Flaw in cell phone encryption identified; Design process blamed; Telecommunications Industry Association algorithm for digital telephones fails under simple cryptanalysis.MINNEAPOLIS--(BUSINESS WIRE)--March 20, 1997--Counterpane Systems and UC Berkeley jointly announced today that researchers have discovered a flaw in the privacy protection used in today's most advanced digital cellular phones. This discovery points to serious problems in the closed-door process used to develop these privacy measures. This announcement is a setback to the U.S. cellular telephone industry, said Bruce Schneier of Counterpane Systems, a Minneapolis, MN consulting firm specializing in cryptography. The attack can be carried out in a few minutes on a conventional personal computer. Schneier and John Kelsey of Counterpane Systems, along with graduate student David Wagner of the University of California at Berkeley (body, education) University of California at Berkeley - (UCB) See also Berzerkley, BSD. http://berkeley.edu/. Note to British and Commonwealth readers: that's /berk'lee/, not /bark'lee/ as in British Received Pronunciation. , plan to publish their analysis in a paper entitled "Cryptanalysis The art of recovering original data (the plaintext) that has been encrypted (turned into ciphertext) without having access to the correct key used in the encryption process. When new encryption algorithms are introduced, cryptanalysis determines how hard it is to break the code. of the Cellular Message Encryption Algorithm In cryptography, the Cellular Message Encryption Algorithm (CMEA) is a block cipher which was used for securing mobile phones in the United States. CMEA is one of four cryptographic primitives specified in a Telecommunications Industry Association (TIA) standard, and is (CMEA CMEA Council for Mutual Economic Assistance CMEA Cellular Message Encryption Algorithm CMEA Canadian Music Educators' Association CMEA Council for Mutual Economic Aid CMEA Certified Machinery Equipment Appraiser CMEA Colorado Music Education Association )." Legislators are scheduled to hold hearings today on Rep. Goodlatte's "SAFE" (Security And Freedom Through Encryption) bill, HR695. The problem affects numbers dialed on the key pad of a cellular handset, including any telephone, PIN, or credit card numbers dialed. The system was supposed to protect the privacy of those dialed digits, but the encryption is weak enough that those digits are accessible to eavesdroppers with a digital scanner. The cryptographers blame the closed-door design process and excessive pressure from U.S. military interests for problems with the privacy standard. The cellular industry attempted to balance national security with consumer privacy concerns. In an attempt to eliminate recurring security problems, the cellular standards arm of the Telecommunications Industry Association See TIA. (body, standard) Telecommunications Industry Association - (TIA) An association that sets standards for communications cabling. Cables that TIA set standards for include: EIA/TIA-568A and EIA/TIA-568B category three, four and five cable. (TIA (1) (Telecommunications Industry Association, Arlington, VA, www.tiaonline.org) A membership organization founded in 1988 that sets telecommunications standards worldwide. It was originally an EIA working group that was spun off and merged with the U.S. ) privately designed this new framework for protecting cellular phones. The system uses encryption to prevent fraud, scramble voice communications, and protect users' privacy. These new protections are being deployed in today's digital cell phones, including CDMA (Code Division Multiple Access) A method for transmitting simultaneous signals over a shared portion of the spectrum. The foremost application of CDMA is the digital cellular phone technology from QUALCOMM that operates in the 800 MHz band and 1.9 GHz PCS band. , NAMPS NAMPS Narrowband Advanced Mobile Phone Service NAMPS Night-Attack Mission Planning System NAMPS Navy Manpower Programming System NAMPS Narrowband Analog Mobile Phone Service , and TDMA (Time Division Multiple Access) A satellite and cellular phone technology that interleaves multiple digital signals onto a single high-speed channel. For cellular, TDMA triples the capacity of the original analog method (FDMA). . Not a new problem As early as 1992, others -- including noted security expert Whitfield Diffie -- pointed out fatal flaws in the new standard's voice privacy feature. The two flaws provide a crucial lesson for policy makers and consumers, the researchers said. These weaknesses are symptomatic of broad underlying problems in the design process, according to Wagner. Many have criticized the National Security Agency (the U.S. military intelligence agency in charge of electronically monitoring foreign powers) for insinuating itself into the design process, pressuring designers to cripple the security of the cellular encryption technique and hamstringing emerging cellular security technology. "The result is weaker protection for everybody," Kelsey said. "This is another illustration of how U.S. government efforts to control cryptography threaten the security and privacy of Americans," said David Banisar, attorney for the Electronic Privacy Information Center Electronic Privacy Information Center or EPIC is a public interest research group in Washington D.C.. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values in the in Washington, D.C. This is not the first report of security flaws in cellular telephony. Today, most cellular phone calls can be intercepted by anyone in the area listening to a scanner, as House Speaker Newt Gingrich learned this past January when someone with a scanner recorded one of his cellular calls. According to FCC estimates, the cellular telephony industry lost more that $400 million to fraud and security problems last year. CMEA Technology CMEA is a symmetric cipher, like the Digital Encryption Standard (DES). It uses a 64-bit key, but weaknesses in the algorithm reduce the key to an effective length of 24 or 32 bits, significantly shorter than even the weak keys the U.S. government allows for export. Greg Rose, program chair of the 1996 USENIX Security Symposium, put the results in context: "This break does not weaken the digital cellular fraud protections. And it's still true that digital cellular systems are much harder to casually eavesdrop on than analog phones. But it's clear from this break that a determined criminal with technical resources can intercept these systems." Counterpane Systems is a Minneapolis, MN-based consulting firm specializing in cryptography and computer security. Bruce Schneier is president of Counterpane and author of three books on cryptography Books on cryptography have been published sporadically and with highly variable quality for a long time. This is despite the tempting, though superficial, paradox that secrecy is of the essence in sending confidential messages — see Kerckhoffs' principle. and security. David Wagner is a founding member of the ISAAC Isaac (ī`zək) [Heb.,=laughter], according to the patriarchal narratives of the Book of Genesis, Isaac was the only son of Abraham and Sara. He married Rebecca, and their sons were Esau and Jacob. Ishmael was his half brother. computer security research group at UC Berkeley. In the Fall of 1995, the ISAAC group made headlines by revealing a major flaw in Netscape's web browser. The authors also hasten to thank Greg Rose for his advice. CONTACT: Counterpane Systems Bruce Schneier, 612/823-1098 schneier@counterpane.com or University of California, Berkeley The University of California, Berkeley is a public research university located in Berkeley, California, United States. Commonly referred to as UC Berkeley, Berkeley and Cal Robert Sanders, 510/643-6998 (PR) rls@pio.urel.berkeley.edu David Wagner, 510/643-9435 daw@cs.berkeley.edu or Jump Start Communications Lori Sinton, 415/938-2234 lsinton@aol.com |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion