FRANKFURT, Germany, – A German security expert has raised the ire of the cell phone industry after he and a group of researchers posted online a how-to guide for cracking the encryption that keeps the calls of billions of cell phone users secret.
Karsten Nohl, 28, told the Associated Press this week that he, working with others online and around the world, created a codebook containing how to get past the GSM standard encryption used to keep conversations on more than 3 billion mobile phones safe from prying ears.
Nohl said the purpose was to push companies to improve security. The collaborative effort put the information online through file-sharing sites.
“The message is to have better security, not we want to break you,” he said.
GSM, the leading cell phone technology around the world, is used by several wireless carriers in the U.S., with the largest being AT&T Inc. and T-Mobile USA. Verizon Wireless and Sprint Nextel Corp. use a different standard.
The GSM Association, a trade group that represents nearly 800 wireless operators, said it was mystified by Nohl’s rationale.
Claire Cranton, a spokeswoman for the London-based group, said that “this activity is highly illegal in the U.K.”
It has already been possible to intercept GSM calls, but the equipment is generally only available to law enforcement.
Regular wiretapping of cellular calls is also possible, since they travel unencrypted over standard wiring after being picked up by a cell tower.
Even with Nohl’s exploit, expensive and sophisticated radio equipment placed close to the target is required to pull the calls off the air.