Re: TETRA encryption
From: David Wagner (daw_at_mozart.cs.berkeley.edu)
Date: Wed, 7 May 2003 22:29:10 +0000 (UTC)
Paul Rubin wrote:
>firstname.lastname@example.org (David Wagner) writes:
>> Alex Biryukov, Adi Shamir, and David Wagner,
>> "Real Time Cryptanalysis of A5/1 on a PC", FSE 2000.
>> A5/2 is much weaker. It's deader than a doornail, IMHO.
>Do you know which of these GSM phones actually use?
It depends where you are. All handsets support both A5/1, A5/2,
and "A5/0" (the identity cipher). The base station tells the handset
which cipher to use [*]. Base stations are export-controlled, so in
general, Western Europe gets A5/1-enabled base stations, many other
nations are only allowed to receive only A5/2-enabled base stations,
and a few countries are (or were) restricted to A5/0 only. I don't
know the exact mapping, and I believe it has changed over time.
[*] Maybe now you can see how to use a false base station to intercept
GSM phone calls.