| Name | Cryptanalysis of Cellular Encryption |
| Summary | The use of cryptanalytic techniques to derive cryptographic keys or otherwise effectively defeat cellular encryption to reveal traffic content. Some cellular encryption algorithms such as A5/1 and A5/2 (specified for GSM use) are known to be vulnerable to such attacks and commercial tools are available to execute these attacks and decrypt mobile phone conversations in real-time. Newer encryption algorithms in use by UMTS and LTE are stronger and currently believed to be less vulnerable to these types of attacks. Note, however, that an attacker with a Cellular Rogue Base Station can force the use of weak cellular encryption even by newer mobile devices. |
| Prerequisites | None |
| Solutions | Use of hardened baseband firmware on retransmission device to detect and prevent the use of weak cellular encryption. Monitor cellular RF interface to detect the usage of weaker-than-expected cellular encryption. |
| Related Weaknesses |
| CWE ID | Description |
| CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
|
