CAPEC-608: Cryptanalysis of Cellular Encryption

The use of cryptanalytic techniques to derive cryptographic keys or otherwise effectively defeat cellular encryption to reveal traffic content. Some cellular encryption algorithms such as A5/1 and A5/2 (specified for GSM use) are known to be vulnerable to such attacks and commercial tools are available to execute these attacks and decrypt mobile phone conversations in real-time. Newer encryption algorithms in use by UMTS and LTE are stronger and currently believed to be less vulnerable to these types of attacks. Note, however, that an attacker with a Cellular Rogue Base Station can force the use of weak cellular encryption even by newer mobile devices.

High

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

CAPEC-608: Cryptanalysis of Cellular Encryption

Overview

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Frequently asked questions

What is CAPEC-608?

How do you prevent CAPEC-608?

What weaknesses does CAPEC-608 target?

How severe is CAPEC-608?

References

Defend against CAPEC-608