Nerding Out. Playing with the Internet. Flipping Bits n' Shit.

I just finished going through Karsten Nohl's presentation and project notes on cracking the A5/1 encryption key used to protect GSM networks.  Usually mobile phones and base stations quickly and randomly change their radio frequencies across a spectrum of 80 channels to prevent eavesdroppers from picking off and assembling a conversation floating through the air waves.  With his team's new channel hopping crack, software can now be used to control radios that makes the frequency changes at precisely the same time, and in the same order, that the cellphone and base station do.  Karsten's presentation above describes a practical means to capture calls for under $5000 USD.  Although the current software still requires the use of pre-calculated decryption keys,  it is only a matter of time before they finish calculating the rainbow tables required to deduce any unique key that encrypts a call and eavesdrop in real-time.  At that point, I will probably want to build one for myself.  It would be kinda cool to build a GSM base station (advertising itself on an unused GSM frequency band) and have it intercept and route outgoing calls from home or from the office through the Internet via Asterisk.  Maybe then I can keep the dropped calls to a minimum.