A Real-World Attack Breaking A5/1 within Hours

Abstract: In this paper we present a real-world hardware-assisted attack on the well-known A5/1 stream cipher which is (still) used to secure GSM communication in most countries all over the world. During the last ten years A5/1 has been intensively analyzed [1,2,3,4,5,6,7]. However, most of the proposed attacks are just of theoretical interest since they lack from practicability-due to strong preconditions, high computational demands and/or huge storage requirements-or have never been fully implemented. In contrast to … Show more

“…Where A = (a ij )3 n3 x 3 n3 is the state-transition matrix of the algorithm with size 3 n3 x 3 n3 1, i =1, j= 3u 2 , 3u 5 , 3n 2 1, i =3n 1 +1, j= 3u 1 , 3u 4 a ij = 1, i =3n 2 +1, j= 3u 3 , 3u 6 (2)…”

COZMO—A New Lightweight Stream Cipher

“…Where A = (a ij )3 n3 x 3 n3 is the state-transition matrix of the algorithm with size 3 n3 x 3 n3 1, i =1, j= 3u 2 , 3u 5 , 3n 2 1, i =3n 1 +1, j= 3u 1 , 3u 4 a ij = 1, i =3n 2 +1, j= 3u 3 , 3u 6 (2)…”

COZMO—A New Lightweight Stream Cipher

“…Gendrullis et al proposed and implemented also time memory tradeoff attack to generate the linear feedback shift registers content for reconstructing the 64-bit session key by using generated states and discarding only possible wrong states thereby reducing the level of unsuccessful result [18]. This technique required many checking possibilities.…”

A Proposed Lower Computational Complexity Secret Key Mirroring System on GSM

“…After clocking, an output bit is generated from the values of R 1 , R 2 , and R 3 by XORing their most significant bits, as shown in Equation (Biham & Dunkelman, 2000), KellerSeitz's attack (Keller & Seitz, 2001) and Gendrullis-Novotny-Rupp's attack (also known as the modified KellerSeitz attack) (Gendrullis, Novotny, & Rupp, 2008). All these attacks assume that consecutive 64 bits of the keystream are known.…”

An Improved Guess-and-Determine Attack on the A5/1 Stream Cipher