Bug #2783
closedit seems like OsmoMSC is forcing Iu/UMTS to use encryption. why?
100%
Description
- A5/3 is a GSM cipher and is not UEA (umts encryption algo)
- UMTS requires integrity protection with UIA, but not encryption (UEA)
This possibly needs to be clarified and the code adjusted accordingly
Updated by neels about 6 years ago
looking at gsm_04_08.c I find
lu_fsm = vlr_loc_update(conn->conn_fsm, [...] is_utran || conn->network->authentication_required, is_utran? VLR_CIPH_A5_3 : conn->network->a5_encryption, );
and I'm a bit puzzled on how this could have come about. It was added as part of the commit "Implement IuCS (large refactoring and addition)" and may have slipped by as an early and/or confused development state. It's obviously wrong. The patch to fix is trivial (just remove the conditional, use conn->network->a5_encryption directly), but it makes sense to build some tests around it as well. Thinking of msc_vlr_test_umts_authen.c to make sure auth without ciph works on UTRAN.
Updated by neels almost 6 years ago
this probably dates back to my early confusion about the topic. I probably just wrote it down from a vague hunch and no-one reviewed it later.
Updated by neels over 4 years ago
- Status changed from New to In Progress
should be done in a few hours, so throwing this in now
Updated by neels over 3 years ago
- Status changed from In Progress to Resolved
- % Done changed from 0 to 100