Leaked Snowden documents that Washington Post has published, show that the US National Security Agency (NSA) breaks one of the encryption standards that are used to protect cell phones from eavesdropping.
It is the A5/1-encryption standard which can be broken, a standard which is used by many cell phone users both in Norway and the rest of the world.
Here is the story about how the A5/1-encryption standard is much weaker than it probably could have been.
Experts from all over Western Europe came together in 1982 to build a new system for mobile telephones. The system was realised 10 years later, and is the one we now call GSM.
Jan Arild Audestad has been an employee of Telenor in many years and has also been a professor at Gjøvik Universty College and the Norwegian University of Science and Technology.
“Originally we proposed that the encryption key length should be 128 bit, because we knew little about cryptographic systems, and how secure they were. The request was that the keys and algorithms should be secure at least for 15 years after the installation,” Audestad tells.
But why was the result not 128 bit? The A5/1-encryption is still only 54 bit.
Audestad says that the British were not very interested in having a strong encryption. And after a few years, they protested against the high security level that was proposed.
“They wanted a key length of 48 bit. We were very surprised. The West Germans protested because they wanted a stronger encryption to prevent spying from East Germany. The compromise was a key length of 64 bit – where the ten last bits were set to zero. The result was an effective key length of 54 bit.”
Aftenposten has spoken to several people who together with Audestad co-operated on building the GSM network.
One of them is Peter van der Arend from Netherlands. He tells Aftenposten how he fought with the British about this case.
“The British argued that the key length had to be reduced. Among other things they wanted to make sure that a specified Asian country should not have the opportunity to escape surveillance.”
Thomas Haug, who was one of the most central persons in the making of GSM, also says that he was put pressure on by the British.
“I was told by a British delegate that the British secret services wanted to weaken the security so they could eavesdrop more easily.”
The British security researcher Ross Anderson has written about some of the aspects of the story Aftenposten now brings.
In the book Security Engineering he wrote that there were weaknesses in the first GSM encryption because several of the European intelligence agencies pushed for weaker security.
One other thing that was put in the GSM specification, after demands from some countries, was that the encryption could be turned off, without the cell phone user knowing.
Michel Mouly from France, one of the other central people in the making of GSM, tells us that he has seen the encryption in the GSM network turned off.
He will not say which countries, but it was not in any Western European countries.
Aftenposten has not been able to get comments from any British who were involved in the work with GSM security. Neither have we got any British authorities to answer for the claims. We have contacted Ofcom, Home Office og Foreign & Commonwealth Office.