Thus spake Gregory A. Gilliss ([EMAIL PROTECTED]) [09/09/03 14:11]: > Sorry, which GSM code would this be? Because I distinctly remember being > at a party years ago where the GSM code (some weak variant of A5) was > shown to be weak and hackable. This was back in 1998...
Discussion on the cryptography mailing list indicated that all this does is force a downgrade from A5/3 to A5/2, which can then be cracked. I can't find the archives online, so I'll paraphrase... The attack forces the terminal end of the call to use A5/2, which is known to be insecure. It then cracks the key, and continues to use this cracked key for A5/3. A5/3 itself still hasn't been cracked, it looks like it's just the initial negotiation. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
