biometrics
Greg Rose
ggr at qualcomm.com
Sat Jan 26 21:56:13 EST 2002
At 07:59 PM 1/26/2002 -0500, Scott Guthery wrote:
>(A test GSM authentication algorithm, COMP128, was attacked
>but it is not used in any large GSM networks. And it
>was the algorithm not the SIM that was attacked.)
There are two problems with this statement. The first is that while COMP128
was a "demonstration" (not "test") algorithm, it turns out that well over
half of the deployed GSM systems do in fact use it. And there is a very
interesting paper coming soon to a conference but the program hasn't yet
been announced, so I can't yet say any more, but it attacks the SIM. Ross
Anderson and Markus Kuhn and their group at Cambridge have done some very
impressive work on getting secrets out of SIMs and smartcards in general.
Greg.
Greg Rose INTERNET: ggr at qualcomm.com
Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199
Level 3, 230 Victoria Road, http://people.qualcomm.com/ggr/
Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list