Paper Info
Title
A Hardware-Assisted Realtime Attack on A5/2 Without Precomputations
Abstract
A5/2 is a synchronous stream cipher that is used for protecting GSM communication. Recently, some powerful attacks [2,5] on A5/2 have been proposed. In this contribution we enhance the ciphertext-only attack [2] by Barkan, Biham, and Keller by designing special-purpose hardware for generating and solvingthe required systems of linear equations. For realizing the LSE solver component, we use an approach recently introduced in [5,6] describing a parallelized hardware implementation of the Gauss-Jordan algorithm. Our hardware-only attacker immediately recovers the initial secret state of A5/2 - which is sufficient for decrypting all frames of a session - using a few ciphertext frames without any precomputations and memory. More precisely, in contrast to [2] our hardware architecture directly attacks the GSM speech channel (TCH/FS and TCH/EFS). It requires 16 ciphertext frames and completes the attack in about 1 second. With minor changes also input from other GSM channels (e.g., SDCCH/8) can be used to mount the attack.
Year
DOI
Venue
2007
10.1007/978-3-540-74735-2_27
CHES
Keywords
Field
DocType
ciphertext-only attack,parallelized hardware implementation,gsm channel,gauss-jordan algorithm,powerful attack,special-purpose hardware,gsm speech channel,hardware architecture,ciphertext frame,hardware-assisted realtime attack,gsm communication,a5 2,gsm,linear system of equations,stream cipher,cryptanalysis,gaussian elimination
GSM,Computer science,Communication channel,Cryptanalysis,Theoretical computer science,Stream cipher,Solver,Gaussian elimination,Ciphertext,Computer hardware,Hardware architecture
Conference
Volume
ISSN
Citations 
4727
0302-9743
8
PageRank 
References 
Authors
0.89
11
3
Name
Order
Citations
PageRank
Andrey Bogdanov1206798.10
Thomas Eisenbarth284061.33
Andy Rupp319616.95