project:gsm:deka:start
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
project:gsm:deka:start [2016/08/27 05:52] – [Roadmap] solved two problems (long ago) jenda | project:gsm:deka:start [2022/03/25 19:42] (current) – [Attack in a nutshell] update link jenda | ||
---|---|---|---|
Line 2: | Line 2: | ||
====== Deka - an OpenCL A5/1 cracker ====== | ====== Deka - an OpenCL A5/1 cracker ====== | ||
- | Deka is a fast, free and portable A5/1 (that' | + | Deka is a fast, free and portable A5/1 (that' |
Deka started as an attempt to port [[https:// | Deka started as an attempt to port [[https:// | ||
Line 23: | Line 23: | ||
===== Roadmap ===== | ===== Roadmap ===== | ||
- | |||
- | As of 2015-08-25, deka has been successfully tested against a real-world commercial GSM network. | ||
Nice to have features: | Nice to have features: | ||
* " | * " | ||
+ | |||
+ | Alternative features: | ||
+ | * delta.py does not use barriers/ | ||
+ | * paplon.py leaks memory -- reportqs are not freed when the client disconnects | ||
===== Attack in a nutshell ===== | ===== Attack in a nutshell ===== | ||
TL;DR You can go through the A5/1 keyspace and save some " | TL;DR You can go through the A5/1 keyspace and save some " | ||
- | Deka listens on a TCP socket, waits for a keystream and once you submit one, it finds a secret state that resulted in this keystream. Hence you need some GSM sniffer, keystream guesser, TCP client and secret state processor. [[:user:jenda:gsm|gsmtk]] implements exactly that. | + | Deka listens on a TCP socket, waits for a keystream and once you submit one, it finds a secret state that resulted in this keystream. Hence you need some GSM sniffer, keystream guesser, TCP client and secret state processor. [[https://jenda.hrach.eu/ |
Recommended configuration: | Recommended configuration: | ||
Line 39: | Line 41: | ||
* Computer running a recent Linux distribution (Deka has been developed on Debian Jessie with HD7970 cards, but definitely should work on other distributions and probably on other UNIX systems too), 64bit (we need a 64bit system as we allocate lots of memory) | * Computer running a recent Linux distribution (Deka has been developed on Debian Jessie with HD7970 cards, but definitely should work on other distributions and probably on other UNIX systems too), 64bit (we need a 64bit system as we allocate lots of memory) | ||
- | * Almost any CPU (deka is not really CPU hungry and it can't make use of more than ~4 cores) | + | * CPU power which depends on the rest of the system. For example an AMD FX-8150 |
* 8 or better 16 GB RAM to fit the table index, track bursts and have some space for block cache | * 8 or better 16 GB RAM to fit the table index, track bursts and have some space for block cache | ||
* OpenCL capable card, or several of them | * OpenCL capable card, or several of them | ||
- | | + | * Deka has been tested on AMD HD7970 and nVidia GTX 610M (which is of course slow). |
+ | | ||
===== Documentation ===== | ===== Documentation ===== | ||
Line 54: | Line 56: | ||
===== Getting deka ===== | ===== Getting deka ===== | ||
- | * git clone http:// | + | * git clone https:// |
- | * GitWeb: | + | * GitWeb: |
===== Contacts ===== | ===== Contacts ===== | ||
Line 68: | Line 70: | ||
</ | </ | ||
- | http:// | + | https:// |
===== Credits ===== | ===== Credits ===== | ||
- | * Řehoř Gölöncséryi (niekt0) and Tomash (sysop) for introducing me to GSM security and the [[:project: | + | * Řehoř Gölöncséryi (niekt0) and Tomash (sysop) for introducing me to GSM security and the [[project: |
* Kraken team, as there is very few documentation available - reading their sources was a great help in understanding the attack. | * Kraken team, as there is very few documentation available - reading their sources was a great help in understanding the attack. | ||
project/gsm/deka/start.txt · Last modified: 2022/03/25 19:42 by jenda