Docstoc

Gsm Intercepting Traffic

Document Sample
Gsm Intercepting Traffic Powered By Docstoc
					Intercepting GSM Traffic

David Hulton

h1kari <0x31337@gmail.com> http://wiki.thc.org/gsm http://www.openciphers.org http://www.picocomputing.com http://www.toorcon.org

Agenda
● ● ● ●

Intro GSM Receiving GSM signals Cracking A5/1

February 15th, 2008

ShmooCon 4

Intro to GSM
●

Widely deployed
● ● ●

AT&T T-Mobile Most other country's carriers Authentication (A3/A8) Encryption (A5)

●

Security
● ●

February 15th, 2008

ShmooCon 4

Intercepting Traffic
●

Intercepting Traffic
● ● ● ●

Nokia 3310 / Ericsson / TSM USRP (gssm Project) TI's OMAP dev kit Commercial Interceptors

February 15th, 2008

ShmooCon 4

What now?
● ●

Various hardware will capture traffic Turns out that many basestations send SMSs unencrypted What about capturing conversations? Some countries don't use any encryption (A5/0) or weak encryption (A5/2) The US and most countries use A5/1

● ●

●

February 15th, 2008

ShmooCon 4

A5/1 Cracking

A8(Ki)

Authenticate

A8(Ki)

Kc

Kc

A5(Kc)

Conversation

A5(Kc)

February 15th, 2008

ShmooCon 4

A5/1 Cracking

Frame

Frame

A5(Kc,Frame)

+

+

A5(Kc,Frame)

Plain-text

Plain-text

February 15th, 2008

ShmooCon 4

A5/1 Cracking

● ● ●

Clock in 64-bit Kc and 22-bit frame number Clock for 100 cycles Clock for 114 times to generate 114-bits

February 15th, 2008

ShmooCon 4

A5/1 Cracking
● ● ●

Other attacks are academic BS. 3-4 Frames. Fully passive. Combination of Rainbow Table attack and others.

February 15th, 2008

ShmooCon 4

Sliding Window

[0|1|1|0|1|0………………………....….…....….|1|0|1|1]
[ 64 bit Cipherstream 0 ……….] [ 64 bit Cipherstream 1 ……......] [ 64 bit Cipherstream 2 ..……….] …………………………. [ 64 bit Cipherstream 50 ..……….]

February 15th, 2008

ShmooCon 4

Sliding Window
● ● ●

Total of 4 frames with 114-bits 114 – 64 + 1 = 51 keystreams per frame 51 x 4 frames = 204 keystreams total

February 15th, 2008

ShmooCon 4

Rainbow Table

64-bits keystream

Password

Lanman Hash

February 15th, 2008

ShmooCon 4

Rainbow Table
●

●

● ●

Build a table that maps 64-bits of keystream back to 64-bits of internal A5/1 state 204 data points means we only need 1/64th of the whole keyspace 258 = 288,230,376,151,711,744 About 120,000 times larger than the largest Lanman Rainbow Table

February 15th, 2008

ShmooCon 4

How do we do this??
●

1 PC
● ●

550,000 A5/1's per second 33,235 years 72,533,333,333 A5/1's per second 3 months

●

Currently using 68 Pico E-16 FPGAs
● ●

●

Building new hardware to speed this up

February 15th, 2008

ShmooCon 4

Hardware

February 15th, 2008

ShmooCon 4

Rainbow Table
●

Cheap Attack (~30 min)
● ●

6 350GB Hard Drives (2TB) 1 FPGA (or a botnet) 16 128GB Flash Hard Drives (2TB) 32 FPGAs Can speed it up with more FPGAs

●

Optimal Attack (~30 sec)
● ● ●

February 15th, 2008

ShmooCon 4

Reverse Clocking

● ●

●

Load A5/1 internal state Reverse clock with known keystream back to after Kc was clocked in Will resolve to multiple possible A5/1 states
ShmooCon 4

February 15th, 2008

Reverse Clocking
● ● ●

● ●

Reverse all 3 A5/1 internal states The common state will be the correct one Use the internal state and clock forward to decrypt or encrypt any packet Can solve linear equations to derive key But isn't really necessary

February 15th, 2008

ShmooCon 4

Conclusions
● ● ●

Tables will be finished in March Commercial version in Q2/08 Will be scalable to whatever decryption time period is required

February 15th, 2008

ShmooCon 4

Threats & Future
● ● ● ● ●

GSM security has to become secure. Data/Identity theft, Tracking Unlawful interception Attacks on GSM Infrastructure Receiving and cracking GSM will become cheaper and easier

February 15th, 2008

ShmooCon 4

Thank You! Questions?
●

David Hulton <0x31337@gmail.com>
●

http://www.picocomputing.com http://www.openciphers.org

●

●

ToorCon Seattle
●

http://seattle.toorcon.org Seattle - April 18th-20th, 2008

●

●

ToorCon 10
●

http://www.toorcon.org San Diego - Sept 24th-28th, 2008

●

●

ToorCamp!
●

Near Seattle - Spring, 2009
ShmooCon 4

February 15th, 2008


				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:601
posted:11/7/2009
language:English
pages:21
Description: Gsm Intercepting Traffic