Sign in with
Sign up | Sign in
Your question

Is there encryption for Mobil to Tower during SMS messages?

Last response: in Technologies
Share
Anonymous
January 8, 2005 1:41:32 PM

Archived from groups: alt.cellular.gsm (More info?)

I am under the impression all voice communication over digital networks
is encrypted. I am also under the impression that WAP transactions
must also be encrypted, since you can access secure sites. (am I
correct on these?)

My question is this, from the mobile phone to the cell tower, is the
SMS data encrypted. I am aware that there are many other parties in
between two mobile users exchanging SMS messages. But, if we assume
that they are all secure and encrypted, is the SMS message safe, or
still vunerable to sniffing?

Finally, if someone could point me to a techincal overview of what
happens to an SMS messge end to end I would greatly appreciate it.
January 8, 2005 6:29:03 PM

Archived from groups: alt.cellular.gsm (More info?)

jackson.jon@gmail.com wrote:

> I am under the impression all voice communication over digital networks
> is encrypted. I am also under the impression that WAP transactions
> must also be encrypted, since you can access secure sites. (am I
> correct on these?)
>
> My question is this, from the mobile phone to the cell tower, is the
> SMS data encrypted. I am aware that there are many other parties in
> between two mobile users exchanging SMS messages. But, if we assume
> that they are all secure and encrypted, is the SMS message safe, or
> still vunerable to sniffing?
>
> Finally, if someone could point me to a techincal overview of what
> happens to an SMS messge end to end I would greatly appreciate it.
>


This could get you started....

http://www.palowireless.com/sms/resources.asp
http://www.gsmworld.com/technology/sms/intro.shtml#7

--
jer
email reply - I am not a 'ten'
Anonymous
January 10, 2005 11:35:09 AM

Archived from groups: alt.cellular.gsm (More info?)

voice is not encrypted, wow, I really thought it was... so you can just
sniff phone conversations? as well as WAP connection packets? Please
elaborate.
Related resources
Anonymous
January 10, 2005 11:37:42 AM

Archived from groups: alt.cellular.gsm (More info?)

[POSTED TO alt.cellular.gsm - REPLY ON USENET PLEASE]

In <1105209692.598937.169650@c13g2000cwb.googlegroups.com> on 8 Jan 2005
10:41:32 -0800, jackson.jon@gmail.com wrote:

>I am under the impression all voice communication over digital networks
>is encrypted.

Not correct.

>I am also under the impression that WAP transactions
>must also be encrypted, since you can access secure sites. (am I
>correct on these?)

Not on this one either.

>My question is this, from the mobile phone to the cell tower, is the
>SMS data encrypted.

No.

>I am aware that there are many other parties in
>between two mobile users exchanging SMS messages.

No.

>But, if we assume
>that they are all secure and encrypted, is the SMS message safe, or
>still vunerable to sniffing?

Vulnerable, though not easily.

>Finally, if someone could point me to a techincal overview of what
>happens to an SMS messge end to end I would greatly appreciate it.

ETSI.

--
Best regards, HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas <http://navasgrp.home.att.net/#Cingular&gt;
Anonymous
January 10, 2005 9:55:04 PM

Archived from groups: alt.cellular.gsm (More info?)

[POSTED TO alt.cellular.gsm - REPLY ON USENET PLEASE]

In <1105374908.983487.133010@c13g2000cwb.googlegroups.com> on 10 Jan 2005
08:35:09 -0800, "jljackson" <jackson.jon@gmail.com> wrote:

>voice is not encrypted, wow, I really thought it was... so you can just
>sniff phone conversations? as well as WAP connection packets? Please
>elaborate.

GSM encryption is an *option* that can be turned on or off by the carrier.
Although I don't know for sure, my understanding is that carriers in the USA
don't have it turned on. (In addition, GSM encryption has differing levels of
security, the lowest level of which has been shown to be weak.)

--
Best regards, HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas <http://navasgrp.home.att.net/#Cingular&gt;
Anonymous
January 11, 2005 2:42:45 AM

Archived from groups: alt.cellular.gsm (More info?)

