Computer Scientists Break Cellular Phone Privacy Code; Team's Effort Deals Setback to Industry
Computer scientists have broken a crucial code that protects the new generation of cellular phones from certain kinds of eavesdropping.
The news is a blow to those who would promote digital cellular telephones as highly secure systems, said Bruce Schneier of Minneapolis-based Counterpane Systems, one of the cryptographers who broke the code.
Breaking the code takes just minutes on a powerful desktop computer, Schneier said.
Schneier and his colleagues, John Kelsey of Counterpane and David Wagner from the University of California-Berkeley, said they broke one of three encryption systems used in the new generation of digital cellular phones. It is the scrambler that keeps eavesdroppers from being able to hear the signals sent from a telephone to the network, and is important for concealing any message punched into the telephone's keypad. This includes access codes for using long-distance cards, entering credit card numbers, voice mail codes and more.
One of the systems, which scrambles the voice signal, was broken in the early 1990s. The other cryptographic code cloaks the telephone's identifying system and prevents cellular telephone fraud. Schneier said his group had not broken that system yet, but said "we're working on it." The announcement does not affect the European digital cellular system, known as GSM, which has tougher security. That system is used in the newest phones, called personal communications services, or PCSs.
It has long been known that the older generation of cellular phones, which use analog technology, are vulnerable to eavesdropping by anyone with a radio scanner. Congress passed legislation making it illegal to manufacture or import scanners that pick up cellular frequencies, but modifying scanners to be able to pick up those frequencies is not difficult.
The lack of security in the analog cellular world has been driven home by several high-profile incidents involving overheard conversations of Britain's Princess Diana and House Speaker Newt Gingrich (R-Ga.).
Representatives of the cellular telephone industry have stated that the new generation of cellular phones incorporating digital technology is much more secure because it uses the zeroes-and-ones language of computers to relay information; if a conventional scanner picks up the signal, the listener will only hear a buzz.
But that buzz could conceivably be deciphered by anyone who is willing to run the signal through a digital system, and it is possible to connect cellular phones to computers for that purpose. So the industry added another layer of security by implementing encryption software that scrambles the digital signal. It did not release details of the computer code it developed, however. Cryptographers generally oppose secret "algorithms" because, they say, any truly robust cryptographic system can't be broken even if the method of encryption is known.
Yesterday's announcement by Schneier and colleagues shows that this added level of security is relatively weak. "The importance of this is it shows, yet again, that you don't do cryptograpy behind closed doors," Schneier said. "The only way to get security is through public review."
Cellular industry officials could not be reached last night for comment.
Cryptography is one of the most acrimonious high-technology issues for the Clinton administration. The science of scrambling messages is considered essential for guarding privacy in the digital age. But cryptography also can be used to hide misdeeds, and national security and law enforcement officials have long warned of the dangers of allowing virtually unbreakable encryption to spread through the world. The administration has attempted to restrict export of strong cryptography, and has promoted government-approved encryption methods that would allow law enforcement officials to break the codes in the course of authorized wiretaps.
Noting the deficiencies in analog phones, Schneier said the weak cryptographic system constituted another missed opportunity to provide consumers with privacy: "For the second time we blew our chance at getting strong security in cellular phones."
Advocates of strong cryptography have accused the administration of pressuring telephone companies to implement weak cryptographic systems so that the ability to wiretap would not be compromised; administration officials have denied any involvement in such talks.
Last night Schneier put the paper describing the cryptographic break on the Internet, though he did not include the actual code written to break the telephone system. He said in doing so he was not further endangering telephone security. "It's a bad algorithm whether we tell people about it or not . . . I believe I am educating people about the amount of privacy we already have," he said. "Maybe there'll be an outcry and it will be fixed."