27C3 - Version 1.6.3

27th Chaos Communication Congress
We come in peace

Referenten
Karsten Nohl
Sylvain Munaut
Programm
Tag Day 2 - 2010-12-28
Raum Saal 1
Beginn 14:00
Dauer 01:00
Info
ID 4208
Veranstaltungstyp Vortrag
Track Hacking
Sprache der Veranstaltung englisch
Feedback

Wideband GSM Sniffing

GSM is still the most widely used security technology in the world with a user base of 5 billion and a quickly growing number of critical applications. 26C3's rainbow table attack on GSM's A5/1 encryption convinced many users that GSM calls should be considered unprotected. The network operators, however, have not woken up to the threat yet. Perhaps the new capabilities to be unleashed this year – like wide-band sniffing and real-time signal processing – will wake them up.

Now that GSM A5/1 encryption can be cracked in seconds, the complexity of wireless phone snooping moved to signal processing. Since GSM hops over a multitude of channels, a large chunk of radio spectrum needs to be analyzed, for example with USRPs, and decoded before storage or decoding. We demonstrate how this high bandwidth task can be achieved with cheap programmable phones.

Archived page - Impressum/Datenschutz