This story appeared in Public Network Europe Newswire - this is a local copy of the article.
For more information about Public Network Europe Newswire see details at http://www.pnewire.com

The original article can be viewed at Public Network Europe Newswire.


Public Network Europe
21 April, 1998

Security questioned

The GSM MoU Association has reacted quickly to reports from the US that the mathematical code—known as the ‘A3 algorithm’—used to provide authentication within a GSM smartcard, had been compromised by a software engineer and two graduate students at the University of California at Berkeley.
Charles Brookson, Chairman of the GSM MoU’s Security Group, stressed that such an attack would be feasible only where hackers had a user’s subscriber identity module (SIM) card in their possession. “If achieved, a successful attack would compromise only one card and it is not practical to achieve over the airwaves by eavesdropping, so GSM mobile phones cannot be ‘cloned’ (by copying the user’s identity) in the manner of analogue phones. Compromising the A3 algorithm does not, in itself, present a significant threat to GSM security overall.”
Brookson went on to add that the GSM algorithm the students claimed to have broken was the ‘example algorithm’ provided to members of the MoU to create their own individual version, and not a commercial grade system. Be that as it may, GSM joins a long line of supposedly ‘tamper-proof’ technologies that have been broken.
Cryptography experts at universities have made a sport out of cracking popular encryption algorithms with Microsoft, Netscape and Sun Microsystems feeling the sting of such precocious ‘kids’.

Back to the Newswire main page.

This Month | Home | Archive | Bookshop | Registration | Feedback


© copyright The Economist Newspaper Limited
Please send comments to Public Network Europe

Created and Maintained by Chris Mayes