A German security researcher claims to have cracked the secret code used to prevent eavesdroppers from listening in on mobile phone users’ conversations.
In a presentation given at the Chaos Communication Congress in Berlin, researcher Karsten Nohl said he had compiled two terabytes of data in order to figure out the encryption key used to secure a GSM phone call or text message.
Nohl said that that his tables of data, when combined with some free open source software and a few thousand dollars of hardware, could enable someone to crack the encryption and listen in on calls.
Nohl didn’t release a GSM-cracking device, which would be illegal, but said that a sophisticated programmer would be able to create one.
“I don’t think anything we did was illegal,” said Nohl, although “using what we produced in certain circumstances would be illegal.”
The GSM Association has developed a stronger standard called A5/3, although adoption has not been widespread.