SIM Card Flaws Leave Millions of Phones Unprotected

[TGBSeth]

A Security Researcher in Berlin has discovered a flaw in some SIM cards which could leave them open to infection and eavesdropping. This flaw seems to make the card’s 56-digit key obtainable which would then allow a hacker to listen to phone calls, make charges, and infect the device.

Read more: http://tgbuzz.com/2013/07/21/sim-card-flaws-phones-vulnerable/#ixzz2ZiEaSJMl

 

[Assassin]

Well good thing I use a CDMA phone! Lol

[SteepGnomeKing]

Lazy people not updating things because it costs money. This is just sad. 1970's encryption.

[TGBSeth]

Lazy people not updating things because it costs money. This is just sad. 1970's encryption.

I found it absurd that half of all phones are still running that encryption.  It is 40 years old!  Why would any carrier or manufacturer think that using DES encryption from 40 years ago is good enough to keep a SIM card from being attacked.

[LAwLz]

Wait, GSM uses DES for encryption? It provides next to no security whatsoever (even before this new exploit for GSM phones was discovered)

 

 

I found it absurd that half of all phones are still running that encryption.  It is 40 years old!  Why would any carrier or manufacturer think that using DES encryption from 40 years ago is good enough to keep a SIM card from being attacked.

To be fair, in cryptography age is a good thing. An encryption algorithm is not considered safe unless it has been out for a decade or so, without any serious flaws being reviled. AES was published in 1998 and many considered it to be in the evaluation stage up until fairly recently.

 

Hopefully we will start using AES encryption for all cellular communication soon. It uses less resources than DES as well as being much more secure.

[qwertywarrior]

so wait

the Brute forced a 56 character DES key ?

here is the latest info of brute forcing DES i could find

There have also been attacks proposed against reduced-round versions of the cipher, that is, versions of DES with fewer than 16 rounds. Such analysis gives an insight into how many rounds are needed for safety, and how much of a "security margin" the full version retains. Differential-linear cryptanalysis was proposed by Langford and Hellman in 1994, and combines differential and linear cryptanalysis into a single attack. An enhanced version of the attack can break 9-round DES with 2^15.8 chosen plaintexts and has a 2^29.2 time complexity (Biham and others, 2002).

[LAwLz]

so wait

the Brute forced a 56 character DES key ?

here is the latest info of brute forcing DES i could find

COPACOBANA have been able to brute force DES in less than a week's time for half a decade now (and that was before they upgraded the hardware in 2008).

[TGBSeth]

Wait, GSM uses DES for encryption? It provides next to no security whatsoever (even before this new exploit for GSM phones was discovered)

 

 

To be fair, in cryptography age is a good thing. An encryption algorithm is not considered safe unless it has been out for a decade or so, without any serious flaws being reviled. AES was published in 1998 and many considered it to be in the evaluation stage up until fairly recently.

 

Hopefully we will start using AES encryption for all cellular communication soon. It uses less resources than DES as well as being much more secure.

True, makes sense.  Age is not the biggest issue with it, DES is simply not secure at all as shown by their ability to crack it in just two minutes.

[mgsstar]

So 3G networks and below are using DES encryption and if you are running 3G or higher you are fine?

[LAwLz]

So 3G networks and below are using DES encryption and if you are running 3G or higher you are fine?

This is not really about 3G, HSPA, LTE and so on. You still use the older network standard for voice and text messages. For web browsing and other things (which you will use 3G and newer for), you got the option of using secure connections via the apps (for example HTTPS in your browser).

Anyway, 3G uses KASUMI which I think uses a 128bit key for encryption. It should be much more secure than DES which the article talks about (but it has several weaknesses so it's still not considered very secure). LTE uses both SNOW and AES (only one at a time though) from what I understand.

[TGBSeth]

So 3G networks and below are using DES encryption and if you are running 3G or higher you are fine?

Not necessarily.  Generally newer/higher end phones will be better but if you buy a less popular device it could be using DES.

[xToFxREAPER]

after doing a bit of reading on this i found something that shouldnt come as a surprised to anyone, if your using a newer sim (ie micro or nano sims for example) then you need not worry, downside being as far as i know the only phones that use this kind of sim that i have seen so far is iphone -.-

[LAwLz]

after doing a bit of reading on this i found something that shouldnt come as a surprised to anyone, if your using a newer sim (ie micro or nano sims for example) then you need not worry, downside being as far as i know the only phones that use this kind of sim that i have seen so far is iphone -.-

I barely know anything about the different cellular standards. Do the SIM version really dictate the encryption used? I assumed that each different data standard defined which encryption standard was used, since the tower as well as the phone has to support it as well.

 

You can make an old SIM card into a micro or nano SIM by the way. You just need to cut away the plastic a bit. A lot of phones uses micro and nano SIM cards. The Galaxy S 3, Galaxy S 4 and HTC One are the first ones to come to my mind.

[xToFxREAPER]

I barely know anything about the different cellular standards. Do the SIM version really dictate the encryption used? I assumed that each different data standard defined which encryption standard was used, since the tower as well as the phone has to support it as well.

 

You can make an old SIM card into a micro or nano SIM by the way. You just need to cut away the plastic a bit. A lot of phones uses micro and nano SIM cards. The Galaxy S 3, Galaxy S 4 and HTC One are the first ones to come to my mind.

im aware you can convert them but from what ive been reading a genuine micro or nano sim is using a different encryption standard then that of the older sims larger sims, i think though that they were trying to say any recent sim uses these new standards but micro and nano were the first to start it