GPRS-era GEA/1 was 'weak by design', still lingers in today's phones


Level 37
Feb 4, 2016
The GEA/1 encryption algorithm used by GPRS phones in the 1990s was seemingly designed to be weaker than it appears to allow eavesdropping, according to European researchers.

The algorithm was introduced in 1998 by the European Telecommunications Standards Institute (ETSI). It was supposed to provide 64-bit encryption for data traffic, such as emails and information fetched from the web. A paper just out by academics at Germany's Ruhr-Universität Bochum, with help from Norwegian and French experts, has found [PDF] that GEA/1 only really offered 40-bit encryption, by design, and the way encryption keys were subdivided made the system relatively easy to break if you knew how at the time.