Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Cryptographer Bruce Schneier, chief security technology officer at BT Counterpane, dismisses the association’s claims. “Companies always deny that it’s practical,” he says. “The truth about cryptography is that attacks always get better, never worse.” While Schneier believes this work further demonstrates that GSM calls could be intercepted, he says that the recent move to use GSM for payments and authentication is “a bigger reason to be concerned about this attack.” Schneier expects criminals will be more motivated to master the techniques needed to attack GSM when there’s an obvious financial gain to be had.

Nohl says he’s disappointed by the GSM Association’s reaction. “It almost sounds like the association is challenging us to break the system entirely and completely, and so openly that everybody can reproduce it, before they will acknowledge that it is broken.”

The GSM Association’s statement puts researchers in a difficult position, Nohl notes, because it is illegal to build and publicly talk about an intercept radio. However, for an attacker, all the necessary components for such a device are openly available, he says.

By contrast, Nohl says, the DECT forum, a Swiss industry association responsible for the digital enhanced cordless telecommunications standard (DECT), recently reacted to similar research from his group with an effort that he believes will greatly enhance the security of communication over cordless phones.

Nohl says his group now plans to contribute to open-source projects such as OpenBTS, which aims to enable hobbyists to build their own cellular networks. By contributing to tools that enable legitimate research on GSM, Nohl hopes to make it clear that GSM needs to be updated to better algorithms, and probably overhauled completely. Of course, he admits, such tools could also be repurposed by the unscrupulous to attack GSM.

0 comments about this story. Start the discussion »

Credit: Technology Review

Tagged: Computing, Communications, mobile devices, hackers, cryptography, chaos communications congress

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me