User:Martlau/gsmwrap

How easy is it change the authentication crypt algorithm?
The authetification algorithm is implemented in the SIM card and in the service provider's server. Each SIM card (thus each customer account) can have a different authentication algorithm (A3 / A8), which renders mass decryption virtually impossible. Currently, most service providers use COMP128, which is quite vulnerable. Changes the algorithm require a new SIM card and new software for the service provider. No other service provider / cell phone manufacturer needs to change any deployed infrastructure. Thus planning on being able to break the encryption of SIM cards in the long run is a very weak position if you are costing the service providers significant revenue loss.

Pricing scheme exploits

 * Unlimited inbound calling
 * Unlimited outbound calling for 1-5 favorite numbers
 * Account switching for cheaper minutes (bulk and no-roaming)
 * Lower minimum monthly rates and no frills service

Some important numbers

 * Maximum time to respond to an authentication request is 10 seconds.
 * Registration of a new phone is 10 seconds.