The Stream Cipher Core of the 3GPP Encryption Standard 128-EEA3: Timing Attacks and Countermeasures
نویسنده
چکیده
The core of the 3 Generation Partnership Project (3GPP) encryption standard 128-EEA3 is a stream cipher called ZUC. It was designed by the Chinese Academy of Sciences and proposed for inclusion in the cellular wireless standards called “Long Term Evolution” or “4G”. The LFSR-based cipher uses a 128-bit key. In this paper, we first show timing attacks on ZUC that can recover, with about 71.43% success rate, (i) one bit of the secret key immediately, and (ii) information involving 6 other key bits. The time, memory and data requirements of the attacks are negligible. While we see potential improvements to the attacks, we also suggest countermeasures.
منابع مشابه
Differential Attacks against Stream Cipher ZUC
Stream cipher ZUC is the core component in the 3GPP confidentiality and integrity algorithms 128-EEA3 and 128-EIA3. In this paper, we present the details of our differential attacks against ZUC 1.4. The vulnerability in ZUC 1.4 is due to the non-injective property in the initialization, which results in the difference in the initialization vector being cancelled. In the first attack, difference...
متن کاملDSP-128: Stream Cipher Based On Discrete Log Problem And Polynomial Arithmetic
DSP-128 is a new multithreaded stream cipher based on the intractability of the Discrete Logarithm Problem (DLP) with key size of 128-bit. The design of DSP-128 is divided into three stages: Initialization Stage, Keystream Generation Stage, and Encryption Stage. The design goal of DSP-128 is to come up with a secure stream cipher with good performance for data encryption. The experimental resul...
متن کاملCPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking
Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against...
متن کاملLCASE: Lightweight Cellular Automata-based Symmetric-key Encryption
We propose a lightweight block cipher that supports 128bit block size with 128-, 192and 256-bit keys, to confirm with the Advanced Encryption Standard (AES) specification. All components of LCASE are chosen to be cellular automata-based so as to achieve higher parallelism and simplify the implementation. Apart from that, the other virtues of LCASE are its high speed and cheap cost along with be...
متن کاملOn the Security of RC4 in TLS
The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data in transit across untrusted networks. TLS has become the de facto protocol standard for secured Internet and mobile applications. TLS supports several symmetric encryption options, including a scheme based on the RC4 stream cipher. In this paper, we present ciphertext-only plaintext recovery attack...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011