Cryptanalysis of alleged A5 stream cipher
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Cryptanalysis of Stream Cipher Alpha1
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Design of an Authentication Protocol for Gsm Javacards
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
BDD-Based Cryptanalysis of Keystream Generators
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
A Contemporary Foreword on GSM Security
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Distinguishing Attacks on SOBER-t16 and t32
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
A Time-Memory Tradeoff Attack Against LILI-128
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
An Efficient Stream Cipher Alpha1 for Mobile and Wireless Devices
Proceedings of the 8th IMA International Conference on Cryptography and Coding
Software-Hardware Trade-Offs: Application to A5/1 Cryptanalysis
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
A Hardware-Assisted Realtime Attack on A5/2 Without Precomputations
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
New Stream Cipher Designs
A Real-World Attack Breaking A5/1 within Hours
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
New Distinguishers Based on Random Mappings against Stream Ciphers
SETA '08 Proceedings of the 5th international conference on Sequences and Their Applications
Improving the Rainbow Attack by Reusing Colours
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Security enhancements against UMTS-GSM interworking attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Cryptanalysis of the DECT standard cipher
FSE'10 Proceedings of the 17th international conference on Fast software encryption
A practical-time related-key attack on the KASUMI cryptosystem used in GSM and 3G telephony
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Defeating any secret cryptography with SCARE attacks
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Speaker recognition in encrypted voice streams
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
State convergence in the initialisation of stream ciphers
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Parallel logical cryptanalysis of the generator A5/1 in BNB-grid system
PaCT'11 Proceedings of the 11th international conference on Parallel computing technologies
An improved correlation attack on a5/1
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
TMD-Tradeoff and state entropy loss considerations of streamcipher MICKEY
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
Time-Memory trade-offs: false alarm detection using checkpoints
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
Reducing the space complexity of BDD-Based attacks on keystream generators
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
ECRYPT: the cryptographic research challenges for the next decade
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Synchronization fault cryptanalysis for breaking a5/1
WEA'05 Proceedings of the 4th international conference on Experimental and Efficient Algorithms
On the effectiveness of TMTO and exhaustive search attacks
IWSEC'06 Proceedings of the 1st international conference on Security
Conditional estimators: an effective attack on A5/1
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Improved time-memory trade-offs with multiple data
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
On related-key attacks and KASUMI: the case of a5/3
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Analysis of the parallel distinguished point tradeoff
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Baseband attacks: remote exploitation of memory corruptions in cellular protocol stacks
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
A secure approach for SMS in GSM network
Proceedings of the CUBE International Information Technology Conference
Differential attacks against stream cipher ZUC
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Contemporary Issues in Handheld Computing Research
International Journal of Handheld Computing Research
A review of security attacks on the GSM standard
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Slid pairs in the initialisation of the A5/1 stream cipher
AISC '13 Proceedings of the Eleventh Australasian Information Security Conference - Volume 138
An analysis of chain characteristics in the cryptanalytic TMTO method
Theoretical Computer Science
SMS-based one-time passwords: attacks and defense
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Let me answer that for you: exploiting broadcast information in cellular networks
SEC'13 Proceedings of the 22nd USENIX conference on Security
An experimental security analysis of two satphone standards
ACM Transactions on Information and System Security (TISSEC)
Enhancing security in mobile data networks through end user and core network cooperation
Proceedings of International Conference on Advances in Mobile Computing & Multimedia
Hi-index | 0.00 |
A5/1 is the strong version of the encryption algorithm used by about 130 million GSM customers in Europe to protect the over-the-air privacy of their cellular voice and data communication. The best published attacks against it require between 240 and 245 steps. This level of security makes it vulnerable to hardware-based attacks by large organizations, but not to software-based attacks on multiple targets by hackers. In this paper we describe new attacks on A5/1, which are based on subtle flaws in the tap structure of the registers, their noninvertible clocking mechanism, and their frequent resets. After a 248 parallelizable data preparation stage (which has to be carried out only once), the actual attacks can be carried out in real time on a single PC. The first attack requires the output of the A5/1 algorithm during the first two minutes of the conversation, and computes the key in about one second. The second attack requires the output of the A5/1 algorithm during about two seconds of the conversation, and computes the key in several minutes. The two attacks are related, but use different types of time-memory tradeoffs. The attacks were verified with actual implementations, except for the preprocessing stage which was extensively sampled rather than completely executed. REMARK: We based our attack on the version of the algorithm which was derived by reverse engineering an actual GSM telephone and published at http://www.scard.org. We would like to thank the GSM organization for graciously confirming to us the correctness of this unofficial description. In addition, we would like to stress that this paper considers the narrow issue of the cryptographic strength of A5/1, and not the broader issue of the practical security of fielded GSM systems, about which we make no claims.