Click for homepage
Global System for Mobile communication

GSM – the Global System for Mobile communication 1 – is a standard developed by the European Telecommunications Standards Institute (ETSI), to describe a digital switched-circuit network that is optimised for full-duplex voice telephony, also known as 2G (second generation). The first 2G network was installed in December 1991 in Finland, and in the rest of Europe during the course of the following year [1]. In the Netherlands, the introduction of GSM was delayed until 1994.

  1. Originally: Groupe Spécial Mobile (French).

Later standards
Although initially developed as a pan-European system, GSM quickly grew out to an international standard, which even got adopted in the US. Over the years, the standard was expanded with new frequency ranges (e.g. 1800 MHz) and with provisions for data transfer, GPRS, video and internet. This led to the introduction of the 3G UMTS standard – developed by the 3GPP – and the 4G LTE Advanced standard, which are no longer part of the original ETSI GSM standard.

In 2019, steps were taken to move to the next standard which will be a broadband system known as 5G (fifth generation). It was first rolled-out in South-Korea and is backward compatible with 2G, 3G and 4G. China has heavily invested in the developed of 5G equipment, but many countries have restricted or eliminated the use of Chinese 5G equipment because of espionage fears [2].

One of the key features of GSM is the Subscriber Identity Module (SIM) – also known as a SIM card – which contains the user's identity, known as the International Mobile Subscriber Identity (IMSI). This is different from the phone's own identity, which is known as International Mobile Equipment Identity (IMEI). This allows stolen phones to be blocked without losing the telephone number.

GSM is a fully digital system that uses CODECs for converting analogue speech into digital data. In addition, the digital data is encrypted with a high-end encryption algorithm that can not be broken easily (1990) but is prone to several attacks, including man-in-the-middle attacks [1]. For lawful interception, a so-called IMSI-catcher can be used for eavesdropping [3].

Deliberate weakening
The initial GSM development was an initiative of several European telecommunications providers, including the Norwegian Nordic Telecom and the Dutch PTT (now KPN). Later, French and British providers were involved as well. Following the experiences with their earlier 1G networks – which were based on the Nordic NMT standard – the Dutch PTT and Nordic Telecom advocated the use of strong encryption and authentication, in order to prevent clandestine use and eavesdropping.

According to former KPN developer Peter van der Arend in an article on the Dutch website Tweakers [4], it was initially planned to use a 128-bit encryption for the first version of the GSM standard – known as A5/1 – but this was reduced after an intervention by the British intelligence service GCHQ. initially, GCHQ wanted the encryption to be reduced to 48-bits, but a compromise was later reached at 54-bits, presented as a 64-bit key of which the last 10 bits are ignored.

The 54-bit encryption of the original GSM standard is no longer considered safe, and it is known that (cheap) hardware was available around 2010 to make eavesdropping of GSM conversations possible [5]. The encryption algorithm has since been replaced by stronger alternatives.

  1. Wikipedia, GSM
    Retrieved May 2019.

  2. Wikipedia, 5G
    Retrieved May 2019.

  3. Wikipedia, IMSI-catcher
    Retrieved May 2019.

  4. Arnoud Wokke, Interview with Peter van der Arend (ex-KPN)
    Oud-KPN'er: 2g-netwerk onder druk Britten voorzien van zwakkere encryptie website (Dutch). 10 January 2014.

  5. Joost Schellevis, Afluisteren gsm-verbinding kan nu ook met goedkoop mobieltje website (Dutch). 28 December 2010.
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
Crypto Museum. Created: Sunday 19 May 2019. Last changed: Saturday, 12 August 2023 - 14:08 CET.
Click for homepage