John Doe Number Two wrote: >It's nice to see someone 'discovering' what Lucky Green already figured-out >years ago. I wonder if they'll cut him a check.
No, no, no! This is new work, novel and different from what was previously known. In my opinion, it is an outstanding piece of research. Barkan, Biham, and Keller establish two major results: 1. A5/2 can be cracked in real-time using a passive ciphertext only attack, due to the use of error-correcting coding before encryption. 2. All other GSM calls (including those encoded using A5/1 and A5/3) can be cracked using an active attack. This attack exploits a protocol flaw: the session key derivation process does not depend on which encryption algorithm was selected, hence one can mount an attack on A5/2, learn the A5/2 key, and this will be the same key used for A5/1 or A5/3 calls. (they also make other relevant observations, but the above two are probably the most significant discoveries) Their attacks permit eavesdropping as well as billing fraud. See their paper at CRYPTO 2003 for more details. I am disappointed that you seem to be criticizing their work before even reading their paper. I encourage you to read the paper -- it really is interesting. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
