Re: TETRA encryption

From: David Wagner (
Date: 05/08/03

  • Next message: "Senior Security Analyst - Toronto"
    Date: Wed, 7 May 2003 22:29:10 +0000 (UTC)

    Paul Rubin wrote:
    > (David Wagner) writes:
    >> Alex Biryukov, Adi Shamir, and David Wagner,
    >> "Real Time Cryptanalysis of A5/1 on a PC", FSE 2000.
    >> A5/2 is much weaker. It's deader than a doornail, IMHO.
    >Do you know which of these GSM phones actually use?

    It depends where you are. All handsets support both A5/1, A5/2,
    and "A5/0" (the identity cipher). The base station tells the handset
    which cipher to use [*]. Base stations are export-controlled, so in
    general, Western Europe gets A5/1-enabled base stations, many other
    nations are only allowed to receive only A5/2-enabled base stations,
    and a few countries are (or were) restricted to A5/0 only. I don't
    know the exact mapping, and I believe it has changed over time.

    [*] Maybe now you can see how to use a false base station to intercept
    GSM phone calls.

  • Next message: "Senior Security Analyst - Toronto"