As you can see at http://www.iacr.org/conferences/crypto2003/2003Program.html

Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication
Elad Barkan, Eli Biham, Nathan Keller

Seem that was able to crack the new algorithm in few seconds... Someone got others info about that? papers used on the conference or something like that?

Inode

Hi,

I afraid that they spoken about the A5 (Voice cipher), not the A3A8 (COMP128 v1)....

Regards,
Sir Graham.

The paper certainly talks about a5 and not comp128, but that doesn't make it less interesting. Does anyone have the whole paper ?

also, tell me if I have undestand in the right mode...

The gsm network send to the phone an "SRES" number, the phone do something like an hash this number with the KI (that is the COMP128?). After autenticate the communication are with A5 simmetric algorithm that use the A5/2 or A5/1 with the KI as key.

right? if not, can you explain me exactly?

tnx

Inode

No authentication goed like this.



Network Phone SIM
Identity req--->
(IMSI,IMEI,TMSI)

Identity<-------

Random Num--> -------->

<-------- <---- SRES



SRES is sent TO the network not from. SIM hashes "signs" the random number and sends it back..

The cipher keys are generated from the random num and the Ki as well (but off course not sent over the network)

Hi,

There is a nice paper explaining the security behind gsm in this link

http://www.hackcanada.com/blackcrawl/cell/gsm/gsm-secur/gsm-secur.html

If you still want any help just ask for it in the forum.

cya