On Wed, Dec 09, 2009 at 12:32:42PM +0330, p q wrote: > the source of known plain text has been discussed before but its not clear > to me how many GSM frames we can certainly obtain on every single call . we > will capture it from Downlink , right ? how many frames are guaranteed to be > always there ?
the folks at airprobe.org can give a better answer to that. But last time i asked them they all had the 'not sure bout that' syndrome. I am quite optimistic about the cipher mode complete message since it is sent from the mobile where a software update is not as easily done as in a BTS. I also doubt that the BTSs can be software-updated to insert random bits instead of known padding bytes, since the handset may rely on the padding to have that particular value. _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
