Smart Cards: Cell Phone Security Break Becomes a Reality Check

A breach in cellular telephone security is sending some shudders through the smart card community.

As in past flareups of concern about data encryption breaks, expert opinion is that the damage is containable and widespread disaster is nowhere in sight.

But such news does bring home the reality that no method of digital security is airtight.

"We have always said smart cards are tamper-resistant, not tamper- proof," said William J. Barr, president of the Smart Card Forum, which has members in banking, telecommunications, and virtually every other industry with an interest in chip cards.

"A well-motivated, talented, and resourced adversary is likely to be able to break whatever security you put on the card," he said, and the onus is on engineers to anticipate attacks and design systems so that they minimize damage.

The Smartcard Developer Association of Pleasant Hill, Calif., said April 13 that two researchers from the University of California, Berkeley, had found a way to break an encryption code used for GSM telephones.

GSM - groupe speciale mobile in French, but often translated "global system for mobile (telecommunications)" - is a wireless-phone standard particularly popular in Europe that requires the issuance to users of a smart card called a SIM, or subscriber identification module.

Some 80 million GSM digital cell phones are in use worldwide. They include a minority of the 58 million remote phones in the United States, the developer association said. SIM cards are a major product of smart card makers like Gemplus Corp. of France, the biggest, which has said it supplies cards for a million U.S. phones.

The smart card developer group discovered the secret algorithms used in SIMs and cell phones, said director Marc Briceno. It called in Berkeley cryptography experts Ian Goldberg and David Wagner, who within a day of trial-and-error probing found an allegedly fatal flaw in the SIM.

It indicated a risk of cloning, enabling the secret inside the SIM to be duplicated and used in another phone. Digital cellular marketers have claimed these devices cannot be cloned.

The North American GSM Alliance, which represents suppliers such as BellSouth Mobility and Pacific Bell Mobile Services, retorted late last week that laboratory duplications of SIM cards are nothing new and do not imply a widespread vulnerability. No GSM handset has been cloned since the technology came on the market in 1992, the group said, and in contrast with other wireless technologies, GSM makes the more realistic violation of over-the-air eavesdropping "nearly impossible."

The brewing debate is reminiscent of what followed reports in fall 1996 that researchers at Bellcore had found a problem in the chips used for Mondex electronic cash cards - a striking claim in view of the Mondex organization's publicity about security.

A Mondex defender, consultant Jerome Svigals of Redwood City, Calif., said, "Don't be deluded into thinking that any attack on one system component overcomes the security of the integrated system."

Mr. Barr, who works for Bellcore in Morristown, N.J., said, "A good designer will engineer the system so that a break at any point in it will compromise only the point of the break and not the entire system." The "good news" about GSM, he said, was that the damage is to a single phone, not an entire network, and cards can be cheaply reissued. "The bad news was that the cryptography turned out to be that straightforward to break."

Cryptographers are buzzing about the academics' discovery that 10 of the 64 bits available for the encryption key were constant. Some are wondering if it was part of a government plot to keep the keys breakable; many others don't want to touch that subject.

Mr. Barr said that absolute claims about encryption security invite attacks, and that scientific scrutiny encourages testing and improvements. GSM may have suffered on both counts.

"There is no way we would have been able to (break the code) so quickly if the design had been subjected to public scrutiny," Mr. Wagner said.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER