GSM - A5 Strength (was Inaccurate study quoting, Re:
anti-crypto rhetoric)
Phillip Temple
phillip.temple at onlinemagic.com
Tue, 07 Apr 1998 18:34:13 +0100
At 05:51 PM 4/7/98 +0100, you wrote:
>
>There are many on this list who know a great deal more than I do about GSM
>but I suspect that the A5 algorithm only protects the communications between
>the phone and the nearest tx/rx node. I would guess that data in the
>swtiches, and that in transit between them, is not cryptographically
>protected.
That is correct. Which is why the responsability for the confidentiality
of the information then falls on the Telco.
>Although I have no direct knowledge of the strength of A5, my suspicions are
>that it is very weak because it has been (and, I think, still is) the policy
>of the UK government (and I guess many others) not to allow strong
>cryptographic algorithms to go into widespread use.
This was not a UK decision, it was decided on by all the European
states. More details at:
http://radiophone.dhp.com/gsm/gsm-secur/gsm-secur.html
Basically, it was very secure at the time it was conceived. Now it
is reasonably secure but advances in technology and cryptography
are eroding its power. This is inevitable.
Phillip.