Hi, Phones can NOT capture uplink. I should have been more precise - their are configured in hardware to capture only a single channel in downlink, no more. At least all phones I'm aware of do so.
Also you *have to* capture full band before you find a key, because you do not know hopping sequence without deciphering. That's why GSMA referred to hopping as a "security feature" - if no ingenious solution is found, you will have to demodulate full band and then apply cracking to all combinations, which increase required computational power by a several orders of magnitude. But probably some ways to reduce required computational power exist. That's the topic for further research. PS Please do not break mail threads. Use "reply" to reply to a mail. On Tue, Jan 5, 2010 at 07:03, Peter Kuykendall <[email protected]> wrote: >>Guys, >>Alexander Chemeris alexander.chemeris at gmail.com >>Tue Jan 5 00:01:28 CET 2010 > >>I'm sorry, but you can build sniffer from a phone only if >>frequency hopping is not enabled (rare case). Otherwise >>you need to capture *whole* frequency band, in which >>hopping it performed. Phone hardware cannot do this, it >>can capture *single* channel. > >>Also note, that phone can capture only downlink and isn't >>able to capture uplink (because it is configured to send >>on uplink). > > I wonder if it would be practical to use 2 open source phones as > sniffers, one to sniff the uplink and the other to sniff the downlink. > If you could get them started then in principle they should be able > to hop along to follow it. That would be an interesting project! It > would be a very cheap way to do it if it's possible. > _______________________________________________ > A51 mailing list > [email protected] > http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51 > -- Regards, Alexander Chemeris. _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
