A practical attack on the GSM network encryption creating rainbow tables with CUDA


This tool is currently Linux only. Linux binaries (32 and 64 bit) are provided. Cuda 2.3 or later is needed.

They expect 200 CUDA equipped PCs to generate a full set of rainbow tables within about six weeks. The rainbow table supports a known plaintext attack, because some bits in GSM communications are extremely predictable. This in turn allows the attacker to reverse look up the used crypto key in the rainbow table.

This makes it relatively easy to attack all communications on GSM networks within minutes, including intercept of text messages (SMS), voice and data calls. The equipment needed would be affordable (~$1000) and the attack could be a passive one.

The challenge is to compute a complete set of rainbow tables in finite time. Cuda to the rescue.

I was able to compile the program from source, but I am not quite sure what to do with the results (tables) computed by the program. The project has a mailing list where people can ask questions.

I believe their plan is to set up a distributed rainbow table query scheme, peer to peer style. It would be quite impractical to store the entire (HUGE) table on one site only. UPDATE: And some cellular service providers might want take down such a site ASAP - there have been threats against similar previous projects, preventing disclosure of such tables.


Some more info:

They expect you to compute about 380000000 “chains” with the app, and on my machine each chain requires 16 byte of storage.
You’ll be requiring 5798 MB of storage to hold this data (about 6 GB).

When done, the project needs you to allow access to this data via BitTorrent, and optionally you can set up a distributed query client to allow remote parties to search your part of the database. When you have more powerful GPUs, you can of course compute more than one of these 6GB databases. You can request unique parameters for each database from their web site.

On a GTX 260 it should take little more than 30 days to compute this amount. The work can also be split among several GPUs, where each GPU computes a fraction of the 380000000 chains.


That is so clever… using BT as a distributed database. Wow! It would work perfectly, too.

Not really related, but it looks like there’s a new practical computational attack on WPA wifi encryption now. Details next month at the CRATIC conference.