Hi all,
recently I've been mentioning A5/4 in a couple of meetings. I've found
the (already approved) change requests that introduce A5/4 by coincidence
today:
http://www.3gpp.org/ftp/tsg_sa/TSG_SA/TSGS_45/docs/SP-090635.ziphttp://www.3gpp.org/ftp/tsg_sa/TSG_SA/TSGS_46/docs/SP-090821.zip
So basically A5/4 (and GEA4) use a 128bit Kc, and this mandates the use
of an USIM in USIM application mode. Old GSM SIM cards are not sufficient.
So A5/4 will be the first algorithm that uses a different Kc and will thus
not suffer from semi-active downgrading attacks (like you can do with old
phones and A5/2 to break A5/1 or A5/3, or you can do today with A5/3 if you
later use the same RAND on an A5/1 encrypted session).
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Hello,
I'm exicted to see the OpenBSC contribution and wanted to try out and test the OpenBSC. I tried hard to get the nano-bts so that I can deploy OpenBSC but could not find any place / dealer / online auction to get one (new / used).
I will appreciate if someone can help me pointing to the right people / firms from where I can buy the nano BTS.
Thanks,
Milind
Dear openbsc developers,
I have some questions regarding the sccp library code:
1- Where is implemented the write_data fct callback for sending sccp
message. have I to reimplement it with mtp3 layer to send sccp data or it is
implemented.
2- What are missing features of the library.
Please help.
Thank you.
Am Donnerstag, den 04.11.2010, 12:00 +0100 schrieb
openbsc-request(a)lists.gnumonks.org:
> Have you considered looking at the wiki? Where would you have looked
> for such kind of information?
sure i did. that's why i write here. and i still need a
system("pause")-command
Th.
--
Wer Rechtschreibfehler findet, darf sie behalten!
hello all,
i have a major problem with logging into the bs-11: with one of my
handys, i get the screen message "gsm04_08.c: 873: location updating
reject on channel 0". how do i handle this?
second problem: i need the wait-for-keypress-command, that what is
system("pause") in c++
Th.
--
Wer Rechtschreibfehler findet, darf sie behalten!
Hello,
Another beginner question. I have an ip.access that I'm using with openbsc.
It's working, and I can make calls between phones, etc. When I capture a
pcap I can view all the signaling between the ip.access and openbsc. But, I
never see any voice packets. I suppose this could be because both phones are
connected to the same bts. But, looking at some of the pcaps on the wiki, I
do see that others have captured the voice packets.
Is there a configuration option to force the voice data over the a-bis link?
Thanks!
Hi all!
As some of you know, we will again have an OpenBSC field test at the
Chaos Communication Congress from December 27-30 in Berlin / Germany.
I have already applied for the license from the regulatory authority. No
feedback yet, but I expect no problems, as it is more or less what we
had last year. The only difference is that I've asked for 6 ARFCN (5 last
year).
It will again be a nanoBTS / GSM 1800 setup.
Regarding the overall setup, I want to deviate from what we had last year
in the following way:
1) Issue our own SIM cards to permit Authentication + Encryption. This is
the perfect way how we can have a A5/1 based network that people can use
to play with airprobe + Kraken - without violating any laws.
In practise, this will mean we use 16in1 SIM cards, I have already bought
1000 of them. It also means that the GSM helpdesk will have to issue those
SIMC cards. I would suggest we simply sell them (as opposed to providing
them for a deposit, as we then would have to take back a lot of cards and
return money, which is a lot of overhead).
We will keep a database of all the IMSI + Ki tuples that we have issued,
which we will use as HLR + AuC. This database will be persistent, i.e.
at other events like the CCC camp 2011 or 28C3 we expect those SIM cards
to be used again without any registration.
2) Provide GPRS + EDGE services using OsmoSGSN and OpenGGSN. I am not sure
how stable this will run - but we have a good chacne of catching bugs in
our code by running at the event. We will be able to provide real-world
IP addresses to every mobile phone, without filter and without NAT !
I am not yet sure how we will deal with dividing the timeslots between
GSM and GPRS. The dynamic TCH / PDCH code in OpenBSC hasn't ever been
tested, so we might use a static configuration - potentially changing
that static config depending on the usage pattern / load we see.
3) Make dual-TRX setups standard (3 BTS with 2TRX each)
This is simply to enhance the capacity, particularly of SDCCH/8 resources
4) Consider putting all BTS in the same location area
This will significantly reduce our need for signalling channels, but at
the expense we no longer know where a particular phone is located in the
building. Thus, we might make this optional and see if it is needed for
load reasons.
5) Improve the SMS situation
The current SMS code still sucks really bad. We don't want this inside
OpenBSC, and we still don't do timer-based / automatic delivery. Using
the manual 'sms send pending' command causes severe blockage if the queue
is getting too large. I will try to squeeze in some time to rewrite this
code and make it run as external process.
6) User registration
So we sell SIM cards with a pre-programmed IMSI + Ki, but how do we
enable users to assign a phone number to them? Ideally I would want
them to simply register a phone number at the eventphone.de GURU
web interface ahead of the event. But how do we match the IMSI and
the phone number? Ask users to simply state the phone number they
registered? How do we get some kind of authentication?
Comments and additions are most welcome,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
>> Each SIM has a 'default' number, and if they want to instead use a
number they
>> pre-registred, have them text a 'token' (long enough not to guess a
>> valid one, but not too long as to be annoying).
>> That token is just displayed on eventphone.de when they register a
>> number as 'GSM' without an IMSI.
>
>ok, the other way around. The token is a unique value that they have
to SMS to
>OpenBSC... great idea. I like it that way.
i would like to ask eventphone to add a 10 digits token to the
registration tool. this way it is hard enough guess. the token shall be
generated randomly when not yet assigned to a phone number. the token is
used to authenticate:
- by sending SMS with the token (like said above)
- by dialing a service number and entering the token
- by giving the token to the GSM help desk.
Hi, list!
I'm planing to write a little function in OpenBSC to allow me to change
network data in real time (without stopping and starting OpenBSC again).
I'd like to change MCC, MNC, ARFCN, LAC and some other cells
information.
I tried to call shutdown_om for every BTS (just 1) and then
bootstrap_bts, but it does not seems to work...
Can someone say me what I'm doing false?
Thanks a lot
Luca Bertoncello
--
_______________________________________________________________________
Luca Bertoncello
Entwicklung Mail: bertoncello(a)netzing.de
NETZING Solutions AG Tel.: 0351/41381 - 23
Fröbelstr. 57, 01159 Dresden Fax: 0351/41381 - 12
_______________________________________________________________________
Impressum:
NETZING Solutions AG - Fröbelstraße 57 - 01159 Dresden
Sitz der Gesellschaft Amtsgericht Dresden HRB 18926
Vorstand Dieter Schneider - Aufsichtsratsvorsitzender Volker Kanitz
USt.Id DE211326547 Mail: netzing.ag(a)netzing.de