On 25/07/10 19.40, Harald Welte wrote:
> seems fine to me.
>
USRP1 hardware are coming.
The 2TB tables are coming (will share it online over a 50Mbps connection
for 2-3 months).
Next week i should be able to start practical hands-on hacking on the
gsm security stuff.
By looking at the documentation and at the tools currently available it
seems to me that's still something else missing.
Let me over-summarize the flow for a typical use:
0) USRP1 + DBRX + 900mhz antenna listen to airtraffic
1) Airprobe dump the phone call traffic
- We know that it require important improvement for demodulation of
real signals
- We have to see which is the best pratical approach to do it, to
detect the call, to follow it and which procedure must be implemented
2) Kraken crack the call a5/1 Kc key (that's the most important piece)
3) Some piece of sw decrypt the a5/1 encrypted dump generated by
Airprobe with the Kc cracked by Kraken.
4) Some piece of sw must have the capability to extract from the
decrypted dump the audio flow in GSM or AMR audio format
5) Mplayer replay the intercepted, recorded, decrypted phone call
I understand that there are those limits of airprobe that require strong
improvement in progress.
But point "3" and "4" (like post-processing) are already implemented or
on-the-way somehow in some of the sub projects ?
Fabio
_______________________________________________
A51 mailing list
[email protected]
http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
