Revisit two memoryless state‐recovery cryptanalysis methods on A5/1
نویسندگان
چکیده
At ASIACRYPT 2019, Zhang proposed a near collision attack on A5/1 claiming to recover the 64-bit state with time complexity around 232 cipher ticks negligible memory requirements. Soon after its proposal, Zhang's was severely challenged by Derbez et al. who claimed that cannot have lower than Golic's memoryless guess-and-determine dating back EUROCRYPT 1997. In this article, both and attacks for recovering states complexities are studied. Firstly, new guessing technique called move can construct linear equation filters in more efficient manner is proposed. Such be applied efficiency improvements. Secondly, filtering strength of systems taken into account analysis. evaluated practical experiments making convincing. Based such techniques, authors able give 2 A5/1: 1st recovers internal s 0 ${\boldsymbol{s}}^{0}$ 243.92; 2nd one different 1 ${\boldsymbol{s}}^{1}$ 243.25. revisited. According our detailed analysis, recovery no 246.04, higher previously believed 243. On other hand, 253.19: further lowered 250.78 technique.
منابع مشابه
Cryptanalysis on two certificateless signature schemes
Certificateless cryptography [1] is a new paradigm that not only removes the inherent key escrow problem of identity based public cryptography [2] (ID-PKC for short), but also eliminates the cumbersome certificate management in traditional PKI. In CL-PKC, the actual private key of a user is comprised of two secrets: a secret value and a partial private key. The user generates a secret value by ...
متن کاملCryptanalysis on Four Two-Party Authentication Protocols
In this paper, we analyze four authentication protocols of Bindu et al., Goriparthi et al., Wang et al. and Holbl et al.. After investigation, we reveal several weaknesses of these schemes. First, Bindu et al.¡s protocol suffers from an insider impersonation attack if a malicious user obtains a lost smart card. Second, both Goriparthi et al.¡s and Wang et al.¡s protocols cannot withstand a DoS ...
متن کاملOn Two Strong Converse Theorems for Stationary Discrete Memoryless Channels
In 1973, Arimoto proved the strong converse theorem for the discrete memoryless channels stating that when transmission rate R is above channel capacity C, the error probability of decoding goes to one as the block length n of code word tends to infinity. He proved the theorem by deriving the exponent function of error probability of correct decoding that is positive if and only if R > C. Subse...
متن کاملOn Memoryless Quantitative Objectives
In two-player games on graph, the players construct an infinite path through the game graph and get a reward computed by a payoff function over infinite paths. Over weighted graphs, the typical and most studied payoff functions compute the limit-average or the discounted sum of the rewards along the path. Besides their simple definition, these two payoff functions enjoy the property that memory...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Iet Information Security
سال: 2023
ISSN: ['1751-8709', '1751-8717']
DOI: https://doi.org/10.1049/ise2.12120