Synchronization Fault Cryptanalysis for Breaking A5/1

13 years 10 months ago

Download kutylowski.im.pwr.wroc.pl

Abstract. A5/1 pseudo-random bit generator, known from GSM networks, potentially might be used for different purposes, such as secret hiding during cryptographic hardware testing, stream encryption in piconets and others. The main advantages of A5/1 are low cost and a ﬁxed output ratio. We show that a hardware implementation of A5/1 and similar constructions must be quite careful. It faces a danger of a new kind of attack, which signiﬁcantly reduces possible keyspace, allowing full recovery of A5/1 internal registers’ content. We use “fault analysis” strategy: we disturb the A5/1 encrypting device (namely, clocking of the LFSR registers) so it produces an incorrect keystream, and through error analysis we deduce the state of the internal registers. If a secret material is used to initialize the generator, like in GSM, this may enable recovering the secret. The attack is based on unique properties of the clocking scheme used by A5/1, which is the basic security component of th...

Marcin Gomulkiewicz, Miroslaw Kutylowski, Heinrich

Real-time Traffic

A5/1 | Algorithms | Internal Registers | Pseudo-random Bit Generator | WEA 2005 |

claim paper

Post Info
More Details (n/a)

Added	28 Jun 2010
Updated	28 Jun 2010
Type	Conference
Year	2005
Where	WEA
Authors	Marcin Gomulkiewicz, Miroslaw Kutylowski, Heinrich Theodor Vierhaus, Pawel Wlaz

Comments (0)

Sciweavers

Synchronization Fault Cryptanalysis for Breaking A5/1

A5/1 | Algorithms | Internal Registers | Pseudo-random Bit Generator | WEA 2005 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers