GCHQ and NSA Collaborate to Steal the Keys to Your Cellphone

By Nadia Kayyali
EFF.org
Feb. 20, 2015

Anyone interested in privacy and security should think twice about their cell phone dependence right now. That's because today, The Intercept revealed that British spy agency GCHQ led successful efforts to hack into the internal networks of Gemalto, "the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications" made on the world's largest telecommunications carriers, including "AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world."

In other words, for millions or even billions of users around the world, global cellular communications are about as secure from GCHQ and NSA as an FM radio broadcast.

Here's how it works. As The Intercept explains:

The privacy of all mobile communications -- voice calls, text messages and Internet access -- depends on an encrypted connection between the cellphone and the wireless carrier's network, using keys stored on the SIM, a tiny chip smaller than a postage stamp, which is inserted into the phone. All mobile communications on the phone depend on the SIM, which stores and guards the encryption keys created by companies like Gemalto.

So, under normal circumstances, when a mobile call, text, or other communication is made, that communication is encrypted as it travels through the air from a mobile device to a carrier's tower. At that point, even if the communication was intercepted by a third party (like the NSA or Iran or the local mafia), it would be encrypted and (generally speaking) indecipherable. But anyone who has obtained the encryption key (known as a Ki) for a particular wireless user could use it to decrypt that communication.

To make matters worse, because of how Kis operate, any previously obtained encrypted communications can be decrypted later once anyone obtains the correct Ki. As the Intercept notes,

if an intelligence agency has been "passively" intercepting someone's communications for a year and later acquires the permanent encryption key, it can go back and decrypt all of those communications.

This type of interception leaves "no trace on the wireless provider's network" or on an individual users device. In short, GCHQ and NSA have obtained the master keys--literally and figuratively--to unlock millions, if not billions, of the world's mobile devices.

While today's disclosure is bad news for global privacy, there is still some good news. As The Intercept article points out, there are alternatives to relying on Ki encryption. And if you'd like to install them, EFF has created easy-to-use guides as part of our Surveillance Self-Defense project:

Signal for iPhone, and it's Android counterpart RedPhone, are free mobile phone applications that allows users to make phone calls using end-to-end encryption using their data connection. It works much like the normal call interface users are familiar with.

TextSecure for Android is a messaging app for Android that allows users to send messages with their mobile phone using end-to-end encryption. It can replace your phone's native SMS program. While TextSecure is only for Android, Signal will be expanded this year to allow iPhone users to also send encrypted text messages.

These are just two of the many tools available for secure messaging. Our Secure Messaging Scorecard examines dozens of messaging technologies and rates each of them on a range of security best practices.

Of course no method is foolproof. But, as documents published by Der Spiegel in December show, it appears that, as of 2012, the NSA had yet to crack the encryption provided by these technologies. And that, at least, is good news.