(Press-News.org) The encryption algorithm GEA-1 was implemented in mobile phones in the 1990s to encrypt data connections. Since then, it has been kept secret. Now, a research team from Ruhr-Universität Bochum (RUB), together with colleagues from France and Norway, has analysed the algorithm and has come to the following conclusion: GEA-1 is so easy to break that it must be a deliberately weak encryption that was built in as a backdoor. Although the vulnerability is still present in many modern mobile phones, it no longer poses any significant threat to users, according to the researchers.
Backdoors not useful according to researchers
"Even though intelligence services and ministers of the interior understandably want such backdoors to exist, they are not at all useful," says Professor Gregor Leander, Head of the Workgroup for Symmetric Cryptography. "After all, they are not the only ones who can exploit these vulnerabilities, any other attackers can exploit them as well. Our research shows: once a backdoor is implemented, it is very difficult to remove it." Accordingly, GEA-1 should have disappeared from mobile phones as early as 2013; at least that's what the mobile phone standards say. However, the research team found the algorithm in the current Android and iOS smartphones.
For the study, a team led by Dr. Christof Beierle, Dr. David Rupprecht, Lukas Stennes and Professor Gregor Leander from RUB collaborated with colleagues from Université de Rennes and Université Paris-Saclay as well as the French research institute Centre Inria de Paris and the Norwegian research institute Simula UiB in Bergen. The team will present its findings at the Eurocrypt conference in October 2021. The paper has been available online since 16 June 2021.
The project was embedded in the Bochum Cluster of Excellence CASA - short for Cyber Security in the Age of Large-Scale Adversaries -, which aims at enabling sustainable IT security against large-scale attackers, most importantly national states.
Lottery win more likely than weak code being a coincidence
The IT security experts received the GEA-1 and GEA-2 algorithms from a source who wishes to remain anonymous and verified their authenticity in the first step. The ciphers had been used to encrypt data traffic over the 2G network, for example when sending emails or visiting websites. The researchers analysed how exactly the algorithms work. They showed that GEA-1 generates encryption keys that are subdivided into three parts, two of which are almost identical. Due to their architecture, these keys are relatively easy to guess.
According to the Bochum-based team, the properties that render the cipher so insecure can't have happened by accident. "According to our experimental analysis, having six correct numbers in the German lottery twice in a row is about as likely as having these properties of the key occur by chance," as Christof Beierle illustrates.
GEA-2 algorithm likewise weak - but unintentionally so
The IT experts also scrutinised the GEA-2 algorithm. It is hardly more secure than GEA-1. "GEA-2 was probably an attempt to set up a more secure successor to GEA-1," assumes Gregor Leander. "GEA-2 was hardly better, though. But at least this algorithm doesn't seem to be intentionally insecure."
The encryptions that GEA-1 and GEA-2 produce are so weak that they could be used to decrypt and read live encrypted data sent over 2G. Today, most data traffic is sent over the 4G network, also called LTE. Moreover, the data is now protected with additional transport encryption. Therefore, the researchers assume that the old vulnerabilities that still exist no longer pose a serious threat to users.
Manufacturers don't adhere to standards
Originally, GEA-1 must not be implemented in mobile devices since 2013. "The fact that it is still happening shows that manufacturers are not following the standard properly," explains David Rupprecht. Through the mobile phone association GSMA, the Bochum-based group contacted the manufacturers before publishing their data to give them the opportunity to remove GEA-1 through software updates. In addition, they contacted ETSI, the organisation responsible for telecommunications standards, to also remove GEA-2 from phones. In the future, - so ETSI's decision - smartphones should not support GEA-2 anymore.
INFORMATION:
ENVIRONMENT Diesel-polluted soil from now defunct military outposts in Greenland can be remediated using naturally occurring soil bacteria according to an extensive five-year experiment in Mestersvig, East Greenland, to which the University of Copenhagen has contributed.
Mothballed military outposts and stacks of rusting oil drums aren't an unusual sight in Greenland. Indeed, there are about 30 abandoned military installations in Greenland where diesel, once used to keep generators and other machinery running, may have seeped into the ground.
This is the case with Station 9117 Mestersvig, an abandoned military airfield ...
These findings were published in the journal Cellular and Molecular Life Sciences on 8 June 2021.
Huge splicing diversity in the brain
The human genome was sequenced around 20 years ago. Since then, the sequence information encoding our proteins is known - at least in principle. However, this information is not continuously stored in the individual genes, but is divided into smaller coding sections. These coding sections, also known as exons, are assembled in a process called splicing. Depending on the gene, different exon combinations are possible, which is why they are referred to as different or ...
