Questions about the Interception of GSM Calls

How can my calls be intercepted on the way from the GSM base station to the provider’s network?

Not all GSM providers can afford to have ‘land lines’ connecting their antennas on the street with the switching station and the rest of the telephone network. If you have ever seen a GSM base station antenna mast, you might notice that some of them have little round ‘dishes’, or ‘beamers’ at the side of it. These are the directional antennas for the microwave links that provide the connection to the rest of the network.

Over these links, all calls made in the area are transmitted to a point where they are fed into landlines. These links are very vulnerable, because no encryption is used on most of them. An interceptor can tap into the radio signal, and listen in to many call simultaneously. Commercial equipment for this kind of interception is available on the market at moderate prices. Interception of microwave links is commonly used when targeting a fixed facility, like a competitor’s office building. Attacks on corporations can be quite effective with this method, since there is often a company standard for the network operator of choice, so just one intercepted microwave link could yield all mobile phone calls taking place in the facility.

Nothing more is required than a very small rooftop antenna in the path or vicinity of the microwave link, a wideband receiver and the appropriate channel demultiplexing and recording equipment. Embassies of foreign countries are known to use microwave link interception from their various premises to stay secretly informed on what is happening in their host country. Embassies are usually located near the business and government centers, so this kind of interception has the potential to yield substantial information. Since the antenna radiation patterns of the microwave links contain so called sidelobes, receiption of their signals with sensitive receivers is also possible outside the straight line of the link.

The NSA (National Security Agency, the electronic surveillance intelligence agency of the USA) is also known to have satellite-based microwave link interception capabilities. Since the directional microwave beam does not stop at the receiving antenna, but travels further on in the original direction, it can be intercepted from space with a satellite placed at the appropriate position.

GSMK CryptoPhones protect against this kind of interception.

What is this IMSI-catcher I keep hearing about?

An IMSI-catcher is a device that can be used to determine the electronic identities of all phones in its vicinity. Most IMSI-Catchers also come with the ability to listen into calls directly. The electronic identity consists of the so called International Mobile Subscriber Identity (IMSI), which is associated with your SIM card and the International Mobile Equipment Identifier (IMEI), which is the serial number of your phone. With the IMSI your calls can be easily identified at any point in the telephone network and targeted for interception and traffic analysis. An IMSI-catcher is frequently used if the attacker does not know the telephone number of the victim or wants to illegally intercept calls.

The IMSI-catcher performs a so called man-in-the-middle-attack, putting itself between you and the network. It is essentially a small GSM base station that forces your phone to use it instead of the real network, determines your IMSI, and can then be used to disable or degrade the GSM encryption mode while transmitting your call on to the legitimate network. This mode of operation allows the attacker to directly listen into your calls. He can also disable your phone service and intercept or fake SMS messages to and from your phone.

At this moment we know of many different companies producing IMSI-catcher devices, and the list is growing rapidly. For a company manufacturing GSM test equipment, developing IMSI-catchers is a trivial task. Examples of publicly available IMSI-catcher equipment also include regular laptops that are connected to a small portable ‘femtocell’ base station and running publicly available GSM network simulation software.

Even when IMSI-catchers are used by legitimate law-enforcement agencies, they frequently affect a high number of calls that are not their target. The resulting number of unintended intercepts is called “by-catch” and is frequently used for all sorts investigations, especially popular with tax authorities in some countries.

GSMK CryptoPhones protect against the interception of the call content with an IMSI catcher.

Who are the people that try to listen to my calls?

Telecommunications interception has developed into a major industry in the last decades. Intelligence agencies of all countries routinely try to intercept calls that might yield them political, economic or military information. Several large intelligence agencies, like the NSA together with the british GCHQ run global surveillance networks that work like a big hoover, sucking in huge amounts of telecommunication with a vast worldwide system of antennas, special satellites, undersea and land cable taps, backdoors in switching stations and any other means available. The biggest computer capacities on earth are subsequently used to evaluate the calls, SMS, emails and faxes based on complex sets of criteria, forwarding the ones matching specific criteria to human analysts and database storage.

Today even small countries run their own sprawling listening and monitoring stations. They also try to get access to the big players’ interception capabilities by trading them the access to bases, facilities and interception results. The targets of these listening networks are not very specific. More and more of the capabilities are being used for economic espionage, but of course also to further the more or less noble intentions of the nation states that paid for them. If you think that these systems are only used in rare cases where national security is at stake, you are wrong. Telecommunications surveillance has become a fairly routine method for intelligence agencies and governments to stay informed on anyone who is even remotely capable of interfering with political or business interests. A set of agreements between intelligence agencies makes sure that the local provisions that hinder them to listen to their own people are not of any consequence. If the NSA wants to listen to a US citizen it asks the British GCHQ to do the intercept and then put the results into a shared database used by both agencies.

