Dissertations and Theses
Sniffing, Decoding and Decryption of GSM Signals Using low cost hardware and Open-source software
Date of Award
Mohamed A. Ali
2G Second-generation, A3 Authentication Algorithm, A5 Encryption Algorithm, A8 Key Generation Algorithm, AGCH Access Grant Channel, AMR Adaptive Multi-Rate
We have participated in the creation of almost two terabytes of tables aimed at cracking A5/1, the most common ciphering algorithm used in GSM. Given 114-bit of known plaintext, we are able to recover the session key with a hit rate of 19%. The tables are expected to be unique as they provide the best coverage yet known to the authors and research workers and they are the first step in a real-world passive attack against GSM. An initial investigation and analysis into the air interface of GSM were performed, from both a theoretical and practical point of view. These examinations would be essential in order to utilize the downloaded tables in a practical attack. Additionally, a rogue GSM network was built and deployed without enabling ciphering and frequency hopping. This active attack was purely based on opensource software and hardware, implying that real GSM networks could be spoofed with resources available to the general public
Choudhry, Muhammad Talha, "Sniffing, Decoding and Decryption of GSM Signals Using low cost hardware and Open-source software" (2019). CUNY Academic Works.