FPGA implementation of an improved attack against the DECT standard cipher

  • Authors:

  • Michael Weiner;Erik Tews;Benedikt Heinz;Johann Heyszl

  • Affiliations:

  • Fraunhofer Institute for Secure Information Technology, Munich, Germany, TU Darmstadt, Germany;Fraunhofer Institute for Secure Information Technology, Munich, Germany, TU Darmstadt, Germany;Fraunhofer Institute for Secure Information Technology, Munich, Germany, TU Darmstadt, Germany;Fraunhofer Institute for Secure Information Technology, Munich, Germany, TU Darmstadt, Germany

  • Venue:
  • ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

The DECT Standard Cipher (DSC) is a proprietary stream cipher used for enciphering payload of DECT transmissions such as cordless telephone calls. The algorithm was kept secret, but a team of cryptologists reverse-engineered it and published a way to reduce the key space when enough known keystreams are available [4]. The attack consists of two phases: At first, the keystreams are analyzed to build up an underdetermined linear equation system. In the second phase, a bruteforce attack is performed where the equation system limits the number of potentially valid keys. In this paper, we present an improved variant of the first phase of the attack as well as an optimized FPGA implementation of the second phase, which can be used with our improved variant or with the original attack. Our improvement to the first phase of the attack is able to more than double the success probability of the attack, depending of the number of available keystreams. Our FPGA implementation of the second phase of the attack is currently the most cost-efficient way to execute the second phase of the attack.