>people at airprobe.org can give better answers to those questions than we can.
With the proper programming of the USRP hardware you should be able to
capture up and downlink of a conversation with ease with a single DB since
even the cheapest handset can do it.
It's true but the difference between airprobe and the handset is that the
handset is able to get access to the synchronization information and time slot
allocated for the communication. But the airprobe decoder can currently only
decode the BCCH and SDCCH signaling channels.
Remember that when a communication needs to be done the BTS page all mobile in
the area to get the right one. This one responds with a channel allocation
request on RACH channel and the BTS allocates the channel passing the
information (timeslot and synchronization) in a AGCH channel.
These two channel can't be decode for the moment by the airprobe decoder, so it
is impossible to get access to the timeslot allocated. And since the
RR_cipher_mode message is then exchange on that timeslot, it is currently
impossible to get it with the airprobe decoder.
If anybody here is trying to improve the decoder, i will be happy to exchange
and to get clue to improve the decoder ;)
Anyway, i strongly encourage people of the A5 project mailing list interested
in catching the RR_meesage to subscribe to the airprobe mailing list
(main-subscribe at lists.airprobe.org) and activelly take part of the
development of the decoder.
Regards,
sylvain
_______________________________________________
A51 mailing list
[email protected]
http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
