WirelessNOW - March 21, 1997

WIRELESSNOW EXCLUSIVE - EXTRA EDITION

used with permission

In 1992, the wireless industry adopted an encryption system that was deliberately made less secure than what knowledgeable experts recommended at the time. It was accepted by the industry because it was a standard that would meet federal export regulations and would enable digital cell phone manufacturers to make one phone that could be sold in either the US or abroad, thus saving money.

As a result, the potential for eavesdropping has always existed and, some say, has been waiting for criminals with advanced techniques to exploit it.

Yesterday, a trio of computer experts released the news that digital isn't all it's cracked up to be--and that they have, in fact, cracked the most difficult part of the code that's used by phones to send digits from the keypad, making eavesdropping and cloning a real likelihood even on digital phones. Even this morning's Wall Street Journal, when referring to the assurances made by wireless phone companies to subscribers about the security of digital phones, [called them] "hollow promises."

WirelessNOW has conducted an exclusive interview with the head of the code-cracking triumvirate and found his straightforward responses to our questions open - and at least somewhat frightening. Following up on all the news yesterday, the Cellular Telecommunications Industry Association issued a news release assuring wireless users of the security of their phones, which Bruce Schneier, the head of the computer team that cracked the code, called "a pack of lies."

Find out why he thinks so, and what wireless companies around the country are saying about this episode, in this special edition of WirelessNOW.

Wireless Security Broken, or Seriously Flawed

Counterpane/University of California at Berkeley

03/21/97 A trio of computer wizards have cracked the code on wireless phone security and have put the information about how to do it on the Internet. And, although the process took computer experts a while to do it, now that it's done they say it was easy - and that the part that they've cracked is the most difficult of the three parts of a message that are encrypted as they leave the phone. An attack on a PCS phone can be carried out in minutes via a personal computer, the trio said. Schneier, Kelsey, and Wagner plan intend to publish their analyses in a paper called "Cryptanalysis of the Cellular Message Encryption Algorithm (CMEA)." WirelessNOW notes that a CMEA paper is already on the Counterpane Web site. Spin control abounded yesterday throughout the industry as everyone from the CTIA to large providers of digital wireless services tried to assure the public, particularly their users, that the security hadn't been breached.

MINNEAPOLIS, MINNESOTA, U.S.A., 1997 MAR 20 (Newsbytes) -- By Bob Woods. Researchers from the University of California at Berkeley and Minneapolis-based Counterpane Systems said they have discovered a flaw in the privacy protection of the new generation of wireless personal communications system (PCS) phones that they call a "setback" to the US cellular industry. But a cellular phone industry spokesperson said the flaw does not affect all transmissions, and not much of the current wireless marketplace is affected.

Counterpane's Bruce Schneier and John Kelsey, along with UC Berkeley graduate student David Wagner, discovered the problem, which affects numbers dialed into the keypad of a PCS phone using code division multiple access (CDMA), time division multiple access (TDMA), and narrowband advanced mobile phone service (N-AMPS).

Besides phone numbers, users usually dial in personal identification numbers (PINs) and credit card numbers -- types of information that can be destructive if in the hands of others, Newsbytes notes. Such an attack on a PCS phone can be carried out in minutes via a personal computer, the trio said.

Schneier, Kelsey, and Wagner plan to publish their analyses in a paper called "Cryptanalysis of the Cellular Message Encryption Algorithm (CMEA)."

Today's news comes on the same day hearings are slated to be held in Washington on the Security And Freedom Through Encryption (SAFE) bill, Newsbytes notes.

Cellular Telecommunications Industry Association (CTIA) spokesperson Tim Ayers told Newsbytes that the problem detailed by the three researchers affects the most hackable of three algorithms involved in PCS phones. The other two algorithms, voice and cloning protection, have not been compromised as of yet, he said.

When it comes to the consumer market, though, he said the flaw shouldn't worry the consumer user, and that PCS phones in general should not be regarded as security devices. "If someone wants to get information on you, they'll eventually get it," he said.

But "This should not have a significant impact on the market in general," Ayers said, mainly because PCS phones only comprise about five percent of the total market. But Newsbytes notes that number is increasing as wireless carriers open new networks across the US.

Many PCS providers advertise their services as being totally safe and much more secure than analog cellular phones, Newsbytes notes. Ayers said he sees no problems with that kind of promotion following today's news, and that "in practical matters, they (PCS phones) are safe."

Today's report does prove, however, that "any technology can be broken," Ayers said. He also said the revelation might even serve a "useful purpose," in that laws can be made now to protect the future.

