New report finds early cell phone encryption algorithm was intentionally weakened by design
In cursory: Researchers from universities across Europe recently published a paper in which they speculated that a weakness uncovered in the GEA-1 encryption algorithm wasn't by risk. Turns out, they were right.
As Vice highlights, GEA-1 was used to encrypt jail cell telephone data primarily in the 1990s and 2000s. The algorithm was originally said to offer full 64-bit security simply in their cryptanalysis, the team constitute that its security was limited to just 40-bit, by pattern.
In its paper, the team said they obtained the proprietary GEA-1 and GEA-2 algorithms from a source that wished to remain anonymous. This allowed them to conduct a full assay and detect the weakness, which seemed "unlikely to occur by chance."
An assailant with the ability to intercept jail cell telephone information traffic could have exploited the weakness to decrypt all messages in a session.
Vice reached out to the organization that designed GEA-1, the European Telecommunications Standards Institute (ETSI). In an e-mailed statement, a spokesperson admitted that the algorithm did contain a weakness, but that information technology was introduced considering it had to exist.
"We followed regulations: we followed export control regulations that express the force of GEA-ane," the spokesperson said.
The export regulations the spokesperson mentioned were common at the time. Co-ordinate to The Annals, France had 1 such rule in place that banned anything over 40-bit encryption.
"To meet political requirements, millions of users were apparently poorly protected while surfing for years," said HÃ¥vard Raddum, a researcher that worked on the paper.
The result here, of class, is the fact that the GEA-1 standard made no mention of any export restrictions at the fourth dimension.
The team additionally institute that the GEA-two algorithm was also susceptible to attack, admitting through a more technical arroyo. Fortunately, neither standard is widely used as newer algorithms are at present preferred. However, some countries and networks patently even so rely on so as a fallback.
Image credit Konstantin Katuev, gonin
Source: https://www.techspot.com/news/90107-new-report-finds-early-cellphone-encryption-algorithm-intentionally.html
Posted by: guoarron1960.blogspot.com
0 Response to "New report finds early cell phone encryption algorithm was intentionally weakened by design"
Post a Comment