A German computer engineer said recently that he had deciphered the encryption code used to secure most of the world’s mobile Internet traffic and that he aimed to publish a guide to prompt mobile operators worldwide to improve their safeguards.
Karsten Nohl, who posted online the algorithms used by mobile operators to encrypt voice conversations on digital phone networks last 2009, said during a press briefing he planned to show how he had intercepted and read the data during a presentation Wednesday.
Nohl narrated he and a colleague, Luca Melette, intercepted and decrypted wireless data using a cheap, modified, and antiquated Motorola cellphone and several free software programs The two intercepted and decrypted data traffic in a five-kilometer radius, Nohl said.
The intercepting phone was used to test networks in Germany, Italy and other European countries that Nohl declined to identify. In Germany, Nohl said he was easily able to decrypt and read data transmissions on all four mobile networks — T-Mobile, O2 Germany, Vodafone and E-Plus. He concluded that the level of encryption provided by operators is weak. In Italy, Nohl discovered that two operators, TIM, the mobile unit of the market leader, Telecom Italia, and Wind did not even encrypt their mobile data transmissions at all.
A spokeswoman for the London-based GSM Association, the industry group that represents global telephone operators, said the group will wait for further details of Mr. Nohl’s research before commenting.
Vodafone said in a press statement that “We regularly review security protocols and carry out risk assessments to prevent the kind of exploit described. We practice appropriate measures across our networks to protect our customers’ privacy.”
Nohl said he developed his interception technique on an internal broadband network he built at his research firm, Security Research Labs, in Berlin. His tests focused on mobile data networks that ran on the General Packet Radio Service (GPRS) technology, which is used widely across the globe.
Rogers Communications, a Canadian mobile operator, estimates that 90 percent of mobile data traffic still runs on old GPRS networks.
Based on his work for mobile operators who hire him to detect vulnerabilities in their systems, Nohl said many operators continue to run unencrypted data networks because it allows them to block more easily competing, unwanted services like Skype’s free VoIP services which bypasses the operators’ voice networks. Nohl said that with encryption enabled, the operator cannot read the data from the traffic anymore while in transit to the central GPRS system.
Nohl announced he intended to release his instructions at a conference of the Chaos Computer Club, a computer hackers’ group, which is being held near Berlin in Finowfurt, Germany. The guide will show how to convert a Motorola C-123 cellphone, which is designed to run open-source programs, into an interception device. But he added he wouldn’t release the keys to unlock the encryption used by operators to secure GPRS networks.