[POSTED TO alt.cellular.gsm - REPLY ON USENET PLEASE]

In <41e2e705_2@news.melbourne.pipenetworks.com> on Tue, 11 Jan 2005 07:35:42
+1100, Simon Templar <usenet@vk3xem.net> wrote:

>John Navas wrote:

>> GSM encryption is an *option* that can be turned on or off by the carrier.
>> Although I don't know for sure, my understanding is that carriers in the USA
>> don't have it turned on. (In addition, GSM encryption has differing levels of
>> security, the lowest level of which has been shown to be weak.)
>
>Good luck "Sniffing" GSM voice. My understanding is the first problem
>you will encounter is there is not just one conversation on a given
>frequency at a time, a cell base can handle 8 separate conversations
>simultaneously on the one frequency.
>
>Each connection is given a time slice and the cell base communicates to
>each one in turn.
>
>So even without GSM encryption active you will have a difficult time
>monitoring it. I think you will find law enforcement agencies would tap
> GSM calls via the network these days rather than trying over the air
>anyway.

See:

"GSM Interception"
by Lauri Pesonen
Department of Computer Science and Engineering
Helsinki University of Technology
<http://www.dia.unisa.it/professori/ads/corso-security/w...;:

Abstract

The GSM standard was designed to be a secure mobile phone system with
strong subscriber authentication and over-the-air transmission
encryption. The security model and algorithms were developed in
secrecy and were never published. Eventually some of the algorithms
and specifications have leaked out. The algorithms have been studied
since and critical errors have been found. Thus, after a closer look
at the GSM standard, one can see that the security model is not all
that good. An attacker can go through the security model or even
around it, and attack other parts of a GSM network, instead of the
actual phone call. Although the GSM standard was supposed to prevent
phone cloning and over-the-air eavesdropping, both of these are
possible with little additional work compared to the analog mobile
phone systems and can be implemented through various attacks. One
should not send anything confidential over a GSM network without
additional encryption if the data is supposed to stay confidential.

[MORE]

"Real-Time Cryptanalysis of GSM's A5/1 on a PC"
by Alex Biryukov and Adi Shamir
December 9, 1999:
http://cryptome.org/a5.ps (Postscript, 292K)

Abstract:

A5/1 is the strong version of the encryption algorithm used by about
100 million GSM customers in Europe to protect the over-the-air
privacy of their cellular voice and data communication. The best
published attacks against it require between 2^40 and 2^45 steps.
This level of security makes it vulnerable to hardware-based attacks
by large organizations, but not to software-based attacks on multiple
targets by hackers.

In this paper we describe a new attack on A5/1, which is based on
subtle flaws in the tap structure of the registers, their
noninvertible clocking mechanism, and their frequent resets. The
attack can find the key in less than a second on a single PC with 128
MB RAM and two 73 GB hard disks, by analysing the output of the A5/1
algorithm in the first two minutes of the conversation. The attack
requires a one time parallelizable data preparation stage whose
complexity can be traded-off between 2^37 and 2^48 steps. The attack
was verified with an actual implementation, except for the
preprocessing stage which was extensively sampled rather than
completely executed.

Remark: The attack is based on the unofficial description of the A5/1
algorithm at http://www.scard.org. Discrepancies between this
description and the real algorithm may affect the validity or
performance of our attack.

[MORE]

Cellular Interceptor
GSM Digital / Analog
Cellular Phone Interception System
GSM Monitoring, Listening and Recording Digital / Analog Interceptor
<http://accelerated-promotions.com/consumer-electronics/...;

GCOM Technologies
GSM, cellphone, computer, and fax interception and monitoring equipment
(the GSM interception unit features real-time, off-air interception of up to
1000 voice/data/fax transmissions, traffic targetting and screening, and call
tracking, all with a friendly Windows interface).

GSM Monitoring - GSTA-1400
Complete GSM monitoring/interception system with call and target tracking
and location features.

Google search for "IMSI Catcher"
(Most results will require translation.)

--
Best regards, HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas <http://navasgrp.home.att.net/#Cingular&gt;
!