Elliptic Confirms GSM Mobile Phone Security Flaw

Update: Synopsys Expands Security Solutions with Acquisition of Elliptic Technologies (June 29, 2015)

January 12, 2010, Ottawa, Canada:  Security expert, Elliptic Technologies has confirmed that a flaw in GSM mobile phones used by hundreds of millions of people world wide allows decryption of voice conversations and eavesdropping on calls.

GSM World has said that the attack is not viable in real world networks but Elliptic Technologies’ review finds that GSM networks based on the A5/1 and A5/3 ciphers are vulnerable. Elliptic security experts recommend that users NOT discuss sensitive topics when using GSM phones.

Newer generations of GSM networks (3GPP/LTE) do not have these vulnerabilities and feature an improved security design. Elliptic has also recommended that users upgrade to the newer generation of GSM phones and networks.

Elliptic’s article on the subject is in its most recent issue of Standards Watch.  The issue also includes an article on another recently discovered SSL/TLS vulnerability.

To view the Standard’s Watch publication. www.elliptictech.com

About Elliptic

Recently ranked as the fastest growing provider of security semiconductor IP by Gartner, Elliptic licenses semiconductor intellectual property (IP) cores and middleware for secure communications ranging from low power to multi-gigabit per second implementations.  Elliptic SIP cores enable system-on-chip designers to efficiently balance power, performance and silicon area in complex security-based systems.  Demanding customers in markets such as wireless, storage, content distribution, implantable medical devices and high performance communications trust Elliptic IP cores. The company was founded in 2001 and has customers in the United States, Israel, China, Taiwan, Korea, Malaysia, Europe and Canada. For more information please visit www.ellipticsemi.com.