Cryptanalysis of the A5/2 Algorithm
نویسندگان
چکیده
An attack on the A5/2 stream cipher algorithm is described, that determines the linear relations among the output sequence bits. The vast majority of the unknown output bits can be reconstructed. The time complexity of the attack is proportional to 2. Introduction: A5 is the stream cipher algorithm used to encrypt the link from the telephone to the base station in the GSM system. According to [1], two versions of A5 exist: A5/1, the 'stronger' version, and A5/2, the 'weaker' version. The attacks on the A5/1, utilizing the birthday paradox, are described in [2, 3]. The attack on the A5/2 presented here is of algebraic nature. The scheme of the A5/2 algorithm is given in the Fig. 1. The LFSR R4 clocks the LFSRs R1; : : : ;R3 in the stop/go manner. The feedback polynomials of the registers are: g1(x) = 1 + x 14 + x + x + x, g2(x) = 1 + x 21 + x, g3(x) = 1 + x 8 + x + x + x, g4(x) = 1 + x 12 + x. The function F is the majority function F (x1; x2; x3) = x1x2 + x1x3 + x2x3. The communication in the GSM system is performed through frames. Each frame consists of 228 bits. For every frame to be enciphered, the initialization procedure takes place, that yields the initial state of the LFSRs on the basis of the 64-bit secret key K and the 22-bit frame number F . During the initialization, the bits of the secret key are rst imposed into all the LFSRs, at every clock pulse, without the stop/go clocking, starting from the LSB of each key byte. Then the bits of the frame number are imposed into all the LFSRs in the Instituto de F sica Aplicada (CSIC), Serrano 144, 28006 Madrid, Spain
منابع مشابه
Cryptanalysis of GSM encryption algorithm A5/1
The A5/1 algorithm is one of the most famous stream cipher algorithms used for over-the-air communication privacy in GSM. The purpose of this paper is to analyze several weaknesses of A5/1, including an improvement to an attack and investigation of the A5/1 state transition. Biham and Dunkelman proposed an attack on A5/1 with a time and data complexity of 239.91and 221.1, ...
متن کاملA Performance Survey of Meta-Heuristic And Brute-Force Search Algorithms to Cryptanalysis The SDES Encryption Algorithm
For many years, cryptanalysis has been considered as an attractive topic in jeopardizing the security and resistance of an encryption algorithm. The SDES encryption algorithm is a symmetric cryptography algorithm that performs a cryptographic operation using a crypt key. In the world of encryption, there are many search algorithms to cryptanalysis. In these researches, brute force attack algori...
متن کاملRecent Cryptanalysis of GSM A 5 / 1 Algorithm : What Does it Mean ?
This issue of Wireless Security Perspectives focuses on GSM and the December 1999 article titled Real Time Cryptanalysis of the Alleged A5/1 on a PC (preliminary draft) by Alex Biryukov and Adi Shamir. The authors describe an attack on the GSM A5/1 traffic encryption algorithm and claim that by analyzing the output of the algorithm, one can recover the cryptographic key in less than a second us...
متن کاملTime and Space Complexity Reduction of a Cryptanalysis Algorithm
Binary Decision Diagram (in short BDD) is an efficient data structure which has been used widely in computer science and engineering. BDD-based attack in key stream cryptanalysis is one of the best forms of attack in its category. In this paper, we propose a new key stream attack which is based on ZDD(Zero-suppressed BDD). We show how a ZDD-based key stream attack is more efficient in time and ...
متن کاملTime and Space Complexity Reduction of a Cryptanalysis Algorithm
Binary Decision Diagram (in short BDD) is an efficient data structure which has been used widely in computer science and engineering. BDD-based attack in key stream cryptanalysis is one of the best forms of attack in its category. In this paper, we propose a new key stream attack which is based on ZDD(Zero-suppressed BDD). We show how a ZDD-based key stream attack is more efficient in time and ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2000 شماره
صفحات -
تاریخ انتشار 2000