Our most popular phone technologies use decade-old proprietary cryptography. GSM's 64bit A5/1 cipher, for instance, is vulnerable to time memory trade-offs but commercial cracking hardware costs hundreds of thousands of dollars. We discuss how cryptographic improvements and the power of the community created an open GSM decrypt solution that runs on commodity hardware. Besides GSM we discuss weaknesses in DECT cordless phones. The talk concludes with an overview of mitigation steps for GSM and DECT in response to our research, some of which are already being implemented.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.