Insecurity of GSM Communication

In this paper we give a short overview of the security of the Global System of Mobile Communications (GSM) system in light of a recent attack by Barkan et al. on one of the cryptographic algorithms used for both privacy protection and authentication. The attack breaks the algorithm in a very practical way and, as we will see, a design flaw in the GSM authentication protocol allow an attacker to utilize this attack to compromise networks not using this flawed algorithm. Concretely, we will end up with a way for the attacker to use in-reach phones as oracles for doing authentication on behalf of the attacker, i.e. future attacks on GSM, in particular on the authentication protocol, can consider this attack as a procedure for doing authentication and wire-tapping without knowing the secret key. There are other attacks on the GSM system but the focus in this paper is almost exclusively on the above mentioned attack by Barkan et al. as it appears to be the most efficient. We will give a short overview of the attack and intensionally leave out a lot of the details; the original papers [3, 2] can be consulted if more in-depth discussion is needed (we suggest to read both as they both contain material not found in the other). However, as we intend for this paper to be self-contained, we include clarifying and/or more general discussion when appropiate. The outline of the paper is as follows. Section 2 gives an overview of the GSM system, in particular its security model. A discussion of the cryptographic components of the GSM system, including attacks on them, is given in section 2.2. A more thorough discussion of the primary algorithm of the attack, A5/2, is given in section 3 together with an introduction to stream ciphers. In section 4 we show how to do an efficient ciphertext-only attack on A5/2 and in section 5 we show how this attack can be used to attack other algorithms, ending up with the before-mentioned oracle for doing authentication and decryption. Finally, in section 6 we conclude with a discussion of what made these attacks possible and how it might have been avoided.