[Gsmmap] Is someone asking about GSM-R security in europe ?

Ralph A. Schmid, dk5ras ralph at schmid.xxx
Thu Feb 5 12:29:41 CET 2015

For Germany I was told that they use crypto and auth in the GSM-R system, so I do not see any obvious issues, however I did not yet verify this. The application layer is another thing, this has nothing to do with GSM :)


Their problem is more a somehow strange network design, the requested levels around -95dBm are in my opinion way too low. And guess what, they have issues in areas with many commercial GSM stations from intermodulation and desensing. But again nothing for the scope of this list...




From: gsmmap-bounces at lists.srlabs.de [mailto:gsmmap-bounces at lists.srlabs.de] On Behalf Of Karsten Nohl
Sent: Thursday, February 5, 2015 11:46 AM
To: Pedro Cabrera
Cc: gsmmap at lists.srlabs.de
Subject: Re: [Gsmmap] Is someone asking about GSM-R security in europe ?


Dear Pedro, 


How would you define a GSM-R insecurity? Are lack of encryption or authentication actual problems for train communication?


To my knowledge, the networks carry M2M information that — at least in theory — should be encrypted and authenticated on the application layer.







On Feb 4, 2015, at 19:48 , Pedro Cabrera <pedrocab at gmail.com <mailto:pedrocab at gmail.com> > wrote:


Hi Ralph,


I don't have official access, I’m a security researcher that sometimes I go out to capture what’s going on in the GSM networks.


It's pretty easy to find out on Google GSM-R agreements and tech documents with specifications (don't miss security points and their mandatory nature ...), also an interesting table with GSMR network providers per country.


I guess is out of scope for GSMmap.org <http://GSMmap.org>  to map this networks, but I find interesting to assess their security in comparison with the baseline established by SRlabs.






2015-02-03 15:54 GMT+01:00 Ralph A. Schmid, dk5ras <ralph at schmid.xxx <mailto:ralph at schmid.xxx> >:

Do you have official access to those, or who could you find out? I am also highly interested into this matter...




From: gsmmap-bounces at lists.srlabs.de <mailto:gsmmap-bounces at lists.srlabs.de>  [mailto:gsmmap-bounces at lists.srlabs.de <mailto:gsmmap-bounces at lists.srlabs.de> ] On Behalf Of Pedro Cabrera
Sent: Tuesday, February 3, 2015 10:29 AM
To: gsmmap at lists.srlabs.de <mailto:gsmmap at lists.srlabs.de> 
Subject: [Gsmmap] Is someone asking about GSM-R security in europe ?


Hello all,


Are there plans to integrate in the GSMmap info about the GSM-Railway networks ?


The experience I have when taking a look to this network is horrible, worst than comercial GSM networks (yes, it is possible...) in terms of security.


I'm interested to know if this is just my experience or someone else found this kind of networks so out of the subject regarding security and GSM.


Thank you all,



Gsmmap mailing list
Gsmmap at lists.srlabs.de <mailto:Gsmmap at lists.srlabs.de> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.srlabs.de/pipermail/gsmmap/attachments/20150205/3b0fc3f1/attachment-0002.html>

More information about the Gsmmap mailing list