Ayers advocated that Congress should take the initiative to make the "sale of devices (used to hack PCS phones) illegal. Already, the act of obtaining such information is against the law."

The three researchers said their discovery "points to serious problems in the closed-door process used to develop these privacy measures." They also blame "US military interests" for the situation, because the Telecommunications Industry Association (TIA) privately designed the new framework for protecting PCS phones.

Ayers said his association has no comment on these assertions.

-0-

(19970320/Press Contacts: Bruce Schneier, Counterpane Systems, 612-823- 1098; Tim Ayers, CTIA, 202-785-0081/Reported By Newsbytes News Network: http://www.newsbytes.com)

Copyright 1997 by original source and CommunicationsNOW

Code Cracker Blasts CTIA Response As "Lies"

In an exclusive interview with WirelessNOW, Bruce Schneier, one of the researchers who cracked the digital cell phone code as reported here yesterday said cracking the algorithm really was "not that difficult." Schneier and his colleagues actually breached the digital cell phone security over a month ago. The details were released yesterday in order to shed light on an industry problem. The history behind cracking the code sounds more like a clandestine spy thriller than a mundane story of how researchers toiled at desktop computers tirelessly to break a complex code. Although the team of researchers only broke the encryption code that relays the numbers a user dials including PIN, credit card numbers and telephone numbers, Schneier was quick to point out that it was more difficult to crack that code than the voice algorithm. "The voice algorithm is 'Civil War era' - incredibly easy to break," he said in a phone interview with WirelessNOW.

The CTIA was informed of the security breach a day before the press release was issued. In response the CTIA has issued a set of questions and answers which Schneier called "the CTIA 'pack of lies' press release."

In addition, the researchers did not extend their results to GSM technology in use in Europe and other areas outside the US. In fact, GSM-adapted systems in the US are as much at risk as any other system because they are located in the US where the government's involvement and fear of not being able to eavesdrop on conversations of suspected criminals has influenced the set of encryption codes used by the industry.

In 1992, the industry adopted an encryption system that was deliberately made less secure than what knowledgeable experts recommended at the time. It was accepted by the industry because it was a standard that would meet federal export regulations and would enable digital cell phone manufacturers to make one phone that could be sold in either the US or abroad, thus saving money.

Encryption algorithms are regarded as weapons of war in the US and their export is licensed under the State Department's International Traffic in Arms Regulations (ITAR).The encryption watchdog in the US is the National Security Agency (NSA). With 12 underground acres located in Fort Meade, Maryland, equipped with the best computer hardware in existence, the agency "wiretaps the world."

The NSA was created in 1952 in response to a memorandum, which was kept under wraps for almost 40 years, sent by Harry Truman to the Secretaries of State and Defense. The memo placed the NSA under the authority of the Secretary of Defense charging the NSA with monitoring and decoding any signal transmission relevant to the security of the country.

The NSA is restricted from conducting domestic surveillance by the 1978 Foreign Intelligence Surveillance Act, but the agency, whose initials once were said to stand for "No Such Agency," has been playing a role behind the scenes in determining the security of our communications systems.

The NSA has been enforcing an unwritten policy that if a device contains an encryption scheme which the NSA can't easily break, it doesn't get a license for international sale.

In February of this year an Ad Hoc Authentication Task Force, TR45.3, met near Giants Stadium in East Rutherford, New Jersey. The group consists of members from the cellular industry who have been working on a standard for digital cellular transmission authentication and privacy protection, a standard know as IS-54B. The group agreed not to publish an encryption scheme for US-made digital cellular systems and justified its action with a statement that said publication would defeat the purpose of the algorithm based on the group's current understanding of the export requirements. What export requirements have to do with an encryption algorithm is difficult to determine. Some believe the decision not to hold the algorithm up to the scrutiny of cryptologists was done to appease the NSA and continue to be granted export licenses.

For what reason then is the NSA compromising the security of digital cellular networks? According to documents found on Bruce Schneier's web page, "the most important result of the NSA's encryption embargoes has been the future convenience of domestic law enforcement." Schneier said, "Basically the NSA is putting the military ahead of the people."

The problem is no less than that of a federal agency that answers publicly to no one and maintains the ability to listen in on supposedly "secure" conversations. Even if the object of the embargoes is to curtail drug trafficking, terrorism or other criminal activities, the NSA is effectively enabling domestic law enforcement officials to listen in or record your keystrokes or whatever else it might decide to do without your knowledge or without obtaining the legal right to do so thanks to thinly veiled digital cellular security.

