On Mon, Jan 4, 2010 at 5:46 AM, p q <[email protected]> wrote: > thanks for the last two questions > this was also the important facts that nobody mentioned them . to do > a successful attack to A5/1 enabled GSM you need to capture signal on a > wide-band style meaning you need to capture all the bands that may have > carrier on them . this is highly depended on the network configuration > specially the design on BTS . > real world BTSs are offering services on different bands and calls are > always get handover between the bands due to radio resource management . for > a sucsessful GSM interception you at least need to capture Downlink .
Sitting with my phone here and a spectrum analyser I do not see it changing bands. Can you point me to some relevant references on this subject? (and wow, it sure does produce a lot of broadband noise!) > considering the current opensource and cheap hardware you can simple forget > to capture both uplink and downlink , that's just not possible . > to capture Downlink of a BTS that offers GSM1800 you need to capture at > least 75 MB of the spectrum space Again, I do not see behaviour on my phone here which supports your statement. So far it only seems to transmit within a ~4mhz window. Unfortunately, I'm not able to make the same determination in the other direction, for obvious reasons, and I'm unwilling to intercept a signal illegally. If the uplink that its speaking to also behaves the same way, then the USRP1 should be sufficient. My understanding was that single provider allocations in a band were much smaller than the whole band. Is this not the case? > this is far more than USRP and also > beyond USRP2 The USRP2 does I/Q sampling at 100M/S. 75MHz is well within its bandpass. A custom FPGA image would be required in order to actually get something usable *out*, so we're still talking an enormous amount of work to do something usable with a whole band. But the FPGA on the USRP2 is quite large, so I don't see any reason to write off the possibility of capturing a whole band if that is actually necessary. _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
