Abstract
Wagner, Goldberg and Briceno have recently published an attack [2] on what they believe to be Comp128, the GSM A3A8 authentication function [1]. Provided that the attacker has physical access to the card and to its secret PIN code (the card has to be activated), this chosen plaintext attack recovers the secret key of the personalized SIM (Secure Identification Module) card by inducing collisions on the second (out of 40) round of the compression function. In this paper we suggest two different approaches to strengthen the alleged Comp128 algorithm with respect to this attack. An evaluation of the number of chosen plaintexts and the new complexity of the attack are given.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Handschuh, H., Paillier, P. (2000). Reducing the Collision Probability of Alleged Comp128. In: Quisquater, JJ., Schneier, B. (eds) Smart Card Research and Applications. CARDIS 1998. Lecture Notes in Computer Science, vol 1820. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10721064_34
Download citation
DOI: https://doi.org/10.1007/10721064_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67923-3
Online ISBN: 978-3-540-44534-0
eBook Packages: Springer Book Archive