[2494] in cryptography@c2.net mail archive
Re: TIME Magazine on GSM cell phone crack
daemon@ATHENA.MIT.EDU (Steve Bellovin)
Mon Apr 13 21:16:50 1998
To: Marc Horowitz <marc@cygnus.com>
cc: Declan McCullagh <declan@well.com>, marc@scard.org, cryptography@c2.net
Date: Mon, 13 Apr 1998 20:53:17 -0400
From: Steve Bellovin <smb@research.att.com>
Declan McCullagh <declan@well.com> writes:
>> Now crooks scanning the airwaves can remotely tap into a call
>> and duplicate the owner's digital ID. "We can clone the phones,"
>> brags Marc Briceno, who organized the cracking.
http://www.scard.org/press/19980413-01/ says:
>> The SDA cautions that no practical over-the-air attack is known yet
>> but that one should not be ruled out.
Ok, so which is it?
The attack as carried out requires physical access to the SIM. It's
an open question if an active attack -- that is, with a radio transmitter
impersonating a base station -- would succeed. A critical question is
the rate at which challenges can be sent -- given the timing, it's
probably not practical except by concerted attack.
The attack requires over 4000 challenge/response pairs; using the
hard-wired reader, that took 8 hours. There's a quadratic factor
in there, so the probability of a break is not linear in the time
spent. The attacker would have to do something like ride the
same train every day for a couple of weeks, with more or less the
same collection of phones. Furthermore, during such an attack the
phone would be unable to talk to the real phone network (which, of
course, is why a subway train ride is the ideal attack venue...)
Now -- how fast will the phone respond to over-the-air challenges?
Will it object to getting too many, too quickly?
