The fact that current GSM encryption is flawed and quite easy to be hacked has been known for a very long time by conspiracy theorists everywhere. Especially since in this current day and age, you cannot help but be or feel a little paranoid about at least one thing in your life. “Oh my God, there are microphones in my shower. My cereals are microscopic robots out to find out how I lost so much weight! Someone is tapping my mobile phone.”

Believe it or not, someone really might be tapping your phone and this is why California-based security firm H4RDW4RE has started a program that, it says, will make the cracking of the A5/1 encryption standard used to secure GSM traffic, a cinch. I don't know whether you're aware of this or not, but every time you make a phone call, the GSM network uses a secret 64-bit key inside your cellphone (and known by the GSM network as well) to create a session key to encrypt your phone call.

The 64-bit part refers to the complexity of the initial key and in extension, the encryption that follows. What H4RDW4RE is attempting is fairly simple, actually. It takes the A5/1 128-petabyte code book and compresses it so as to reach the size of about 2 or 3 TB of data. Then, it organizes it into rainbow tables, which it searches via a Peer to Peer (P2P) open-source program such as SETI@home in order to cipher session keys. They will then use the session keys to decrypt our phone calls. How sneaky!

What H4RDW4RE is trying is to literally convince GSM vendors to admit the fact that A5/1 encryption is flawed and easily hackable and thus upgrade to the A5/3 code book, sporting a 128-bit cipher, such as the one UMTS technology uses. I wouldn't mind if it succeeded and managed to convince vendors to change encryption. I am not oblivious to the fact that a resourceful hacker will always find ways to hack any encryption we think of but why make it easy for them?


We are just a few, but there are many of you, Softpedia users, out there. That's why we thought it would be a good idea to create an email address for you to help us a little in finding gadgets we missed. Interesting links are bound to be posted with recognition going mainly to those who submit. The address is .