GSM Encryption
in [Cryptography]
|
From: amzoti on 30 Dec 2009 17:53 http://news.yahoo.com/s/ap/20091230/ap_on_hi_te/eu_germany_phone_code The article is the typical mumbo-jumbo one would expect - but interesting nonetheless. Can this guy get in trouble in Europe for this - like jail and huge fines?
From: Peter Fairbrother on 30 Dec 2009 18:12 amzoti wrote: > http://news.yahoo.com/s/ap/20091230/ap_on_hi_te/eu_germany_phone_code > > The article is the typical mumbo-jumbo one would expect - but > interesting nonetheless. > > Can this guy get in trouble in Europe for this - like jail and huge > fines? [> Claire Cranton, a spokeswoman for the London-based group, said that "this activity is highly illegal in the UK and would be a serious RIPA offense as it probably is in most countries." >] Using it in anger *would* be an offense under RIPA, which covers interception in the UK, and would be an offense in most other countries (duh), but developing it? If done correctly, ie not intercepting calls without the permission of sender and intended recipient, and not transmitting outside the lab, developing the crack wouldn't be an offense under RIPA or the Wireless Telegraphy Act, and I'm pretty sure it wouldn't be an offense under any other UK statutes. Karsten planned a demo for today, but I think that the demo he planned would be an offense under UK and German law, as he invited people to submit calls tweaked from the ether - however if he set up some calls and then broke them, it probably would be legal (though there are some technical difficulties about time slot allocation in the TDMA scheme GSM uses which might make it a little tricky, but most likely not impossible to do legally). I don't know whether the demo went ahead, he was consulting lawyers last I heard. BTW, it's a crack of A5/1, the encryption used in GSM and some G3 phones (sort-of) using a rainbow table, and he has identified some more protocol-related plaintext in the signals which should make it easier, though I don't have full details. -- Peter Fairbrother
From: unruh on 30 Dec 2009 19:20 On 2009-12-30, Peter Fairbrother <zenadsl6186(a)zen.co.uk> wrote: > amzoti wrote: >> http://news.yahoo.com/s/ap/20091230/ap_on_hi_te/eu_germany_phone_code >> >> The article is the typical mumbo-jumbo one would expect - but >> interesting nonetheless. >> >> Can this guy get in trouble in Europe for this - like jail and huge >> fines? > > [> > Claire Cranton, a spokeswoman for the London-based group, said that > "this activity is highly illegal in the UK and would be a serious RIPA > offense as it probably is in most countries." > >] Ah, yes, the UK, the country who have made a national obsession through security by obscurity. The country where a person was thrown in jail for fraud simply for claiming that someone had taken money out of his bank account. The country that passed a law making it compulsory to a) hand over your private encryption keys, and b) made it illegal to tell anyone that you had done so. > > Using it in anger *would* be an offense under RIPA, which covers > interception in the UK, and would be an offense in most other countries > (duh), but developing it? > > If done correctly, ie not intercepting calls without the permission of > sender and intended recipient, and not transmitting outside the lab, > developing the crack wouldn't be an offense under RIPA or the Wireless > Telegraphy Act, and I'm pretty sure it wouldn't be an offense under any > other UK statutes. > > Karsten planned a demo for today, but I think that the demo he planned > would be an offense under UK and German law, as he invited people to > submit calls tweaked from the ether - however if he set up some calls > and then broke them, it probably would be legal (though there are some > technical difficulties about time slot allocation in the TDMA scheme GSM > uses which might make it a little tricky, but most likely not impossible > to do legally). > > I don't know whether the demo went ahead, he was consulting lawyers last > I heard. > > > BTW, it's a crack of A5/1, the encryption used in GSM and some G3 phones > (sort-of) using a rainbow table, and he has identified some more > protocol-related plaintext in the signals which should make it easier, > though I don't have full details. > > > -- Peter Fairbrother > > >
From: Mok-Kong Shen on 30 Dec 2009 19:23 amzoti wrote: > http://news.yahoo.com/s/ap/20091230/ap_on_hi_te/eu_germany_phone_code From a link there to a web page of a firm Cellcrypt one reads the following which I suppose is interesting, as it shows that all such relatively high performance computing work can nowadays be done on such a tiny device as a mobile phone: Cellcrypt's cryptography includes industry-standard high-strength algorithms including 2048-bit RSA for authentication, Elliptic Curve Diffie-Hellman and RSA protocols for key exchange, and 256-bit AES for voice encryption. For added security, the data is encrypted twice using 256-bit RC4 and AES. M. K. Shen
From: Mok-Kong Shen on 30 Dec 2009 19:31 unruh wrote: > Peter Fairbrother wrote: >> [> >> Claire Cranton, a spokeswoman for the London-based group, said that >> "this activity is highly illegal in the UK and would be a serious RIPA >> offense as it probably is in most countries." >>> ] > > Ah, yes, the UK, the country who have made a national obsession through > security by obscurity. The country where a person was thrown in jail for > fraud simply for claiming that someone had taken money out of his bank > account. The country that passed a law making it compulsory to a) hand > over your private encryption keys, and b) made it illegal to tell anyone > that you had done so. I don't know but I should be surprised if there weren't countries worse than UK in that matter (practically at least). M. K. Shen
|
Next
|
Last
Pages: 1 2 3 4 5 6 Prev: New mode for AES: "Packet Mode" Next: Scalable Key Cryptography – Balinese Language. |