http://www.cdc.informatik.tu-darmstadt.de/~umeyer/umts-mim.pdf A Man-in-the-Middle Attack on UMTS
Ulrike Meyer, Susanne Wetzel Might be interesting Jon 2009/12/15 Jonathan <[email protected]> > > Furthermore there is a "rowback attack" on 3G. > Since Most (All?) Mobile Handsets which support 3G also support 2G, > then the handset can be "told" by a fake BS that 3G is "not available" > and "please use 2G, and here you just attack with the current attacks... > That is some food for thought I think... This attack should not be too hard > to implement... > Same, more refs coming as I find them. > Jon > >> >> --- On Tue, 12/15/09, sascha <[email protected]> wrote: >> >> From: sascha <[email protected]> >> Subject: Re: [A51] Partial Table >> To: [email protected] >> Date: Tuesday, December 15, 2009, 6:00 AM >> >> On Tue, Dec 15, 2009 at 04:53:38AM +0000, javier falbo wrote: >> > >> > Is it possible to share by peer-to-peer/torrent the actual table? >> >> sure. one should sort the table before seeding it though. >> i am not entirely sure whether the sorter runs correct now, so please >> wait till i find some time to look over it. >> >> > It seems we are at 50% of the Total number of possible colissions on >> > Rainbow Table, that means we are NOW able to decode 1 of 2 requests (50%). >> >> If you have 720 tables, yes. >> >> > >> > Basic maths shows that total size must be 150 terabytes!, but with an >> > average 2 terabytes is OK for decoding in real-time. >> >> with 200 64bit samples of known plaintext you can do 200 lookups, meaning you >> need 1/200 of the theoretical maximum tablesize and 200 times longer for >> the lookup. >> >> > >> > I suggest Airprobe opens a FORUM for discussion, in order to share info, >> > progress, hardware status and source codes. >> >> generally a good idea. when i find the time i will setup a forum. >> >> > >> > What will be necessary for 3G decoding? Is it similar to GSM? USRP could >> > work with big bandwith digital broadcasting? >> >> the cipher of 3G networks is unbreakable even to the NSA working together >> with the russion botnet mafia, so unless advances are made in cryptoanalyzing >> A5/3 it is unbreakable currently. >> >> > Thats the future, so we need to move to that stage.... >> > >> >> currently beyond the horizon. >> _______________________________________________ >> A51 mailing list >> [email protected] >> http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51 >> >> >> _______________________________________________ >> A51 mailing list >> [email protected] >> http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51 >> > _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
