Hi all, recently I've been mentioning A5/4 in a couple of meetings. I've found the (already approved) change requests that introduce A5/4 by coincidence today:
http://www.3gpp.org/ftp/tsg_sa/TSG_SA/TSGS_45/docs/SP-090635.zip http://www.3gpp.org/ftp/tsg_sa/TSG_SA/TSGS_46/docs/SP-090821.zip So basically A5/4 (and GEA4) use a 128bit Kc, and this mandates the use of an USIM in USIM application mode. Old GSM SIM cards are not sufficient. So A5/4 will be the first algorithm that uses a different Kc and will thus not suffer from semi-active downgrading attacks (like you can do with old phones and A5/2 to break A5/1 or A5/3, or you can do today with A5/3 if you later use the same RAND on an A5/1 encrypted session). Regards, Harald -- - Harald Welte <lafo...@gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
