A52 Withdrawal » History » Version 1
admin, 02/19/2016 10:51 PM
first version of page on A5/2 withdrawal
1 | 1 | admin | [[PageOutline]] |
---|---|---|---|
2 | = Withdrawal of A5/2 algorithim support = |
||
3 | |||
4 | After several attacks have been published on breaking the A5/2 encryption algorithm, the specification bodies (ETSI, 3GPP) |
||
5 | and the operator industry (GSMA) have started to phase out A5/2. |
||
6 | |||
7 | As there seems no public document describing this procedure in detail, the page in this wiki was created. |
||
8 | |||
9 | Most of the information has been recovered from the published [http://www.3gpp.org/ftp/Specs/html-info/Meetings-S3.htm 3GPP SA3 WG meeting reports] |
||
10 | |||
11 | == Timeline == |
||
12 | |||
13 | === November 2004: 3GPP SA3 Meeting 36 === |
||
14 | |||
15 | From the official [http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_36_Shenzhen/Report/Draft_Rep_v004_SA3_36.pdf report]: |
||
16 | |||
17 | ''TD S3-041028 Vodafone comments to S3-040955: Proposed CR to 43.020: Clarifying the support of algorithms |
||
18 | within mobile stations (Rel-6). This was introduced by Vodafone and comprised an update to TD S3-040955. It was |
||
19 | reported that phasing out A5/2 was acceptable for the GSMA Board. The effect on other operators who implement |
||
20 | only A5/2 (if any) was unknown, as they do not participate in the GSM/3GPP standardisation bodies). The CR was |
||
21 | revised in TD S3-041075, which was approved.'' |
||
22 | |||
23 | === July 2007: 3GPP SA3 Meeting 44 === |
||
24 | |||
25 | From the official [http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_44_Tallinn/Report/S3-060772.zip report]: |
||
26 | |||
27 | {{{ |
||
28 | Charles Brookson gave a review of GSMA Security Group activities. Progress was being made on the 2006 work items: |
||
29 | - Withdrawal of A5/2 from GSM handsets and networks |
||
30 | }}} |
||
31 | |||
32 | ''It was noted that some manufacturers are reluctant to remove A5/2 from their mobiles as some operators were still using it. The answer was that work is still ongoing to convince operators, mainly from North America, that A5/2 should be removed.'' |
||
33 | |||
34 | This means that even by mid-2007, A5/2 was still actively used by operators even in the 1st world! |
||
35 | |||
36 | == Miscellaneous == |
||
37 | |||
38 | === The GSMA IR.21 roaming database === |
||
39 | |||
40 | The GSMA is maintaining a database of GSM roaming operators called IR.21. It contains information about |
||
41 | the various GSM operators world wide. |
||
42 | |||
43 | The structure of the information is described in |
||
44 | [http://www.algerietelecom.dz/veilletech/bulletin67/pdf/mobile7.pdf GSM Association Roaming Database, Structure and Updating Procedures]. |
||
45 | |||
46 | Interesting bits of information are: |
||
47 | * Which ciphering algorithms are in use (this should tell us where A5/2 is still in use!) |
||
48 | * Whether or not ''Authentication performed for roaming subscribers at the commencement of GSM Service'' |
||
49 | * Whether or not ''Authentication performed for roaming subscribers in case of GPRS'' |
||
50 | |||
51 | Having access to this database (which is available to all 700+ full GSMA members) would give real insight in |
||
52 | the reality of GSM network security! |
||
53 | |||
54 | === GSMA PRD SG.15 === |
||
55 | |||
56 | the [GSMA_Security_Group] has a document called SG.15 which describes best common practises regarding the use |
||
57 | of GSM security features. |
||
58 | |||
59 | Unfortunately we don't have access to that document.. |
||
60 | |||
61 | === Operators reluctant to phase out A5/2 === |
||
62 | |||
63 | [http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_44_Tallinn/Report/S3-060772.zip 3GPP SA3 Meeting Report 44] (July 2006) states: |
||
64 | |||
65 | ''It was noted that some manufacturers are reluctant to remove A5/2 from their mobiles as some operators were still using it. The answer was that work is still ongoing to convince operators, mainly from North America, that A5/2 should be removed. '' |
||
66 | |||
67 | Interestingly, not the 3rd world countries were reluctant to switch to A5/1, but American operators ;) |