With increasing vaccination rates and decreasing numbers of infections, the population's feeling of safety is also rising. As the results of the 37th edition of the BfR-Corona-Monitor, a regular survey conducted by the German Federal Institute for Risk Assessment (BfR), show, the majority of the population in Germany thinks it can control its risk of an infection well. "62 percent are confident that they can protect themselves from an infection with the coronavirus," says BfR-President Professor Dr. Dr. Andreas Hensel. "We see that the feeling of safety has increased considerably. ...
Chinese researchers have recently discovered links between reduction in microbial stability and soil carbon loss in the active layer of degraded alpine permafrost on the Qinghai-Tibet Plateau (QTP).
The researchers, headed by Prof. CHEN Shengyun from the Northwest Institute of Eco-Environment and Resources (NIEER) of the Chinese Academy of Sciences (CAS), and XUE Kai from University of Chinese Academy of Sciences, conducted a combined in-depth analysis of soil microbial communities and their co-occurrence networks in the active permafrost layer along an extensive gradient of permafrost degradation.
The QTP encompasses the largest extent of high-altitude mountain ...
Greater Helsinki -- Transitioning to low-carbon energy production is the biggest climate challenge to overcome. Many countries are already looking to adopt clean heating solutions more widely, with the International Energy Agency projecting that by 2045 nearly half of global heating will be done with heat pumps. To ensure speedy uptake, governments are likely to offer subsidies to ensure these energy-efficient options actually make their way into homes and offices.
A new study from Aalto University assesses the impact of heat pumps on energy consumption as well as how ...
Research published in the journal ACS Materials and Interfaces has provided new understanding of how false-negative results in Lateral Flow Tests occur and provides opportunity for simple improvements to be made.
Lateral Flow Devices were introduced late in 2020 on a global scale to help detect novel coronavirus infection in individuals, with test results produced rapidly in half an hour or less. However, their potential has been somewhat hindered by inadequate sensitivity, with a high number of false-negative results.
Using X-ray fluorescence imaging from Diamond Light Source, researchers from King's College London ...
Researchers from the University of Kent's School of Psychology have found that when people are presented with the idea of a Covid-19 "immunity passport", they show less willingness to follow social distancing and face covering guidelines. However, this willingness seems to return when people read more cautious information about Covid-19 immunity.
PhD students Ricky Green and Mikey Biddlestone and Professor Karen Douglas asked participants from the UK and USA to imagine they had either recovered from Covid-19 or were currently infected. Participants asked to imagine ...
Several different causes of ageing have been discovered, but the question remains whether there are common underlying mechanisms that determine ageing and lifespan. Researchers from the Max Planck Institute for Biology of Ageing and the CECAD Cluster of Excellence in Ageing research at the University Cologne have now come across folate metabolism in their search for such basic mechanisms. Its regulation underlies many known ageing signalling pathways and leads to longevity. This may provide a new possibility to broadly improve human health during ageing.
In recent decades, ...
In an international study published by the journal Environment International, the University of Surrey led an international team of air pollution experts in monitoring pollution hotspots in 10 global cities: Dhaka (Bangladesh); São Paulo (Brazil); Guangzhou (China); Medellín (Colombia); Cairo (Egypt); Addis Ababa (Ethiopia); Chennai (India); Sulaymaniyah (Iraq); Blantyre (Malawi); and Dar-es-Salaam (Tanzania).
Surrey's Global Centre for Clean Air Research (GCARE) set out to investigate whether the amount of fine air pollution particles (PM2.5) drivers inhaled is connected to the duration drivers spend in pollution hotspots and socio-economic indicators such ...
2 June 2021, Singapore - The human fetal immune system begins to develop early during gestation, however, factors responsible for fetal immune-priming remain elusive. Using multiple complementary approaches, Dr Florent Ginhoux from A*STAR's Singapore Immunology Network (SIgN), Professor Jerry Chan from KK Women's and Children's Hospital (KKH), Professor Salvatore Albani from the SingHealth Duke-NUS Translational Immunology Institute, with collaborators from Cambridge University explored potential exposure to microbial agents in-utero. The team identified live microbes across fetal organs that stimulate activation of fetal T-cells during the second trimester of gestation. Study published in scientific journal, Cell, on 24 June 2021.
The team profiled microbes ...
