+e c##n state will $e t+e crrect ne
&se t+e internal state and clck frward
t decrypt r encrypt any packet
Can slve linear e2uatins t derive key
!ut isn.t really necessary
Mar2008
Cnclusins
"a$les will $e finis+ed in Marc+
C##ercial versin in N1/,:
)ill $e scala$le t w+atever decryptin
ti#e perid is re2uired
Mar2008
"+reats O Cuture
GSM security +as t $ec#e secure*
(ata/Identity t+eft8 "racking
&nlawful interceptin
Attacks n GSM Infrastructure
Receiving and cracking GSM will
$ec#e c+eaper and easier
Mar2008
"+ank Pu?
Steve
4 +ttp3//wiki*t+c*rg/gs#
(avid Kultn
4 +ttp3//www*picc#puting*c#
4 +ttp3//www*pencip+ers*rg
NuestinsL

You might also like