New York, Monday, April 13, 1998 -- Crossbar Security, Inc., a Telecom and Network security consultancy, has reviewed the technical findings of the Smartcard Developer Association (SDA) concerning their ability to clone GSM cellular phones. Crossbar Security is offering solutions for GSM providers and equipment manufacturers. Having examined the details of the SDA's attack on the GSM standard for subscriber authentication, Mark Abene, President of Crossbar Security says, "Although we have found their discovery to be wholly factual, reproducible, and technically sound there is no immediate threat of GSM phones being monitored or cloned over the air. Phones can only be cloned by physically obtaining a subscribers SIM card."
GSM, the Global System for Mobile communications, is a standard for digital cellphones, used by over 200 cellphone carriers in over 100 countries around the world, including the United States. Among the GSM standards are the specifics of two cryptographic algorithms. One is used to authenticate subscribers to their GSM carrier, to ensure that the subscriber is a valid, paying customer. The other algorithm is used to protect the subscriber's conversation from passive eavesdroppers, a large privacy problem with older cellular phone networks. The details of these algorithms are closely guarded by the GSM Memorandum of Understanding (MoU), a European organization from which this technology must be licensed by GSM carriers and equipment manufacturers.
"In the academic community, it is widely held that cryptographic algorithms should be readily available and put under public scrutiny to prove their strength. This has been the de facto process for algorithms used by banks for electronic funds transfer, as well as electronic commerce on the Internet. The secrecy around GSM's algorithms may have been their undoing," says David Buchwald, Vice President, of Crossbar Security. "The United States is a relative newcomer to GSM technology, and although our domestic GSM carriers are members of the MoU, they were not involved in its creation, nor in the creation or review of the algorithms meant to ensure privacy and prevent fraud", adds Abene.
Using readily available hardware and software tools along with the help of skilled mathematicians, the SDA was able to extract the unique secret key that identifies a GSM subscriber. This secret key is stored on seemingly tamper-proof smart cards called "SIMs" (Subscriber Identity Modules) -- small computer chips mounted on credit-card-like plastic for easy transportability by their owners, the GSM subscribers.
Until these flaws in GSM security are fully addressed, GSM subscribers can still protect themselves from fraud. "GSM cloning depends on physical access to a SIM card," says Buchwald, adding, "We caution subscribers against lending their SIM cards to anyone for any reason, and strongly recommend that they report lost or stolen phones to their carriers immediately. Even if a lost or stolen phone later turns up, the possibility exists that the phone's SIM card could have been compromised. "Eavesdropping or other over-the-air network snooping still presents major obstacles for potential fraudsters, as they currently would require rather expensive equipment."
Crossbar Security, Inc., has worked with GSM carriers in the past on issues of security, and welcomes the opportunity to work with carriers, equipment manufacturers and the MoU to resolve the problems the industry is currently facing.