[2868] in cryptography@c2.net mail archive
applications for GSM cloning hack
daemon@ATHENA.MIT.EDU (Adam Back)
Thu Jun 25 17:54:30 1998
Date: Thu, 25 Jun 1998 22:29:17 +0100
From: Adam Back <aba@dcs.ex.ac.uk>
To: cypherpunks@cyberpass.net
Now that GSM phones have been shown to be clone-able I would like to
pose the question of what types of anonymity applications we can
construct based on the ability to extract the authentication key from
ones own GSM phone.
It seems that the obtained authentication key could be used to create
authentication messages for re-sale (providing a payment system and
infrastructure), or exchange with other phone users (to provide caller
anonmity via identity mixing.)
If I understand correctly, the authentication messages are sent in
response to random challenges by phone network nodes; so the key must
be used with the authentication function on demand, this then either
requires a trusted entity (a network server, or hacked GSM phone
acting as a server) to hold your authentication key and sell
authentication messages created with it, or that you be online
yourself. The online requirement would require an anonymous user to
obtain a challenge from the phone network node; contact a
authentication message re-seller, or message mixing server, buy or
exchange an authentication message satisfying the challenge but in
another phone users identity, and then complete the authentication.
This may require the user to have two GSM phones, or a reprogrammed
phone or to have an alternative method to connect to a server.
Questions I would be interested in comments on from those more
familiar with the protocols are:
- how much of the above is practical
- The value of a GSM authenticaton message depends on the details of
the GSM authentication protocol:
- is the call reauthenticated periodically,
- if so how often,
- is the authentication related to the phone number or tariff rate
the token can be used for.
- can modifications to the authentication protocol be made to prevent
someone from buying enough authentication messages from you to
obtain your phones authentication key (the obvious one is only sell
a limited number of authentication messages... are there better
methods?)
Adam
