By now, it's a familiar story: a secretive intelligence agency targeted law-abiding security professionals in order to break one of the world's most fundamental encryption systems. In this case, it was the GCHQ breaking into Gemalto, one of the world’s largest SIM card manufacturers, in order to steal the keys to the encryption that secures phone calls as they travel from devices to towers. We're still sorting through the wreckage, but it's likely to affect carriers across the world. But while the attack fits the mold of previous Snowden revelations, there are some crucial differences this time around.
The Gemalto attack is unique not just for its aggressive scope, but for how little it seems to have actually accomplished. Intelligence agencies were already able to listen in on phone conversations through targeted exploits, stingray attacks and carrier requests. While the Gemalto attack took bold and criminal steps to break through SIM encryption, it seems to have offered only a marginal improvement in that ability. What's most shocking about the revelations is how far the GCHQ will go for a slightly better angle of attack.
Compared to the more sophisticated encryption protecting e-mail or chat, cell conversations have only minimal protection. In part, that's because the SIM system was never meant to stand up to a sophisticated attack. When the system was deployed in the early '90s, the biggest concern was users trying to steal service. A hidden SIM key meant you couldn't clone someone else's cell phone to make calls on their dime. It also introduced just enough encryption that you couldn't listen in on conversations in mid-air, but the limitations of cellphone hardware kept it from being too advanced.
As a result, researchers were discussing SIM-level attacks long before they heard the name Edward Snowden. In the case of the old GSM (or 2G) cell system, there are countless problems, including weak encryption algorithms and no measure to authenticate cell towers, opening users up to interception by fake cell towers known as stingrays. Even more advanced cell encryption algorithms aren't up to the standards you'd find on a computer. In 2010, a group of researchers were able to crack 3G encryption in just two hours of computing time on a single PC, although the attack required significant data to draw from. It's alarming to find SIM protections entirely bypassed, but the protections weren't that strong to begin with.
"RESEARCHERS CRACKED 3G ENCRYPTION WITH JUST TWO HOURS OF COMPUTING TIME ON A SINGLE PC"
Even after GCHQ cracked the SIM cards, there’s a limit to how much the agency could do with them. SIM encryption isn't end-to-end — it only encrypts conversations between your phone and the cell tower — so it's only useful if you're grabbing signals out of the air. It can't be used for bulk collection, and any specific collection would be tied to the target's physical location. For the GCHQ to make use of its newly stolen SIM cards, it would have to be within a mile of whoever it wants to listen to, actively pulling a signal transmission out of the mess of wireless cell traffic. That's usually more trouble than it's worth, leading intelligence agencies to get the data from other weak points in the carrier infrastructure, whether it's a direct court order for carrier cooperation or an exploit targeting the phone itself.
As a result, it's hard to see where Gemalto's SIM cards would meaningfully help the GCHQ. If they want to intercept calls in transit, they have a stingray to let them do it. Any data that can't be gotten through a carrier request (which, as NSA leaks have shown, isn't much) can probably be decrypted through brute force, thanks to the relatively weak algorithms in play. Sure, having the SIM cards ready lets them do it a little bit faster and a little bit more reliably. They don't have to worry as much about carrier participation, and they don't have to worry about the network anomalies a Stingray might cause —but it's still a very small upgrade in operational capacity, compared to the huge undertaking it took to break Gemalto's security measures.
If that sounds reassuring, it shouldn't. If anything, it's proof of how out of
The Gemalto attack is unique not just for its aggressive scope, but for how little it seems to have actually accomplished. Intelligence agencies were already able to listen in on phone conversations through targeted exploits, stingray attacks and carrier requests. While the Gemalto attack took bold and criminal steps to break through SIM encryption, it seems to have offered only a marginal improvement in that ability. What's most shocking about the revelations is how far the GCHQ will go for a slightly better angle of attack.
Compared to the more sophisticated encryption protecting e-mail or chat, cell conversations have only minimal protection. In part, that's because the SIM system was never meant to stand up to a sophisticated attack. When the system was deployed in the early '90s, the biggest concern was users trying to steal service. A hidden SIM key meant you couldn't clone someone else's cell phone to make calls on their dime. It also introduced just enough encryption that you couldn't listen in on conversations in mid-air, but the limitations of cellphone hardware kept it from being too advanced.
As a result, researchers were discussing SIM-level attacks long before they heard the name Edward Snowden. In the case of the old GSM (or 2G) cell system, there are countless problems, including weak encryption algorithms and no measure to authenticate cell towers, opening users up to interception by fake cell towers known as stingrays. Even more advanced cell encryption algorithms aren't up to the standards you'd find on a computer. In 2010, a group of researchers were able to crack 3G encryption in just two hours of computing time on a single PC, although the attack required significant data to draw from. It's alarming to find SIM protections entirely bypassed, but the protections weren't that strong to begin with.
"RESEARCHERS CRACKED 3G ENCRYPTION WITH JUST TWO HOURS OF COMPUTING TIME ON A SINGLE PC"
Even after GCHQ cracked the SIM cards, there’s a limit to how much the agency could do with them. SIM encryption isn't end-to-end — it only encrypts conversations between your phone and the cell tower — so it's only useful if you're grabbing signals out of the air. It can't be used for bulk collection, and any specific collection would be tied to the target's physical location. For the GCHQ to make use of its newly stolen SIM cards, it would have to be within a mile of whoever it wants to listen to, actively pulling a signal transmission out of the mess of wireless cell traffic. That's usually more trouble than it's worth, leading intelligence agencies to get the data from other weak points in the carrier infrastructure, whether it's a direct court order for carrier cooperation or an exploit targeting the phone itself.
As a result, it's hard to see where Gemalto's SIM cards would meaningfully help the GCHQ. If they want to intercept calls in transit, they have a stingray to let them do it. Any data that can't be gotten through a carrier request (which, as NSA leaks have shown, isn't much) can probably be decrypted through brute force, thanks to the relatively weak algorithms in play. Sure, having the SIM cards ready lets them do it a little bit faster and a little bit more reliably. They don't have to worry as much about carrier participation, and they don't have to worry about the network anomalies a Stingray might cause —but it's still a very small upgrade in operational capacity, compared to the huge undertaking it took to break Gemalto's security measures.
If that sounds reassuring, it shouldn't. If anything, it's proof of how out of
posted from Bloggeroid
No comments:
Post a Comment