0

I read that phones encrypt communication (GSM as implemented in 2G,3G..) - particularly voice as SMS are unencrypted - using a stream cipher.

Symmetric Stream ciphers use the flip-flop machinery to start (a true random generator imho), and then they follow some algorithm to change message bitwise ( and can be broken with simple linear algebra if enough x and y are intercepted. )

But there is no clear explanation (in the Christopher Paar course at Youtube, a neat course) as to how the phones agree on this key.

Any pointers?

ysdx
  • 851
  • 6
  • 14
Mah Neh
  • 25
  • 5
  • I believe this answers your question: https://security.stackexchange.com/a/88679/52676. It's less about a how a key is shared and more that there are multiple "modes" used. The mode is broadcast in the protocol so each phone knows what cipher mode to use for encryption/decryption. – RoraΖ May 03 '22 at 12:48
  • @mentallurg from the title no. I know they are encrypted. How do they share the key is the question. Please carefully read title. – Mah Neh May 03 '22 at 17:30
  • @MahNeh while the title itself might imply that it answers your question the answers provided I believe do answer your question. You might want to carefully consider all answers. It would allow you to be more specific in what you don't understand about the protocol. – RoraΖ May 03 '22 at 19:20
  • 2
    Does this answer your question? [Are phone calls on a GSM network encrypted?](https://security.stackexchange.com/questions/35376/are-phone-calls-on-a-gsm-network-encrypted) –  May 09 '22 at 10:01

1 Answers1

2

Symmetric Stream ciphers use the flip-flop machinery to start (a true random generator imho)

Not sure what you mean by "flip-flop machinery", but a stream cipher is not a true random number generator, it is a pseudorandom number generator. The initial key selection may be done by a true random number generator, but can also be done based on a password or through a key agreement protocol.

and can be broken with simple linear algebra if enough x and y are intercepted.

If you are using a cryptographically secure stream cipher, and are not using it improperly (no key-nonce pair reuse), then it cannot be broken with simple linear algebra. However, the ciphers used by GSM are not cryptographically secure, hence why they can be broken.

But there is no clear explanation (in the Christopher Paar course at Youtube, a neat course) as to how the phones agree on this key

From https://www.tutorialspoint.com/gsm/gsm_security.htm:

A 128-bit Random Number (RAND) is sent to the MS (phone)

...

The SIM contains the ciphering key generating algorithm (A8) that is used to produce the 64-bit ciphering key (Kc). This key is computed by applying the same random number (RAND) used in the authentication process to ciphering key generating algorithm (A8) with the individual subscriber authentication key (Ki).

nobody
  • 11,251
  • 1
  • 41
  • 60