Home / Tech / News / Still using a 2G phone? You could be susceptible to a major security flaw

Still using a 2G phone? You could be susceptible to a major security flaw

This flaw in an encryption algorithm used by cellphones may have allowed attackers to eavesdrop on some data traffic for more than two decades.

t was probably created intentionally to provide law enforcement agencies with a “backdoor” and comply with laws restricting the export of strong encryption tools. t was probably created intentionally to provide law enforcement agencies with a “backdoor” and comply with laws restricting the export of strong encryption tools.
t was probably created intentionally to provide law enforcement agencies with a “backdoor” and comply with laws restricting the export of strong encryption tools. (Pixabay)

Cybersecurity researchers in Europe say they have discovered a flaw in an encryption algorithm used by cellphones that may have allowed attackers to eavesdrop on some data traffic for more than two decades.

In a paper published Wednesday, researchers from Germany, France and Norway said the flaw affects the GPRS - or 2G - mobile data standard.

While most phones now use 4G or even 5G standards, GPRS remains a fallback for data connections in some countries.

More From This Section

The vulnerability in the GEA-1 algorithm is unlikely to have been an accident, the researchers said. Instead, it was probably created intentionally to provide law enforcement agencies with a “backdoor” and comply with laws restricting the export of strong encryption tools.

“According to our experimental analysis, having six correct numbers in the German lottery twice in a row is about as likely as having these properties of the key occur by chance,” Christof Beierle of the Ruhr University Bochum in Germany, a co-author of the paper, said.

The GEA-1 algorithm was meant to be phased out from cellphones as early as 2013, but the researchers said they found it in current Android and iOS smartphones.

Cellphone manufacturers and standards organisations have been notified to fix the flaw, they said.

Follow HT Tech for the latest tech news and reviews, also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.