Stingray warrant

John Newman jnn at synfin.org
Fri Nov 17 10:39:57 PST 2017 

On 2017-11-17 12:35, juan wrote:
> On Fri, 17 Nov 2017 08:47:13 -0500
> John Newman <jnn at synfin.org> wrote:
> 
>> On Thu, Nov 16, 2017 at 09:46:55PM +0000, jim bell wrote:
>> >
>> > Judge rules NYPD needed a warrant before using cell-site simulator
>> > https://www.yahoo.com/newsroom/vibes/news/v-dd323ebb-416a-3b40-b6ef-7e9c677f40d2_c-645869bc-ed23-32cb-b67d-15f65e240573_a-645869bc-ed23-32cb-b67d-15f65e240573
>> 
>> Speaking of stingrays, does anyone on the list have any good resources
>> to point to on building a DIY "stingray-like" device using OpenBTS?
>> For research only, of course!
> 
> 
> 	Do those things still work by forcing the phone to use an
> 	outdated unencrypted mode, or is the  Amazing Secure Protocol
> 	used by phones broken? Or maybe the cops simply have the keys?
> 
> 

I'm not sure, but a very brief look at the OpenBTS website showed that
there is a branch of the code that does support 3G these days.

The wikipedia article on "Stingray Phone Tracker" is actually pretty
interesting -

https://en.wikipedia.org/wiki/Stingray_phone_tracker

Relevant excerpt:



Interception of communications content[edit]

By way of software upgrades,[16][29] the StingRay and similar Harris
products can be used to intercept GSM communications content
transmitted over-the-air between a target cellular device and a
legitimate service provider cell site. The StingRay does this by
way of the following man-in-the-middle attack: (1) simulate a cell
site and force a connection from the target device, (2) download
the target device's IMSI and other identifying information, (3)
conduct "GSM Active Key Extraction"[16] to obtain the target device's
stored encryption key, (4) use the downloaded identifying information
to simulate the target device over-the-air, (5) while simulating
the target device, establish a connection with a legitimate cell
site authorized to provide service to the target device, (6) use
the encryption key to authenticate the StingRay to the service
provider as being the target device, and (7) forward signals between
the target device and the legitimate cell site while decrypting and
recording communications content.

The "GSM Active Key Extraction"[16] performed by the StingRay in
step three merits additional explanation. A GSM phone encrypts all
communications content using an encryption key stored on its SIM
card with a copy stored at the service provider.[30] While simulating
the target device during the above explained man-in-the-middle
attack, the service provider cell site will ask the StingRay (which
it believes to be the target device) to initiate encryption using
the key stored on the target device.[31] Therefore, the StingRay
needs a method to obtain the target device's stored encryption key
else the man-in-the-middle attack will fail.

GSM primarily encrypts communications content using the A5/1 call
encryption cypher. In 2008 it was reported that a GSM phone's
encryption key can be obtained using $1,000 worth of computer
hardware and 30 minutes of cryptanalysis performed on signals
encrypted using A5/1.[32] However, GSM also supports an export
weakened variant of A5/1 called A5/2. This weaker encryption cypher
can be cracked in real-time.[30] While A5/1 and A5/2 use different
cypher strengths, they each use the same underlying encryption key
stored on the SIM card.[31] Therefore, the StingRay performs "GSM
Active Key Extraction"[16] during step three of the man-in-the-middle
attack as follows: (1) instruct target device to use the weaker
A5/2 encryption cypher, (2) collect A5/2 encrypted signals from
target device, and (3) perform cryptanalysis of the A5/2 signals
to quickly recover the underlying stored encryption key.[33] Once
the encryption key is obtained, the StingRay uses it to comply with
the encryption request made to it by the service provider during
the man-in-the-middle attack.[33]





I don't know if modern phones are still vulnerable to the "GSM Active
Key Extraction" - haven't had more than a few moments to look at it.




> 
>> 
>> The last I recall, OpenBTS did not support 3G or above, and of course
>> has some fairly specific hardware requirements.. but I think there
>> are patches out there, maybe? I need to do some more current research
>> I suppose..
>> 

--
GPG fingerprint: 17FD 615A D20D AFE8 B3E4  C9D2 E324 20BE D47A 78C7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20171117/81544de4/attachment-0002.sig>

More information about the cypherpunks mailing list