Cloud Hosting

from the endangering-phone-users-in-the-name-of-public-safety dept

Researchers have discovered a backdoor in 2G encryption, one that was deliberately created. As this report by Lorenzo Franchesi-Bicchierai for Motherboard points out, the researchers didn't necessarily know it was deliberate when they discovered it.

Researchers from several universities in Europe found that the encryption algorithm GEA-1, which was used in cellphones when the industry adopted GPRS standards in 2G networks, was intentionally designed to include a weakness that at least one cryptography expert sees as a backdoor. The researchers said they obtained two encryption algorithms, GEA-1 and GEA-2, which are proprietary and thus not public, "from a source." They then analyzed them and realized they were vulnerable to attacks that allowed for decryption of all traffic.

The researchers said in their research paper the backdoor appeared to be deliberate. They reverse-engineered the algorithm, trying to randomly replicate the weakness in the random number generator they'd discovered. They were unable to do so. After observing this, they came to a pretty dead-on conclusion:

This implies that the weakness in GEA-1 is unlikely to occur by chance, indicating that the security level of 40 bits is due to export regulations.

This was confirmed shortly after the paper [PDF] was published.

A spokesperson for the organization that designed the GEA-1 algorithm, the European Telecommunications Standards Institute (ETSI), admitted that the algorithm contained a weakness, but said it was introduced because the export regulations at the time did not allow for stronger encryption.

This algorithm hasn't been in common use for years. The 2G standard has been abandoned in favor of 3G and 4G, eliminating this deliberately induced weakness. Export regulations no longer require deliberate weakening of encryption, so current standards are far more secure.

But even though 2G networks haven't been in common use since the early 2000's, this weakness (which still exists) still has relevance. One of the features of Stingray devices and other cell site simulators is the ability to force all connecting phones to utilize a 2G connection.

Handsets operating on 2G will readily accept communication from another device purporting to be a valid cell tower, like a stingray. So the stingray takes advantage of this feature by jamming the 3G and 4G signals, forcing the phone to use a 2G signal.

This means anyone using a cell site simulator can break the weakened encryption and intercept communications or force connecting devices to cough up precise location data. While law enforcement agencies (including the FBI) claim not to use any features that allow interception, the US is not the only customer for these devices. And there's been no confirmation that any US agency isn't using these to intercept communications they feel aren't protected by the Fourth Amendment, like conversations occurring in other countries (remember: the military had Stingrays first) or close to our nation's borders.

This revelation adds more info to the body of work dealing with the first cryptowar that began all the way back in the 1990s. Back then, the US government considered the export of strong encryption to be a criminal act. The NSA was one of the beneficiaries of this determination. This determination -- and the NSA's input -- resulted in the standardization of weakened encryption by the RSA. Even after the US government abandoned its criminalization of strong encryption, state-sponsored hackers (including our own NSA) were often able to force to force sites and content delivery services to utilize "export grade" encryption rather than stronger options in order to intercept communications and content.

Fortunately, most of that is behind us now. Our communications are now protected by encryption that hasn't been deliberately weakened. But it's still out there. And it can still be exploited by attackers with the right tools.

Thank you for reading this Techdirt post. With so many things competing for everyones attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise and every little bit helps. Thank you.

The Techdirt Team

Filed Under: 2g, backdoor, encryption, gea-1, weakened

See the original post here:
Researchers: 2G Connection Encryption Deliberately Weakened To Comply With Cryptowar Export Restrictions - Techdirt