Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.1.3

A Fault Injection Attack on Stream Cipher A5/3  

Jeong, Ki-Tae (Center for Information Security Technologies, Korea University)
Lee, Yu-Seop (Center for Information Security Technologies, Korea University)
Sung, Jae-Chul (Department of Mathematics, University of Seoul)
Hong, Seok-Hie (Center for Information Security Technologies, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.1, 2012 , pp. 3-10 More about this Journal
Abstract
In this paper, we propose a fault injection attack on stream cipher A5/3 used in GSM. The fault assumption of this attack is based on that of fault injection attacks proposed in FDTC'05 and CISC-W'10. This attack is applicable to A5/3 supporting 64/128-bit session key, respectively, and can recover the session key by using a small number of fault injections. These works are the first known key recovery attack results on A5/3.
Keywords
Side channel analysis; Fault injection attack; Cryptanalysis; A5/3; Stream cipher;
Citations & Related Records
연도 인용수 순위
  • Reference
1 최두식, 오두환, 배기석, 문상재, 하재철, "반복문 오류 주입을 이용한 Triple DES 차분 오류 공격", 2010년도 한국정보보호학회 동계학술대회, pp. 308-312, 2010년 12월.
2 E. Barkan, E. Biham, and N. Keller, "Instant ciphertext-only cryptanalysis of GSM encrypted communications", CRYPTO' 03, LNCS 2729, pp. 600-616, 2003.
3 E. Biham and O. Dunkelman, "Cryptanalysis of the A5/1 GSM Stream Cipher", Indocrypt'00, LNCS 1977, pp.43-51, 2000.
4 H. Choukri and M. Tunstall, "Round Reduction Using Faults", Proceedings of the 2nd workshop on fault diagnosis and tolerance in cryptography - FDTC'05, pp. 13-24, Sept. 2005.
5 European Telecommunications Standards Institute (ETSI), "Digital cellular telecommunications system (Phase 2+)". Available at http://www.etsi.org.
6 P. Kocher, "Timing attacks on implementation of Diffie-Hellman", Crypto'96, LNCS 1109, pp. 104-113, 1996.
7 3GPP, "KASUMI Specification", http://www.3gpp.org/tb/other/algorithms.htm.