Cybersecurity researchers in Europe say they have discovered a flaw in a mobile phone encryption algorithm that may have allowed attackers to eavesdrop on some data for more than two decades.
In a research paper published today, Wednesday, researchers from Germany, France and Norway said that the flaw affects the data standard of phones using the “GPRS” or “2G” network, while most phones now use the fourth generation, or even the fifth.
The researchers said it was unlikely that the vulnerability in this algorithm was “coincidence”, and instead, it may have been done on purpose to provide law enforcement agencies with a “back door”, ensuring compliance with laws restricting the export of encryption tools.
The 2G algorithm was supposed to be phased out from mobile phones in early 2013, but researchers said they found it in existing Android and iOS smartphones.
Source: Associated Press