Abstract
We cryptanalyze a type of stream generator with three linear-feedback shift registers that are mutually clocked in a stop/go manner and have the property of sequences of state space convergence. By guessing the clock-controlled sequence and employing a backtracking search, we propose an algorithm attack on the type of stream generator based on hardware implementation. In particular, the time complexity of the algorithm attacking the encryption algorithm A5/1 is 243.869 clock periods. With our hardware architecture, we investigate the implementation of the algorithm on field programmable gate array and application-specific integrated circuit for an attack on A5/1. As a result, we can retrieve the initial states of A5/1’s registers in 2 s on average without pre-computation if we have 64 known key-stream bits.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Zeng G, He K C, Han W B. A trinomial type of σ-LFSR oriented toward software implementation. Sci China Ser F-Inf Sci, 2007, 50: 359–372
GSM Association. GSM World-Home of the GSM Association. http://www.gsmworld.com/
Anderson R. A5 (was: Hacking digital phones). http://yarchive.net/phone/gsmcipher.html, Newsgroup Communication, 1994
Golic J. Cryptanalysis of alleged A5 stream cipher. In: Proceedings of Eurocrypt’97. Berlin: Springer-Verlag, 1997. 239–255
Golic J. Cryptanalysis of three mutually clock-controlled stop/go shift registers. IEEE Trans Inf Theory, 2000, 46: 1081–1090
Biryukov A, Shamir A, Wagner D. Real time cryptanalysis of A5/1 on a PC. In: Proceedings of the 8th International Workshop on Fast Software Encryption, Yokohama, 2001. 1–18
Kumar S, Paar C, Pelzl J, et al. Breaking ciphers with COPACOBANA-a cost-optimized parallel code breaker. In: Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems 2006, Yokohama, 2006, 101–118
Nohl K, Paget C. GSM: SRSLY? In: 26th Chaos Communication Congress, Berlin, 2009
Krause M. BDD-based cryptanalysis of keystream generators. In: Proceedings of EUROCRYPT 2002, Amsterdam, 2002. 222–237
Stegemann D. Fbdd-basierte kryptanalyse des A5/1 schlussel strom generators (in German). Thesis for the Master’s Degree. Mannheim: University of Mannheim, 2004
Hu Z Y, Sun F C. Ciphertext verification security of symmetric encryption schemes. Sci China Ser F-Inf Sci, 2009, 52: 1617–1631
Hamdan A, Bartlett H. State space convergence in the A5/1 keystream generator. http://www.spms.ntu.edu.sg/Asiacrypt2010/Rump, 2010
Glendrange M, Hove K, Hvideberg E. Decoding GSM. Thesis for the Master’s Degree. Trondheim: Norwegian University of Science and Techonology, 2010
Keller J. Efficient sampling of the structure of crypto generators’ state transition graphs. In: Proceedings of the Second European Conference on Computer Network Defence, Wales, 2007. 3–12
Bogdanov A, Mertens M, Paar C, et al. A parallel hardware architecture for fast Gaussian elimination over GF(2). In: Proceedings of the 14th IEEE Symposium on Field-Programmable Custom Computing Machines, Napa, 2006. 237–248
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Li, L., Liu, X., Wang, Z. et al. An improved attack on clock-controlled shift registers based on hardware implementation. Sci. China Inf. Sci. 56, 1–10 (2013). https://doi.org/10.1007/s11432-012-4682-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-012-4682-8