GSM & A5
anthony.naggs@atrial.com
anthony.naggs@atrial.com
Thu, 19 Apr 2001 16:40:50 +0100
On 19 Apr 2001, at 16:07, Kevin Townsend wrote:
> Can anyone tell me if GSM still uses A5/1 for its encryption -
I have never seen a definitive list, but my understanding is: that
A5/1 is used in most EC countries. Due to export prohibitions and
(I think NATO) security concerns other countries use either:
1. A5/2 is weakened version of A5/1 used elsewhere, e.g. South
Africa., Australia.
2. clear text (A5/0) in Eastern Europe, e.g. former Yugoslavia
.
> and is A5
> (still) vulnerable as in 'Real Time Cryptanalysis of the Alleged A5/1 on a
> PC' by Biryukov/Shamir, December 9, 1999?
As published this is a theoretical rather than practical attack.
Certain minor details of the alleged A5/1 algorithim do not ring true,
and the attack requires an amount of 'known plaintext' i.e.
compressed & encoded speech in each call that is attacked.
There is claimed to be a fast, near real-time, attack on A5/2.
Which presumably again needs known plaintext, but I have not
seen any details of the attack. (Web search for Goldberg, Wagner
and Briceno.)
Cheers, Tony