From: paul@fatmans.demon.co.uk
Date: Sat, 18 Jan 1997 00:28:58 -0800 (PST)
To: Adam Back <aba@dcs.ex.ac.uk>
Subject: Re: Newt's phone calls
Message-ID: <853575672.913148.0@fatmans.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain



> 
> GSM includes A5 encryption here, so basically the whole design is worked out
> - all you'd have to do is rip out the A5 chip and replace with a decent
> encryption system.  Anyone know how modular the design is, for instance if
> it would be possible to give a GSM A5 based cell phone a crypto upgrade
> using published electrical interface standards?  (I want one of those -
> Nokia phone with IDEA + 2048 bit RSA signatures + DH forward secrecy!)

My guess is that this would not work.

Does anyone know if when you use a GSM phone to call a landline 
number the cellphone<-> base station trafic is encrypted???

my guess is that only when you call GSM to GSM is the trafic 
encrypted and even then I would imagine each phone agrees a key with 
the base station for the network then the trafic between the base 
stations is cleartext. The only way, if this were the case, would be 
to write the code so that the headers and other network information 
like SIM ID number etc... were cleartext or just A5 to the network as 
standard and only the actual speech data was encrypted under 
something stronger. This approach could become troublesome, 
if I have time I`ll get hold of some GSM specifications and look at 
it more closely.


  Datacomms Technologies web authoring and data security
       Paul Bradley, Paul@fatmans.demon.co.uk
  Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: 5BBFAEB1
     "Don`t forget to mount a scratch monkey"