GSM & A5

[Owen Lewis]

> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of
> anthony.naggs@atrial.com
> Sent: 19 April 2001 16:41
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Re: GSM & A5
>
>
>
>
> On 19 Apr 2001, at 16:07, Kevin Townsend wrote:
>
> > Can anyone tell me if GSM still uses A5/1 for its encryption -
>
> I have never seen a definitive list, but my understanding is: that
> A5/1 is used in most EC countries.  Due to export prohibitions and
> (I think NATO) security concerns other countries use either:
> 1.  A5/2 is weakened version of A5/1 used elsewhere, e.g. South
>     Africa., Australia.
> 2. clear text (A5/0) in Eastern Europe, e.g. former Yugoslavia
>  .
> > and is A5
> > (still) vulnerable as in 'Real Time Cryptanalysis of the
> Alleged A5/1 on a
> > PC' by Biryukov/Shamir, December 9, 1999?

Working from first principles, this would seem to be illogical.

All GSM communication uses time division multiplexed Gaussian Modified Shift
Keying. This means that even unenciphered, communications are safe from
unsophisticated eavesdropping (commercial cost of equipment c. 50-100K).

All GSM communications, whether or not enciphered over the wireless path,
are interceptible by simple switching on that part of the communication
route that is landline. I.e. Any govt/police agency issued with whatever
appropriate local national authority can record the content of calls.

For their own reasons, govts are not about to placed a voice cipher
equipment into the hands of the general public where that cipher cannot - if
push comes to shove, be broken. E.g. were an unfriendly country to adapt the
system to support operations of an offensive nature. Regional/national
variations in cipher quality would simply not address this point because the
global market in consumer items is not strictly controllable.

It therefore follows that any variation in cipher is more likely to be
either a commercial technique to maintain different price structures in
different areas than a 'NATO' security measure.

However, there's still a problem. My dual band phone, bought in the UK
primarily for use in the UK also works, to my certain knowledge, in
Switzerland (ex-NATO), RSA and parts of the Middle East. According to its
handbook, ISTR that my service supplier assures me it will work in a whole
swathe of countries, including some old Sov bloc countries. The any
limitation on use does not seem to result from equipment compatibility but
from the presence of lack of a commercial arrangements between network
suppliers. If the ciphers vary according to (NATO?) requirements, how can it
be that a phone will work in networks with supposedly varied cipher systems?


The variation is simply a 'backdoor'? Or, de facto, we all use A5/0? Or, all
phones are built A5/X capable with a base station capable setting a mobile
to /1 /2 /0 as required?

One is left wondering. If I had to guess, I''d opt for the last. This in
turn raises more questions than it provides answers.


Owen