How GCHQ kept the world’s cellphones insecure

Who says the Britain doesn’t have global influence? In the 80s we managed to hobble cellphone encryption so that our spies could listen in on calls. That’s according to Norway’s Aftenposten newsletter, which talked to 4 people involved in developing mobile communications systems in the 1980s.

A European working group designed the encryption system. They had to choose how long to make the keys — the more bits, the more secure it would be. The experts proposed a reasonably-strong 128 bits, but encountered unexpected opposition:

The British were not very interested in having a strong encryption. And after a few years, they protested against the high security level that was proposed. They wanted a key length of 48 bit. We were very surprised.

Why would Britain want a less secure system? To spy on Asia, it seems. According to two sources, “the British secret services wanted to weaken the security so they could eavesdrop more easily“:

The British argued that the key length had to be reduced. Among other things they wanted to make sure that a specified Asian country should not have the opportunity to escape surveillance.

This fits with the understanding which has been put together by security experts, often baffled by the weakness of GSM encryption. Cambridge academic Ross Anderson wrote in 1994:

Indeed, my spies inform me that there was a terrific row between the NATO signals agencies in the mid 1980’s over whether GSM encryption should be strong or not. The Germans said it should be, as they shared a long border with the Evil Empire; but the other countries didn’t feel this way. and the algorithm as now fielded is a French design.

Incidentally, Anderson also gets in the kind of anti-Murdoch swipe which was as relevant then as now, suggesting that somebody might “break the Royal Family’s keys for sale to News International

Leave a Reply

Your email address will not be published. Required fields are marked *