subject:"\[A51\] New A5\/1 attack patented"

Re: [A51] New A5/1 attack patented

2012-12-27 Thread Karsten Nohl


On Dec 27, 2012, at 5:00 , javier falbo wrote:

 Yes, from what i could read, we could use it to prevent the frequency hopping 
 efect (or decode the stream and also change the frequency remote) and track 
 the conversation even after hoping.
  
 A5/2 trick is old, that by forcing a 3G phone to move to GSM.
 Solution: Put on your phone do not authorize DUAL MODE, just fix it on 3G.
  
 I think what the article try to focus is on this new man in the middle 
 attach, that with a normal PC you could take the key in 1 second.
 Which is maybe similar as the IMSI catchers or creating a fake cell.
  
 Nowadays i am working to implement this on any android device with a special 
 python script and custom rom :)
 Android is open source.
  
 Regards.
  
  Date: Thu, 27 Dec 2012 04:43:32 +0100
  From: 246...@gmail.com
  To: m.bev...@gmail.com
  CC: a51@lists.reflextor.com
  Subject: Re: [A51] New A5/1 attack patented
  
   Elad Barkan and Eli Biham (them again) filed a patent which was made
   public 2 months ago. It appears to be a new attack against A5/1:
  
   http://www.google.com/patents/US8295477
  
  I've just did a quick scan through it and didn't really see what's
  new about it ...
  
  The abstract seems to describe the very well known A5/2 attack and
  it's optimization. They also describe in the invention the classic
  downgrade attacks (sinceit all A5/x share the same Kc, you attack A5/2
  or A5/1 using an imsi catcher and reuse the found Kc to decrypt
  intercepted A5/3 data for eg).
  
  Can you pin point exactly what new about it ?
  
  AFAICT it's just the exact stuff they published 10 years ago ...

I'm with Sylvain in wondering what is new (and patentable) here.
Apart from the novelty question, the technical relevance seems to have dropped 
significantly over the past years:

* No phone with A5/2 support (the weakest cipher) should have been produced in 
years. The GSMA requires new phones to not support it anymore

* Cracking A5/1 (the somewhat better cipher) also takes only seconds on a good 
computer, allowing for the same kind of man-in-the-middle attack the patent 
describes, but against all GSM-capable phones

* Networks steadily move to A5/3 (the best available cipher) making it possible 
-- in theory -- to prevent MITM attacks. However, this would require the phone 
to notice that a network temporarily downgrades to A5/1 (or even A5/2) and 
notify the user. Anybody here know whether the type of encryption used is 
exposed to Android?

Cheers,

 -Karsten



___
A51 mailing list
A51@lists.reflextor.com
http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51

[A51] New A5/1 attack patented

2012-12-26 Thread Marc Bevand

Elad Barkan and Eli Biham (them again) filed a patent which was made
public 2 months ago. It appears to be a new attack against A5/1:

  http://www.google.com/patents/US8295477

  -mrb
___
A51 mailing list
A51@lists.reflextor.com
http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51

Re: [A51] New A5/1 attack patented

[A51] New A5/1 attack patented

2 matches

Site Navigation

Mail list logo

Footer information