|
Cellular Network Information (Encryption)
Hi,
is there any chance of getting cellular network info regarding encryption out of the phone? I've read some threads about using dbus to get cell-id, country code, etc, and this is working, is there a similar procedure? Afaik should the phone display a lock somewhere if encryption is enabled, but most providers seem to disable this function in the sim-card itself. Thanks in advance, Renkon |
Re: Cellular Network Information (Encryption)
AFAIK the standard encryption used by GSM is A5. I've read an article at darkreading.com about hacking A5 with a ~250$ radio device on the fly, so you're not secure with A5. There has to be an app to monitor GSM data (probably the new version of the old field test menu present in old Nokias), but most likely it won't be available for public. However, if you do need to check such things, i'd go for activating R&D mode and looking around what can be achieved, but you'll be on your own on that road.
|
Re: Cellular Network Information (Encryption)
The normal behaviour is for the phone to present an indicator of some sort if encryption is turned OFF, but as you say, this default can be turned off in the SIM programming. AFAIK this is only normally done in countries where encryption isn't used.
Dave |
Re: Cellular Network Information (Encryption)
I just connected my N900 to a MS test system and placed a call to it (which should be unencrypted). I didn't see any new indicators on the screen. Unfortunately I don't have any other mobiles here to try a comparison. I know the 'insecure' indicator on my Siemens mobiles, I will try to bring one of those into the office tomorrow.
|
Re: Cellular Network Information (Encryption)
Here in Germany encryption (A5/1) is enabled by default, however, as stated at the 26C3 (a computer security conference), it is possible to build a system to eavesdrop on some one for very low costs and get SMS and calls (eg. from your bank) recorded.
This involves simulating a rogue cell that tells your phone to connect to AND disable encryption (that'd be A5/0). German network providers usually disable the "you're unprotected" icon. God knows why... Since we cannot do anything against passive decryption of the network traffic, there should be some countermeasures against active attacks like: - your home cell sending a signal thats up to 50% stronger than usual (that's possible with what I've read, because the cell-id is unique and signal strength can be read via dbus easily) - your phone establishing an unencrypted connection to the network. epninety: Thanks for your testing efforts. I'm looking forward to that. |
Re: Cellular Network Information (Encryption)
Actually you can do passive decryption only if some preconditions are met: it requires significant amount of data (a minute or so of reliably received voice frames) and *a lot* of disk space (petabyte[s]). And you cannot decrypt SMS this way.
But if encryption is a5/2 it is still called "encryption" though actually it is just a joke ;-) |
Re: Cellular Network Information (Encryption)
@arkanoid: The rainbow tables used for decryption are currently distributed via P2P and yes, it requires petabytes to store them, but this is done via cheap usb sticks and cascading usb-hubs...
It is more likely to encounter an active attack than a passive one, for these reasons. It's just simpler to do. And someone would still be able to catch SMS through that, because they're the network. PS: A5/3 is already on it's way to be broken or being exploited because it shares the same keys as an A5/1 connection. They called that weakest-link approach or something like that. |
Re: Cellular Network Information (Encryption)
You are right. But active attack could be detected, unlike passive one. That's the point why encryption and cell status might be useful ;-)
It might be useful even to provide interventing warning like "the call cannot be secured, do you want to continue the connection"? |
Re: Cellular Network Information (Encryption)
Something like that. Or a widget for the desktop.
But to archieve this, we need a sort of indicator for unencrypted connections. As for now there seems to be no consumer phone that would have a similar ability ;) |
Re: Cellular Network Information (Encryption)
BTW i hope n900 to be the first smartphone to support SRTP without the need of buying several-hundred-bucks questionable software (if you are willing to spend several hundreds for voice encryption, stating that aloud *is* asking for trouble, the point of "encryption for masses" is that it should not be something very special in the fact you are using encryption ;-)
|
Re: Cellular Network Information (Encryption)
SRTP would only work for VOIP calls, wouldn't it?
But yes, I can see your point there. At least we should everyone decide for themselves what's confidential for them or not. |
Re: Cellular Network Information (Encryption)
Yep. But according to last month's call timers, i already do have voip calls twice the amount of cellular ones ;-)
|
Re: Cellular Network Information (Encryption)
Hey btw, I've thought about the silent call feature they mentioned in the 26C3 discussion. This won't work for us N900 users.
The battery would be dead in 2-3 hours xD (Stopping offtopic for now ;) ) I'm leaving this here for anyone who's interested in the background of my request. This is a streamdump from the 26C3 (in english): Mp4 File (FTP) ~ 800 megs Mp4 File (Bittorrent) |
Re: Cellular Network Information (Encryption)
Yea, I would like to also know if chosen GSM encryption is A5/1 or not (e.g. A5/0 or A5/2). I looked into dbus files, but do not see anything...
|
Re: Cellular Network Information (Encryption)
Quote:
Another thing, to decrypt, you need not just the mentioned rainbow tables, but also the K key and IMSI of the SIM/device |
Re: Cellular Network Information (Encryption)
Quote:
But my question is if N900/Maemo can tell if currently used encryption is A5/1 (or less-secure A5/2, A5/0). Old Nokia phones show some "open lock" icon in status area in this case. So I'm thinking if something similar cannot be done on N900/Maemo... |
Re: Cellular Network Information (Encryption)
Quote:
Does RIL have some log that can be read/contains info on this, which could be used? |
Re: Cellular Network Information (Encryption)
Some information on how to enable/disable/query encryåtion, using AT commands.
http://www.jmeds.eu/index.php/jmeds/..._Android/pdf_4 |
Re: Cellular Network Information (Encryption)
Quote:
|
Re: Cellular Network Information (Encryption)
I know all the dbus interfaces supported by the N900 cellular subsystems (even if there are many that haven't been completly identified) and there is nothing whatsoever that looks like it might be related to GSM encryption in any way (or to any of the other related terms that apply to GSM encryption/security)
|
Re: Cellular Network Information (Encryption)
The only thing which I found is "CIPHERING" in file /usr/include/ISI/icpr82/pn_modem_network_isi.h
There is NET_CIPHERING_INDICATOR_OFF and NET_CIPHERING_INDICATOR_ON which are probably defines for ciphering_status field in NET_CIPHERING_IND structure. Looks like those are defines for isi packets and if yes, isi modem could send us this information. @jonwil, can you recheck if above structure is really not exported by some dbus (or other) api? And if not, it is possible to listen for isi packets on n900 and manually parse them (e.g. find that NET_CIPHERING_IND)? |
Re: Cellular Network Information (Encryption)
Looks like it is used in sscd:
Code:
$ strings /usr/sbin/sscd | grep -i cipher |
| All times are GMT. The time now is 01:12. |
vBulletin® Version 3.8.8