[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Israeli boffins crack GSM code

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Israeli boffins crack GSM code
From: Damian Gerow <damian@xxxxxxxxxx>
Date: Tue, 9 Sep 2003 17:08:54 -0400

Thus spake Gregory A. Gilliss (ggilliss@xxxxxxxxxxxxxxxxx) [09/09/03 14:11]:
> Sorry, which GSM code would this be? Because I distinctly remember being
> at a party years ago where the GSM code (some weak variant of A5) was
> shown to be weak and hackable.  This was back in 1998...

Discussion on the cryptography mailing list indicated that all this does is
force a downgrade from A5/3 to A5/2, which can then be cracked.  I can't
find the archives online, so I'll paraphrase...

The attack forces the terminal end of the call to use A5/2, which is known
to be insecure.  It then cracks the key, and continues to use this cracked
key for A5/3.  A5/3 itself still hasn't been cracked, it looks like it's
just the initial negotiation.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Israeli boffins crack GSM code
  - From: Damian Gerow

References:
- [Full-Disclosure] Israeli boffins crack GSM code
  - From: Richard Spiers
- Re: [Full-Disclosure] Israeli boffins crack GSM code
  - From: Gregory A. Gilliss

Prev by Date: [Full-Disclosure] RE: BAD NEWS: Microsoft Security Bulletin MS03-032
Next by Date: Re: [Full-Disclosure] EULA
Previous by thread: RE: [Full-Disclosure] Israeli boffins crack GSM code
Next by thread: Re: [Full-Disclosure] Israeli boffins crack GSM code
Index(es):
- Date
- Thread