A5/1

A5 is a set of ciphers in mobile networks based on the GSM standard. The standard defines different ciphers to secure voice and data traffic over a wireless link. The A5 algorithms are included on both the mobile terminals and in the base stations of the network operator. Is a prerequisite for the use that the network operators and the terminal have the respective cipher also implemented. 6

A5 / 1

A5 / 1 is a stream cipher, which was developed in 1987 to protect the voice communications of GSM. Since 2003, discloses a practical attack. 2008 pre-computed rainbow tables were created to break the encryption first. However, this was not published. 2009 followed by the publication of a two- terabyte rainbow table. Using this table, the encryption can be broken in real time ( "near real-time decryption with distributed cracking network" ).

The British researchers Ross Anderson considered in 1994 the opinion that it was deliberately a weak cipher has been selected to allow the intelligence services of NATO eavesdropping.

A5 / 2

A5 / 2, also a stream cipher, is a technology developed in 1989 weaker version of A5 / 1 used in certain export regions. From A5 / 2 derived ciphers can be broken in under a second on an average PC. In July 2007, the 3GPP has prohibited the implementation of A5 / 2 in new mobile phones. New mobile phones is on networks that use only A5 / 2, so no encryption.

A5 / 3

A5 / 3 is based on the block cipher KASUMI in Counter Mode with an effective key length of 64 bit Kc, because the 64 least significant bits of a copy of the 64 are most significant. A5 / 3 is specified for GSM and for the Enhanced Data Rates for GSM Evolution (EDGE ) variant Enhanced Circuit Switched Data ( ECSD ). The counterpart of A5 / 3 for GPRS named GEA3. Unlike GSM and ECSD a KASUMI - based encryption of the radio link is enabled by default in UMTS.

2010, a more practical attack of Orr Dunkelman, Nathan Keller and Adi Shamir was presented against the A5/3-Verschlüsselungsverfahren KASUMI. The " sandwich " attack allows an attacker to extract the complete 128- bit key. KASUMI is now considered theoretically broken. However, can be made on the effectiveness of attacks against the implementation of KASUMI in the A5/3-Algorithmus for GSM networks no statement. More details can be found in the article KASUMI.

The German Telekom announced in December 2013 that the encryption standard was A5 / 3 implemented nationwide in its GSM mobile network by the end of 2013. 30,000 base stations and central grid points needed for it to be converted. At this time, the telecom went out of about 50,000 terminals, which are not compatible with A5 / 3. In these models, the A5/1-Algorithmus is used further. See also the list of devices with A5/3-Unterstützung in the Weblinks section. In Macedonia, Montenegro, Poland and the Czech Republic, the algorithm was also implemented. The competitor Vodafone, O2 and E -Plus want to use in a few years A5 / 3 in their GSM networks.

In the section links can be found with the GSM Security Map a visual overview of GSM security in different countries.

A5 / 4

A5 / 4 the A5/3-Algorithmus with a longer key Kc (128 -bit). For GPRS, the name of the encryption algorithm GEA4. 6

Ross J. Anderson CTR mode Universal Mobile Telecommunications System Deutsche Telekom Cellular Message Encryption Algorithm
21354
de