Telephone Network Security

Telephone Network Security

and the “Cap’n Crunch” whistle

in the 1960’s and early 1970’s

Overview

•
The telephone network topology.

•
Telephone switch signaling protocols.

•
What is Phone Phreaking?

•
Hacking the telephone network of the 1960s
and 1970s.

•
What was done to fix the problem.

The Telephone Network of the
1960’s and early 1970s

•
Primary function of a telephone network is
to connect telephones together.

•
Not feasible to connect every user to every
other user directly.

•
A network is needed.

•
Hierarchical Network.

Hierarchical Network

Hierarchical Network

•
Lowest level
–

end users connected to local
exchange.

•
Next level up
–

local exchanges connected
to the primary trunk exchanges.

•
Next level up
–

the primary trunk exchanges
connected to the secondary trunk
exchanges.

•
Can extend to as many levels as needed.

Signaling

•
Signaling is the means by which routing
information is sent to switches.

•
Two main types of signaling.

–

Local
-
loop signaling

–

Interoffice signaling

•
Signals were sent on the same line that was
used to transmit voice.

Signaling Cont.

•
In order to reduce the probability that a
human voice will mimic switch signals,
special tone pairs were used.



Local
-
Loop Signaling

•
User picks up a telephone and “dials” a
number.

•
Two types

–
Rotary

–
Push Button

•
The switch at the local exchange routes the
number.

Push Button Local Loop
Signaling

Phone Phreaking

Phreaking
–

1. The art and science of cracking
the phone network (so as, for example, to
make free long
-
distance calls.)

2. By extension, security
-
cracking in any
other context (especially, but not
exclusively, on communication networks)

Interoffice Signaling

•
A different signaling protocol is needed to
prevent a user from sending signals to
switches downstream.


Interoffice Signaling

The Blue Box

•
Codes for interoffice signaling were
published in a Bell Labs journal article.

•
A box with 7 buttons could be built to route
a call anywhere in the world!

•
The first device confiscated by the phone
company was blue.

•
Steve Wozniak was in the Blue Box
business.

A Blue Box Device

How to make a free phone call

Phone


Local Exch.


Account.

System


Primary Exch.


Secondary Exch.

Primary Exch.


Local Exch.


Phone

1(800)555
-
5555

KP
-
187
-
ST

KP
-
07
-
ST

KP
-
095
-
ST

KP
-
252
-
0011
-
ST

Ring

Was the telephone system a
secure network?

•
The routing signals are sent over the same
lines that carry voice signals (in
-
band).

•
Cost must have been a factor.

•
Not only free calls

–
Bouncing calls between switches (untraceable)

–
Flooding the network (Denial of service)


How was it fixed?

•
By 1976 virtually all interoffice trunks were
converted to a new type of signaling
–

Common Channel Interoffice Signaling

•
Interoffice signals sent over separate lines.


Benefits of CCIS

•
Reduces call time set up.

•
Eliminates false customer simulated in
-
band
signaling.

•
Send data out of band, parallel to the voice
circuit.


What about the Cap’n!?!