Conditional estimators: An effective attack on A5/1

49Citations
Citations of this article
35Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Irregularly-clocked linear feedback shift registers (LFSRs) are commonly used in stream ciphers. We propose to harness the power of conditional estimators for correlation attacks on these ciphers. Conditional estimators compensate for some of the obfuscating effects of the irregular clocking, resulting in a correlation with a considerably higher bias. On GSM's cipher A5/1, a factor two is gained in the correlation bias compared to previous correlation attacks. We mount an attack on A5/1 using conditional estimators and using three weaknesses that we observe in one of A5/1's LFSRs (known as R2). The weaknesses imply a new criterion that should be taken into account by cipher designers. Given 1500-2000 known-frames (about 4.9-9.2 conversation seconds of known keystream), our attack completes within a few tens of seconds to a few minutes on a PC, with a success rate of about 91%. To complete our attack, we present a source of known-keystream in GSM that can provide the keystream for our attack given 3-4 minutes of GSM ciphertext, transforming our attack to a ciphertext-only attack. © Springer-Verlag Berlin Heidelberg 2006.

Cite

CITATION STYLE

APA

Barkan, E., & Biham, E. (2006). Conditional estimators: An effective attack on A5/1. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3897 LNCS, pp. 1–19). https://doi.org/10.1007/11693383_1

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free