|
FOR IMMEDIATE RELEASE:
Concerned Telecom and Network Security Specialists Respond to
Claims of GSM Cellular Phone Cloning and Offer Solutions
New York, Monday, April 13, 1998 -- Crossbar Security, Inc., a Telecom and Network Security consultancy,
has reviewed the technical findings of the Smartcard Developer
Association (SDA) concerning their ability to clone GSM cellular
phones. Crossbar Security is offering solutions for GSM providers
and equipment manufacturers. Having examined the details of the
SDA's attack on the GSM standard for subscriber authentication,
Mark Abene, President of Crossbar Security, says, "Although we
have found their discovery to be wholly factual, reproducible,
and technically sound there is no immediate threat of GSM phones
being monitored or cloned over the air. Phones can only be cloned
by physically obtaining a subscribers SIM card."
GSM, the Global System for Mobile communications, is a standard
for digital cellphones, used by over 200 cellphone carriers in
over 100 countries around the world, including the United States.
Among the GSM standards are the specifics of two cryptographic
algorithms. One is used to authenticate subscribers to their GSM
carriers, to ensure that the subscriber is a valid, paying customer.
The other algorithm is used to protect the subscriber's conversation
from passive eavesdroppers, a large privacy problem with older
cellular phone networks. The details of these algorithms are closely
guarded by the GSM Memorandum of Understanding (MoU), a European
organization from which this technology must be licensed by GSM
carriers and equipment manufacturers.
"In the academic community, it is widely held that cryptographic
algorithms should be readily available and put under public scrutiny
to prove their strength. This has been the de facto process for
algorithms used by banks for electronic funds transfer, as well
as electronic commerce on the Internet. The secrecy around GSM's
algorithms may have been their undoing," says David Buchwald,
Vice President of Crossbar Security. "The United States is a relative
newcomer to GSM technology, and although our domestic GSM carriers
are members of the MoU, they were not involved in its creation,
nor in the creation or review of the algorithms meant to ensure
privacy and prevent fraud," adds Abene.
Using readily available hardware and software tools along with
the help of skilled mathematicians, the SDA was able to extract
the unique secret key that identifies a GSM subscriber. This secret
key is stored on seemingly tamperproof smart cards called "SIMs"
(Subscriber Identity Modules) -- small computer chips mounted
on credit-card-like plastic for easy transportability by their
owners, the GSM subscribers.
Until these flaws in GSM security are fully addressed, GSM subscribers
can still protect themselves from fraud. "GSM cloning depends
on physical access to a SIM card," says Buchwald, adding, We
caution subscribers against lending their SIM cards to anyone
for any reason, and strongly recommend that they report lost or
stolen phones to their carriers immediately. Even if a lost or
stolen phone later turns up, the possibility exists that the phone's
SIM card could have been compromised.
"Eavesdropping or other over-the-air network snooping still presents
major obstacles for potential fraudsters, as they currently would
require rather expensive equipment."
Crossbar Security, Inc., has worked with GSM carriers in the past
on issues of security, and welcomes the opportunity to work with
carriers, equipment manufacturers and the MoU to resolve the problems
the industry is currently facing.
# # #
Contact: David Buchwald, Crossbar Security, Inc.
Phone: 212-969-0573
E-mail: crossbar@crossbar.com
Or visit our website at www.crossbar.com
|