The GSM voice calls are encrypted using a family of algorithms collectively called A5. A5/0 is no encryption. A5/1 is the "standard" encryption algorithm, while A5/2 is the "export" (weakened) algorithm. A5/3 is a new algorithm based on the UMTS/WCDMA algorithm Kasumi. While one of the attacks below manages to "walk around" A5/3, there is no attack against it directly. GPRS encryption is done with a different family of algorithms: GEA0 (none), GEA1 (export), GEA2 (normal strength) and GEA3 (new, and effectively the same as A5/3). There are effectively three different attacks discussed in the paper.
Did you find this white paper useful?
29 out of 50 users found this white paper useful
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Web application security: automated scanning versus manual penetration testing
Web sites are vulnerable to Web application attacks and a great percentage of these attacks occur over the HTTP/S protocols, ports that are often exposed to the entire online community....
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Helping Academic Institutions Cost-effectively Ensure Both the Security and the Availability of Email
This webcast explains how you can create a defense-in-depth approach to email security that protects from internal and external threats, implement a broad array of solutions at the network, gateway,...
MSDN Webcast: The Root of all Hacks (Level 200)
With major new security lapses being revealed nearly every week, the software industry must take an active role in determining how to prevent them. Rather than continuing the current path...
Secure Information Sharing: Delivering Information to the Right People, at the Right Time and in the Right Place
This webcast explains how the Michigan State Police applied Enterprise Application Integration (EAI) to reduce costs, ensure regulatory compliance and increase operational efficiency.
