This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Sylvain Munaut 246tnt at gmail.comHi everyone,
I've just pushed a branch sylvain/encryption on the OpenBSC git that
contains my current patches to support encryption.
Even if you don't have programmable SIMs, test it still works :) If a
subscriber doesn't have a Ki set in the HLR or encryption isn't enabled in
the config, the executed code path should be the exact same as before.
It uses COMP128 as a3/a8 so you can use common programmable SIMs. Currently
a secure channel is established for
- LOCATION UPDATEs
- CM SERVICE REQUEST.
Support for PAGING RESPONSE is a little trickier and I haven't looked deeply
into it.
To enable :
- Either recreate your HLR sqlite3,
or update it like this (do a backup before hand !) :
bash# sqlite3 hlr.sqlite3
sqlite> ALTER TABLE Subscriber ADD COLUMN ki BLOB;
sqlite> UPDATE Meta SET value = '3' WHERE key='revision';
- Add a "a5 encryption 1" line to your openbsc.cfg to enable encryption
using A5/1
- Set the Ki of the subscriber. Using the vty interface is the simplest :
bash# telnet 127.0.0.1 4242
openbsc> enable
openbsc# conf t
openbsc# subscriber YOURIMSI
openbsc# ki 0123456789abcdef0123456789abcdef
Sylvain
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/openbsc/attachments/20091224/0208802d/attachment.htm>