NSA spies on carriers to break call encryption, report suggests

The NSA spies on the internal emails and documents of major mobile carriers and their industry body, the GSM Association, according to an article published Thursday by The Intercept.

According to the piece, the spy agency is or was running a program called AURORAGOLD, which involved targeting the GSMA in order to find or even create weak spots in carriers’ network technology. If this is the case, it may be yet another example of the foolhardy breaking of widely used security mechanisms in ways that other spies and criminals can potentially also exploit.

The GSMA’s “IR.21” documents are shared between carriers to allow customers to roam internationally between their networks. According to the NSA documents published by The Intercept, IR.21s provide valuable information about new technology that the carriers are using, helping spies to figure out how to “discover vulnerabilities,” “introduce vulnerabilities where they do not yet exist” and find threats to the spies’ existing surveillance methods.

The GSMA is also a hub for the development of new cellular privacy technology. Worryingly, the article suggests that the AURORAGOLD program may have aided NSA attempts to crack A5/3, a type of encryption for cellular communications. Earlier stories based on the Snowden leaks indicated that the NSA has already cracked the older and weaker — but widely used — A5/1 cipher.

It’s not entirely clear whether or not the NSA and GCHQ have had success in cracking A5/3 yet, but some experts are worried:

As the piece noted, the U.K.-based GSMA receives funding from the U.S. National Institute of Standards and Technology (NIST), which has already had to warn companies off using one of its own security standards because Snowden’s leaks indicated the NSA had tampered with it.

GSMA spokeswoman Claire Cranton told me by email: “We are aware of the Intercept story and are currently investigating the claims made in the piece. We are unable to offer any further comment at this time.”

And GSM Shall Rule Them All

GSM-based technologies account for a whopping 81 percent of the world’s 4 billion mobile subscriptions, according to numbers released today by Wireless Intelligence. Coming in as the runner-up is Qualcomm’s (s QCOM) CDMA, with 10 percent of the world’s subscribers, 100 million of whom are in North America.

The research firm, which is owned by the GSM Association, also predicts that by 2010 there will be 5 billion mobile phone subscribers, connecting the world far more easily than efforts to give each child or person a PC. The world added the last 1 billion subscribers between the third quarter of 2007 and the end of 2008, making mobile phone subscription growth a bright spot in dark times.


Data Shows That 3G Still Has Room to Grow

We’re pretty darn future-focused on 4G technologies over here, with LTE and WiMax dominating a lot of our coverage. But sometimes it’s good to check in with what we’ve already got, so we pulled some numbers on wireless broadband in the U.S. and the world. The data shows that the early deployments of EV-DO (CDMA variant of 3G) networks by Verizon Wireless and Sprint back in the early 2000s kept it ahead of rival GSM standards in the U.S., but shows that all variants of 3G have room to grow on a worldwide basis.

Data released by the GSM Association counted 50 million HSPA 3G subscribers in the world at the end of June, up from 11 million at the same time last year. As T-Mobile rolls out its HSPA network in the coming months and more folks buy iPhones, those numbers will continue to grow.

On the CDMA side, Chetan Sharma Consulting tracked 115 million CDMA 3G subscribers worldwide and 65 million in the U.S., current as of July 2008. HSPA networks have a theoretical download speeds of up to 7.2 Mbps vs 3.1 Mbps on the latest CDMA technology. Ironically, as AT&T and T-Mobile ramp up their 3G deployments, Verizon and Sprint are working on their 4G plans. Verizon is going down the LTE route, while Sprint is moving down the WiMAX path.

chart compiled by GigaOM with data from GSMA and Chetan Sharma Consulting