Counterpane's Reply to CTIA
MINNEAPOLIS -- The Cellular Telecommunications Industry Association (CTIA)
issued a press release discussing our recent cryptographic break against
digital cellular phones. Following is a correction of some of their
- It is true that our paper did not discuss voice encryption, but that
does not mean that the voice encryption system is any good. As early as
1992 others -- including noted expert Whitfield Diffie -- pointed out
fatal flaws in the new standard's voice privacy features. The underlying
technology is the Vigenère cipher, which was broken by the Union Army during the
American Civil War. One cryptographer was quoted in the July 1992
Communications of the ACM
calling the voice privacy protection "pitifully
easy to break." Certainly, digital cellular is harder to eavesdrop on than
analog cellular. The latter just requires a scanner tuned to the correct
frequencies. Digital cellular voice security can be broken in real time by
anyone with a little bit of budget, expertise, and desire.
- While our break did involve sophisticated cryptographic expertise, our
results have been published. We have no intention of publishing our
computer code, but anyone able to understand our paper can implement our
attack. It is not true that "any technology developed by one person can be
broken by another with the application of sufficient technology." The
Telecommunications Industry Association (TIA) could have designed secure
algorithms to protect voice and messages. They chose not to.
- While it is true that our announcement does not affect most people
because they use analog phones, that is a misleading statement. Analog
phones are even less secure; the whole point of digital cellular was that
it was secure. This announcement affects both CDMA and TDMA cellular
systems, but not GSM systems.
- The phone industry did not develop phones with unbreakable security
because they chose not to. It is possible, with today's technology, to
implement digital cellular algorithms in cellular phones without affecting
the phone's weight, power consumption, voice quality, or call setup. It
takes more computer processing power to digitize the voice than it does to
encrypt the digital voice.
- It is true that our attack does not affect phone cloning. The TIA put
more effort into proventing cellular fraud, because that directly affects
their bottom line. Cellular privacy is much less of a concern, so they
didn't bother doing a good job.
- All the industry seems to be doing about this problem is releasing
misleading press releases in an attempt to pretend that nothing is wrong.
One moral of this story is that good security standards need to be
developed in the open. The CTIA believed that keeping the details of their
security measures secret improved the security of the system. This notion
only works as long as the details remain secret. All good security systems
are designed to remain secure even if their details are made public. To do
otherwise is naive and foolish. It's like creating recipes without ever
bothering to let anyone taste the food.
The CTIA also pointed to the need for legislation to make this illegal.
While important, this is not a solution. Listening in on analog cellular
phones is illegal, but people do it all the time. Stealing cars is
illegal, but Lojack is still in business. We need to protect ourselves
with technology, not with legislation. Laws are a quick fix for an
industry unwilling to devote resources to solving their problems.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.