Hello, I have some small questions on GSM security that I didn't know where else to post.
If I understand it correctly then the COMP128 algorithm produces a 128 bit output of which the first 32 bits are used as the response and only the last 54 bits are used for the session key (making the last ten bits of the session key zero), is this still the case? Then what if A5/3 is used as encryption? It requires a 128 bit key, but if you just use the COMP128 output as a key, then the first 32 bits can were sent plaintext as the response. Can someone help me, or point me in the right direction / to the right document? Also in Karstens and Pagets presentation it was mentioned that according to spec, mobile phones are required to alert the user if no encryption is used, but this feature can be turned of via the SIM card. Can anyone provide me with the spec document (or name / number) containing this? I've already fruitlessly looked through lots of ETSI documents They lack a cool search feature to find the document you need for a certain subject. Kind regards, Fabian _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
