06 January 2010

Eavesdropping on GSM phone calls

The Dutch Government has released a fact sheet (Dutch only) about the possibility that GSM phone calls can be decrypted in the future. It looks like it will be possible to decrypt a GSM phone calls in a matter of days or even in real time when the right details are published.

The most important facts are:

  • The algorithm used to secure the wireless GSM communications is not safe enough anymore.
  • Third parties can intercept, decode and monitor GSM communications. SMS / text messages can also be read.
  • For confidential calls use mobile phones set to use UMTS technology (only) or consider the use of crypto phones.
  • Perform a risk analysis when authentication involving SMS / text messages is used.  Consider the implementation of additional security measures.

With my current setup (HTC Touch HD, T-Mobile GSM voice and Internet subscription, GSM and UMTS capable) I would use Skype to add an extra layer of encryption over my phone call.

No comments:

Post a Comment