High Graphics | BBC SPORT>>
Front Page | World | UK | UK Politics | Business | Sci/Tech | Health | Education | Entertainment | Talking Point | AudioVideo |

BBC News Online: Sci/Tech

Tuesday, 14 May, 2002, 08:24 GMT 09:24 UK

Clone attack on mobile phones


Mobile phone keypad, BBC
People advised to keep their phone with them at all times
Scientists have found a way to copy vital information inside a mobile phone in 60 seconds.

When used to make calls with another handset, this identifying information would mean the bill being charged to the phone from which it was stolen.

Using this new technique also means that the identifying data can be stolen and copied in a fraction of the time other attacks took to grab the info.

The team of researchers that developed the attack have also found ways for handset makers to stop criminals using the same approach.

Quick copy

Before now, copying, or cloning, a handset typically took about eight hours.

By contrast, the method developed by a team of engineers from IBM and the Swiss Federal Institute of Technology takes barely a minute to capture the data.

Many "crackers" attempt to unscramble, or decrypt, data by repeatedly trying all possible variations of the numerical keys used to scramble information.

By contrast, the IBM team used a much more subtle attack.

Time clues

The researchers gained valuable information about the numerical key a phone uses to uniquely identify its owner by watching how the chip inside the phone processes information.

The team got clues about the unique ID number by timing how long the chip took to complete certain tasks and by measuring changing current flows across the chip.

Taken together, information about the duration of tasks and the voltage pattern they generated revealed what was being done to the numerical key.

The researchers report that chips can be protected against these attacks by making sure all computational tasks take the same amount of time or by changing the way that a chip carries out certain computations.

Phone protection

The four researchers - Josyula Rao, Pankaj Rohatgi, Helmut Scherzer from IBM and Stefan Tinguely from the Swiss Institute - will be presented at the 2002 IEEE Symposium on Security and Privacy being held in Oakland, California, US, this week.

At the same conference, renowned cryptographer Ross Anderson from the University of Cambridge, UK, will present a separate paper that details another method of protecting against such attacks.

Professor Anderson's technique involves obscuring what the chip is doing by changing the way the steps of the computation are turned into voltages.

Mobile users can also protect themselves against the possibility of such an attack by ensuring they keep their phone with them and refusing to lend it to strangers.

Related to this story:
How to hack your mobile phone (03 May 02 | Sci/Tech) Stolen mobiles to be made 'unusable' (24 Feb 02 | UK) New law on mobile phone theft (03 May 02 | UK) Spies attracted to the light (09 Mar 02 | Sci/Tech) Security hole in cash machines (09 Nov 01 | Sci/Tech)

Internet links: IBM Research | IEEE Symposium on Security and Privacy | Ross Anderson | Mobile Phones (BBC Hot Topics) | IBM Internet Security Group |
The BBC is not responsible for the content of external internet sites
High Graphics | BBC SPORT>>
Front Page | World | UK | UK Politics | Business | Sci/Tech | Health | Education | Entertainment | Talking Point | AudioVideo |

Back to top | BBC News Home | BBC Homepage | ©