On Dec 27, 2012, at 5:00 , javier falbo wrote:
> Yes, from what i could read, we could use it to prevent the frequency hopping
> efect (or decode the stream and also change the frequency remote) and track
> the conversation even after hoping.
>
> A5/2 trick is old, that by forcing a 3G phone to move to GSM.
> Solution: Put on your phone do not authorize DUAL MODE, just fix it on 3G.
>
> I think what the article try to focus is on this "new" man in the middle
> attach, that with a normal PC you could take the key in 1 second.
> Which is maybe similar as the IMSI catchers or creating a fake cell.
>
> Nowadays i am working to implement this on any android device with a special
> python script and custom rom :)
> Android is open source.
>
> Regards.
>
> > Date: Thu, 27 Dec 2012 04:43:32 +0100
> > From: 246...@gmail.com
> > To: m.bev...@gmail.com
> > CC: a51@lists.reflextor.com
> > Subject: Re: [A51] New A5/1 attack patented
> >
> > > Elad Barkan and Eli Biham (them again) filed a patent which was made
> > > public 2 months ago. It appears to be a new attack against A5/1:
> > >
> > > http://www.google.com/patents/US8295477
> >
> > I've just did a quick scan through it and didn't really see what's
> > "new" about it ...
> >
> > The abstract seems to describe the very well known A5/2 attack and
> > it's optimization. They also describe in the invention the classic
> > downgrade attacks (sinceit all A5/x share the same Kc, you attack A5/2
> > or A5/1 using an imsi catcher and reuse the found Kc to decrypt
> > intercepted A5/3 data for eg).
> >
> > Can you pin point exactly what "new" about it ?
> >
> > AFAICT it's just the exact stuff they published 10 years ago ...
I'm with Sylvain in wondering what is new (and patentable) here.
Apart from the novelty question, the technical relevance seems to have dropped
significantly over the past years:
* No phone with A5/2 support (the weakest cipher) should have been produced in
years. The GSMA requires new phones to not support it anymore
* Cracking A5/1 (the somewhat better cipher) also takes only seconds on a good
computer, allowing for the same kind of man-in-the-middle attack the patent
describes, but against all GSM-capable phones
* Networks steadily move to A5/3 (the best available cipher) making it possible
-- in theory -- to prevent MITM attacks. However, this would require the phone
to notice that a network temporarily downgrades to A5/1 (or even A5/2) and
notify the user. Anybody here know whether the type of encryption used is
exposed to Android?
Cheers,
-Karsten
_______________________________________________
A51 mailing list
A51@lists.reflextor.com
http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
