UK Guardian is reporting (emphasis added),
A German computer scientist has cracked the codes used to encrypt calls made from more than 80% of the world’s mobile phones.
Karsten Nohl [K: Nohl’s U of Virginia page] and his team of 24 hackers began working on the security algorithm for GSM (Global System for Mobiles) in August.
[…] Nohl claims that armed with the code, which has been published online, and a laptop with two network cards, an eavesdropper could be recording phone calls within 15 minutes.
“This shows that existing GSM security is inadequate,” Nohl told the Chaos Communication Congress, an international annual meeting of hackers taking place in Berlin this week.
Nohl insisted that he had deciphered the code to force the global telecommunications industry to upgrade its security.
Nohl told the Guardian that important negotiations involving politicians or business leaders could easily be intercepted and they should invest in further encryption software to protect their privacy. “If there is anything secret going on using GSM, this should be of concern.”
More report in NYT and The Register.
Anyone who cares about our communication security based on Cryptography should know that the only way to keep our communication secure is to conduct open and active research in the field where weakness and problems are dealt with in a prompt and appropriate manner. Security through obscurity is NOT an option, and if I were less diplomatic, I would say it is plain stupid to rely our treasured security on obscurity.
Posted in Cryptography, Math, Telecom, World 
