GSM & A5

Wed, 23 May 2001 19:08:12 +0100

Hi I just wondered if it was possible to trace a mobile phones' whereabouts
if you know the mobile phone number. i would appreciate any advice you could
give me on this matter and i assure you of the strictest confidence.
thanks.
----- Original Message -----
From: <anthony.naggs@atrial.com>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Wednesday, May 23, 2001 3:16 PM
Subject: RE: GSM & A5


>
>
> On 21 May 2001, at 11:34, Owen Lewis wrote:
>
> >
> >
> > > -----Original Message-----
> > > From: ukcrypto-admin@chiark.greenend.org.uk
> > > [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of
> > > anthony.naggs@atrial.com
> > > Sent: 19 April 2001 16:41
> > > To: ukcrypto@chiark.greenend.org.uk
> > > Subject: Re: GSM & A5
> > >
> > >
> > > I have never seen a definitive list, but my understanding is: that
> > > A5/1 is used in most EC countries.  Due to export prohibitions and
> > > (I think NATO) security concerns other countries use either:
> > > 1.  A5/2 is weakened version of A5/1 used elsewhere, e.g. South
> > >     Africa., Australia.
> > > 2. clear text (A5/0) in Eastern Europe, e.g. former Yugoslavia
> > >  .
> > > > and is A5
> > > > (still) vulnerable as in 'Real Time Cryptanalysis of the
> > > Alleged A5/1 on a
> > > > PC' by Biryukov/Shamir, December 9, 1999?
> >
> > Working from first principles, this would seem to be illogical.
> >
> > All GSM communication uses time division multiplexed Gaussian Modified
Shift
> > Keying. This means that even unenciphered, communications are safe from
> > unsophisticated eavesdropping (commercial cost of equipment c. 50-100K).
>
> Vulnerability of the cipher is not the same as vulnerability of the
> comms, but it is at least interesting both in the abstract.
>
> Analysing GSM communications is somewhat beyond my, (wired),
> comms knowledge.  A determined attacker will either fund the
> necessary equipment, or find another a more cost effective point of
> attack such as the unencrypted traffic on the service provider's
> backbone.
>
> > All GSM communications, whether or not enciphered over the wireless
path,
> > are interceptible by simple switching on that part of the communication
> > route that is landline. I.e. Any govt/police agency issued with whatever
> > appropriate local national authority can record the content of calls.
> >
> > For their own reasons, govts are not about to placed a voice cipher
> > equipment into the hands of the general public where that cipher
cannot - if
> > push comes to shove, be broken. E.g. were an unfriendly country to adapt
the
> > system to support operations of an offensive nature. Regional/national
> > variations in cipher quality would simply not address this point because
the
> > global market in consumer items is not strictly controllable.
>
> The ciphers deployed in mobile phones are operate in a well
> defined point to multi-point network.  They are certainly difficult to
> extract and reuse for another purpose, especially in comparison to
> developing proprietary encrypted channels.  In the extreme
> targetting and disabling key points in a cellphone network will force
> communications onto other media.
>
> > It therefore follows that any variation in cipher is more likely to be
> > either a commercial technique to maintain different price structures in
> > different areas than a 'NATO' security measure.
> >
> > However, there's still a problem. My dual band phone, bought in the UK
> > primarily for use in the UK also works, to my certain knowledge, in
> > Switzerland (ex-NATO), RSA and parts of the Middle East. According to
its
> > handbook, ISTR that my service supplier assures me it will work in a
whole
> > swathe of countries, including some old Sov bloc countries. The any
> > limitation on use does not seem to result from equipment compatibility
but
> > from the presence of lack of a commercial arrangements between network
> > suppliers. If the ciphers vary according to (NATO?) requirements, how
can it
> > be that a phone will work in networks with supposedly varied cipher
systems?
>
> GSM phones support all three encryption schemes, selected from
> information broadcast by the base station.
>
> > The variation is simply a 'backdoor'? Or, de facto, we all use A5/0? Or,
all
> > phones are built A5/X capable with a base station capable setting a
mobile
> > to /1 /2 /0 as required?
> >
> > One is left wondering. If I had to guess, I''d opt for the last. This in
> > turn raises more questions than it provides answers.
>
> The base station equipment is (was?) produced in North America
> and Europe.  Although export rules are more relaxed now at the
> time when most GSM networks were setup the COCOM export
> rules were quite paranoid. Hence the demarkation of non-crypto
> systems to countries aligned with the USSR, and token weak
> encryption to other untrusted countries. (Allowing Western
> intelligence services to relatively discretely intercept traffic.)
>
>
> Ross's book, ("Security Engineering"), is a very good read, but I
> haven't reached his chapter on GSM yet.
>
> Cheers, Tony
>
>