A few weeks ago, I put up a post reporting that some security researchers were working to create rainbow tables to help crack GSM’s encryption, in an attempt to force GSM providers to increase the security of their networks. (If you haven’t read my earlier post you can read it here.)
Just to do a quick review. Many security researchers around the world have been frustrated with the level of security of GSM’s networks worldwide and have been encouraging GSM Providers to increase the security of their networks for sometime now. Having failed to get GSM providers to increase the security of their networks, security researches in Germany decided to instead concentrate on creating "rainbow tables" which could be used in the cracking of GSM’s Encryption.
Rainbow tables, for those that don’t know, are basically pre-computed encryption keys which are used in order to help speed up the cracking of encryption. Apparently, the creation of these keys are computationally difficult and time consuming, and so, to speed up cracking of encryption, you would instead opt to create a table or list of this pre-computed keys to then use later when you are trying to crack encryption.
The NY Times is reporting that this set of "rainbow tables" has been published and are now available via BitTorrent. The NY Times article also covers the G.S.M Associations opposition to this project, as they feel that what Karsten Nohl (the lead researcher on the project) did was border line illegal. Certainly, Karstens actions were close to the legal line, but he took provisions to insure he never crossed it.
In case you were wondering, its common practise for security researchers to go public with information on a potention security vulnerability after first giving plenty of warning to the vendor with the security vulnerability. We saw this several times over the last year. One instance that comes to mind was an iPhone vulnerability that would let someone take over your iPhone just by sending you a SMS message. The researcher in that case informed Apple and months later advertise that he would go public with the information at the Black Hat conference in order to force Apple to fix the problem.
Certainly, when researchers go public with information that a particular service or device, etc. is vulnerable it puts everyone using that service, etc. at risk, but the truth is they were at risk regardless. If the security researcher was able to find this problem, someone else with not so good intentions could have found it also. So by going public the researcher puts no doubts in the mind of the provider of the service that their vulnerability is known to the bad guys and thus they must fix the problem. I have to agree with Karstens actions. Its not his fault if GSM providers won't fix the problem.
Lets just hope that they take the threat seriously and just fix their systems.