Other potential listeners work at the various phone companies. All network operators have listening capabilities for the purpose of “network trouble shooting” and “fraud detection”. These capabilities have been used routinely by corrupt phone company employees for their personal gain, selling call data and contents to criminal elements and industry spooks.

Private investigators also routinely and illegally try to get access to calls by a variety of means, for purposes of industrial espionage, business intelligence and economic warfare between competing companies. Big corporations have often have their own capabilities for telecommunications interception, especially in high-risk fields such as oil, minerals, fishery, mergers & aquisition and investment banking, to name just a few.

Law enforcement agencies have in the last years acquired an ever-rising set of capabilities, with ever-shrinking restrictions on their use. In almost all cases of even legitimate lawful interception a significant number of innocent people also got caught in the dragnet of surveillance (so called “by-catch”). Even if state laws would have required the innocent people to be notified, this often does not take place. Legal oversight in most countries is poor at best and routinely circumvented using various pretexts. Trusting that law enforcement agencies use interception carefully and only under strictly warranted circumstances is no longer justified. The number of reports about abusive and excessive use of interception without proper cause and even for minor infractions is raising substantially.

Intercept systems for law enforcement are often designed in such a way as to make it impossible to perform independent reviews on the usage of the surveillance devices. Even simple statistics on the number of interceptions are routinely held secret. The interception technology for law enforcement is also frequently sold by rather dubious companies. Almost all of these manufacturers have strong ties to foreign intelligence agencies. Practically all lawful interception products contain remote maintenance facilities, so it must be assumed that they contain backdoors. Such a backdoor is of course an interesting bargaining chip on the international intelligence bazaar.

“Lawful interception” also means a very different thing from country to country. In a dictatorship or some other less then democratic state, it is frequently “lawful” to intercept anyone at will. The technology for interception is available on the open market and is widely deployed even in the poorest areas of the world. It would be naive to assume that the term “lawful interception” somehow automatically meant that the interception is performed under even the most basic legal oversight.

But GSM calls are encrypted! My provider tells me everything is fine!

First of all, the encryption in GSM is only used to protect the call while it is in the air between the GSM base station and the phone. During its entire route through the telephone network (which may again include wireless links) the call is not protected by encryption anymore.

Secondly, it has been shown over and over again that standard GSM encryption is not good enough to protect your calls. GSM providers claim there is no problem, because a proprietary set of encryption algorithms named A5 is used. They tend to forget to tell you that most varieties of A5 in current use are weak and that experts have proven time and time again that this encryption is by far not sufficient against a determined listener.

There a four modes of A5 encryption currently in use:

  • A5/0 means no encryption at all. Even in regular network operation this mode is used from time to time because of technical difficulties or outside interference. In certain countries network operators have been forced to switch back to A5/0 in times of “crisises”. Being between the GSM network and the phone the IMSI-Catcher can also direct telephones to use A5/0. Some network operators switch to A5/0 to save a little bit of bandwith in times of high network usage. The GSM specification requires phones to indicate to the user when crypto is set to A5/0, but there are several phones known not to comply with this requirement.
  • A5/1 is the encryption mode used in Europe and other western countries. It is a bit stronger than A5/2, but can still be broken with moderate resources that are available to any private attacker with sufficient determination.
  • A5/2 is the encryption mode used in Australia and several other countries worldwide. It has been broken time and again in realtime, on a standard personal computer. See our list of academic papers detailing the vulnerabilities.
  • A5/3 is the algorithm that will be introduced for the next generation of networks and phones. It is claimed to be stronger then A5/2, but A5/3, too, has been shown to be broken by leading academic researchers. Plus, of course, even with A5/3 you are still vulnerable to man-in-the-middle-attacks like with an IMSI-catcher and it still your call is encrypted only in the air, not on the telco network. Over the past few years we have seen mathematical breakthroughs reducing the amount of computer-time needed to decode GSM calls. Since the cryptographic algorithms in GSM are currently the most widely used crypto system on earth, it is a very tempting target for cryptographers and mathematicians. GSMK CryptoPhones protect against this kind of interception.

FAQ Sections:

  • General Questions about Cryptophone Products
  • Questions about interception of GSM Calls
  • Questions about Cryptophone technology
  • Questions about published source code
  • Questions about purchase and usage of Cryptophone Products