LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

28C3: New attacks on GSM mobiles and security measures shown (The H)

28C3: New attacks on GSM mobiles and security measures shown (The H)

Posted Dec 29, 2011 19:40 UTC (Thu) by josh (subscriber, #17465)
Parent article: 28C3: New attacks on GSM mobiles and security measures shown (The H)

Quoting the article: "Almost all modern mobiles are able to use A5/3. According to Nohl, the failure by a single vendor – despite its claims to the contrary – to implement the updated algorithm is currently preventing mobile operators from carrying out trials."

Anyone know which vendor? The article failed to include that detail.

(Log in to post comments)

28C3: New attacks on GSM mobiles and security measures shown (The H)

Posted Jan 3, 2012 12:18 UTC (Tue) by erwbgy (subscriber, #4104) [Link]

Depending on how A5/3 is implemented it may still have security issues. From Wikipedia:

In 2010, Dunkleman, Keller and Shamir published a new attack that allows to recover a full A5/3 key by related-key attack.[5] The time and space complexities of the attack are low enough that the authors carried out the attack in two hours on a modest desktop computer even using the unoptimized reference KASUMI implementation. The authors note that this attack may not be applicable to the way A5/3 is used in 3G systems; their main purpose was to discredit 3GPP's assurances that their changes to MISTY wouldn't significantly impact the security of the algorithm.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds