Hi everyone,<br><br>I&#39;ve just pushed a branch sylvain/encryption on the OpenBSC git that contains my current patches to support encryption.<br>Even if you don&#39;t have programmable SIMs, test it still works :) If a subscriber doesn&#39;t have a Ki set in the HLR or encryption isn&#39;t enabled in the config, the executed code path should be the exact same as before.<br>
<br>It uses COMP128 as a3/a8 so you can use common programmable SIMs. Currently a secure channel is established for<br> - LOCATION UPDATEs<br> - CM SERVICE REQUEST.<br>Support for PAGING RESPONSE is a little trickier and I haven&#39;t looked deeply into it.<br>
<br><br>To enable :<br><br> - Either recreate your HLR sqlite3,<br>   or update it like this (do a backup before hand !) :<br><br>  bash# sqlite3 hlr.sqlite3<br>  sqlite&gt; ALTER TABLE Subscriber ADD COLUMN ki BLOB;<br>  sqlite&gt; UPDATE Meta SET value = &#39;3&#39; WHERE key=&#39;revision&#39;;<br>
<br> - Add a &quot;a5 encryption 1&quot; line to your openbsc.cfg to enable encryption using A5/1<br><br> - Set the Ki of the subscriber. Using the vty interface is the simplest :<br>  bash# telnet 127.0.0.1 4242<br>  openbsc&gt; enable<br>
  openbsc# conf t<br>  openbsc# subscriber YOURIMSI<br>  openbsc# ki 0123456789abcdef0123456789abcdef<br><br><br>    Sylvain<br><br>