Wittering2.0

A5/1 Now Affordably Crackable

The use of FPGA-generated rainbow tables to crack previously “economically unfeasible” targets has seen another target tumble to the floor: A5/1 a stream cipher which is the most common encryption scheme used in GSM cellular phone networks.  The theoretical crack has been known for approximately a decade[1] but at this year’s BlackHat DC[2] “SteveX” and Dave Hulton demonstrated a practical attack using approximately US$1000 of hardware and taking 30 minutes. Some coverage from NateMcFetters (ZDNet)[3] and good details from J. Nicholas Hoover[4] (InformationWeek).

There’s some more interesting coverage  on The Ethical Hacker’s blog[5] and they report that each cracked key is good for 16 calls.  

1.  Golic’s 1997 attack for example required approximately 1 TB of disk space and three weeks to perform an attack using PC hardware.

2.  https://www.blackhat.com/html/bh-dc-08/bh-dc-08-main.html

3.  http://blogs.zdnet.com/security/?p=895

4. http://www.informationweek.com/security/showArticle.jhtml;jsessionid=I0X?articleID=206800800

5.  http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,2126.msg8798/topicseen,1/#new