Did you ever think that your GSM phone calls are encrypted and can’t be monitored? Well, unfortunately GSM has been cracked. Last week Steve Gibson explained in his weekly Podcast Security Now! how GSM can be cracked.
It’s not as easy as listening to your neigbours conversation with a handheld scanner, but a software defined radio and the right application will enable you to listen to GSM conversations.
The main weakness of GSM is it’s old fashioned encryption. GSM is basically only XORing the binary data stream with a key. Being designed almost 20 years ago, hardware performance was very limited and it was almost impossible to re-engineer the crypto key. Today an off the shelve PC will do the job. All you need are a few terrabyte of harddisk to store the rainbow tables.
If you speak German, you will be able to listen to a Podcast of the famous Chaos Computer Club (CCC) episode they dedicated to GSM vulnerabilities.