Sorry when i had the idea i thought it clever which is not the case yet.
But i may think that which choosen rand we may downgrade from 256 bits to 128 bits
but for old sims and even 128 bits are unbreackable. Sorry again and please forget it and forgive me for it.
For those interested we can execute the attack flow like that research (soory for the french ... google trnaslate)
The poitiers 's research was ahead me cause i didin't get the kc. But they have MS kept busy when connecting
to legit BTS to get rid out of this have fun with Nico Golde' paging attack.
But I wanted to go further by overkilling 2G with Ki cracking by using a3a8 algorithm
but i had made a confusion with 128 and 64 bits for dimensionnement of the attack ;) a little big error
which if it was possible make it impossible (at least in this state of art). Yes I meaned 128bits and not 256 at least
up to compv3 cause with ciphering mode completed attack you forward the rand legit bts so in the same idea you can
set a "static" rand (lol) and if the ki was 64 bits generate rainbows but little cufion of 64bits which made the attack from
few minuts to billions years. Hope you have enjoyed the reading. And Thank You OsmoCom(munity)