Dieter Spaar's blog


Dieter's Web

Projects I am participating



Other Bloggers
Harald Welte
David Burgess



Sat, 22 Jan 2011
GSM Ciphering Algorithms in mobile phones

You are probably aware that the A5/1 and A5/2 GSM ciphering algorithms are broken, A5/2 is so weak that even the GSMA mandates that it is no longer used in new mobile phones. A secure alternative would be A5/3, however it is not yet deployed in GSM networks, at least those networks I am aware of, and only some newer phones support it.

I had a brief look at some phones I have access to, most of them came out in the last four years. Interestingly quite a lot of them still support A5/2 and only very few support A5/3. If a phone does not indicate A5/3 support, this does not necessarily mean that it is not capable to run A5/3, for example on one of my test phones, a BlackBerry Bold 9000, A5/3 is disabled (for whatever reason). The phones in my collection with enabled A5/3 support are some new, cheap features phones from India based on a MediaTek chipset. And as a side note: The iPhone 4 I looked at does not have A5/3 enabled but at least A5/2 is disabled.

I also did a few quick tests to make sure that A5/2 cannot be used on those phones which claim that they do not support it, and so far this seem to be the case. The reason for this test: The phones can most certainly run A5/2 if they can run A5/1 (which all of my phones can), A5/2 is very similar to A5/1. If a phone claims to support only A5/1, it does not necessarily mean that the phone will not use A5/2 if you force it to do so, if there are bugs in the phone firmware, the phone could still run A5/2.

The short tests I did are only a first look at this issue. Additionally the same phone model could behave different when sold by a different operator or in a different country, as I already wrote, most of the time the supported ciphering algorithms can be configured by the phone manufacturer. So this is an area which should be investigated further.

[ /gsm | permanent link ]