WirelessNOW asked Bruce Schneier what he wanted the industry to know. "I would like them to use open standards and hire real cryptographers and strop trying to do things in the back room under a cloak of secrecy." Schneier points out that an open industry is stronger than one that relies upon pledged secrecy. He puts the banking industry up to the light next to the aviation industry. In the banking industry, if they have a security breach, they keep it to themselves frightened that if it is known, their customers and the industry will lose confidence. On the other hand, when there is an aviation accident all the details are released and the industry and consumers learn from the information.

Schneier said, "Systems need to be designed with the advice of a professional cryptographer working together with engineers. You can't make systems secure by tacking on cryptography after the fact."

Copyright 1997 by original source and CommunicationsNOW

NSA Denies Role In Encryption Technology

Counterpane/National Security Agency/TIA

03/21/97 Reuters has reported that the National Security Agency (NSA) said it merely provided technical advice to the Telecommunications Industry Association (TIA) regarding whether or not the encryption technology could be exported under US export regulations. In a statement the National Security Agency said it "had no role in the design or selection of the encryption" technology selected. "NSA also had no role in the design or manufacture of the telephones themselves," said the statement.

WASHINGTON - Reuters has reported that David Wagner, a graduate student at the University of California at Berkley who helped break the code, said the discovery is "symptomatic of broad underlying problems in the design process."

Copyright 1997 by original source and CommunicationsNOW

GSM North America Responds To Security Breach

Counterpane/GSM North America news

03/21/97 GSM North America has assured its subscribers that the privacy compromise discussed today does not involve phones using GSM digital technology. In fact, the company claims that more than 300,000 GSM phone customers in more than 140 cities in the US and Canada can be assured that the level of enhanced security and call privacy remains as strong as ever. WirelessNOW's information indicates that that may be a temporary advantage, however, as the GSM systems based in the U.S. which are used for PCS may ultimately prove to be at as much risk as digital cellular phones because they, too, are manufactured with the same less-than-stringent security codes as a result of government restrictions.

WASHINGTON, March 20 PRNewswire -- GSM North America, a consortium of new wireless PCS service providers in the U.S. and Canada, issued the following response to today's announcement by a group of professional and academic cryptographers about a "flaw in the privacy protection" used in wireless digital communications:

This privacy compromise discussed today does not involve phones using Global Systems for Mobile Communications (GSM) digital technology.

In fact, the more than 300,000 GSM phone customers in more than 140 cities in the U.S. and Canada can be assured that the level of enhanced security and call privacy remains as strong as ever.

GSM technology employs both "smart card" technology and the most sophisticated encryption algorithms available. This proven, global technology is being used today by 33 million people worldwide and has yet to be compromised.

While the tougher security of this digital standard provides a strong safeguard to security and privacy, GSM carriers and manufacturers intend to be diligent in their efforts to protect customers from electronic eavesdropping and thievery.

SOURCE GSM North America

-0-

CONTACT: Mike Houghton, 703-799-7383, or e-mail, houghton@communicreate.com, for GSM North America

Copyright 1997 by original source and CommunicationsNOW

PBMS GSM System Does Not Use CMEA Code

Counterpane/Pacific Bell Mobile Services news

03/21/97 Lyndon R. Daniels, president and CEO, Pacific Bell Mobile Services, said, that their GSM-based system does not use the CMEA encryption code. Daniels also added that wireless eavesdropping is illegal and the laws need to be strengthened.

PLEASANTON, Calif.--(BUSINESS WIRE)--March 20, 1997--The following is a statement by Lyndon R. Daniels, president and CEO, Pacific Bell Mobile Services:

"Eavesdropping on wireless communications is an illegal activity equivalent to computer hacking, and the laws protecting the security of wireless conversations must be strengthened.

"To help protect the security of our subscribers' calls, Pacific Bell Mobile Services selected a network technology called Global System for Mobility (GSM). GSM offers multiple levels of security to the subscribers of Personal communications Services wireless phones.

"The Berkeley study affected only the Telecommunications Industry Association's Cellular Message Encryption Algorithm (CMEA), which is used in conventional digital cellular systems. The CMEA algorithm is not used in the GSM system selected by Pacific Bell Mobile Services."

--30--

CONTACT: Pacific Telesis

Linda Bonniksen, 213/975-5061

Copyright 1997 by original source and CommunicationsNOW

up to CMEA

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..