[HGI-News-de] HGI Kolloquium Do, 27.5.: A Practical-Time Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony von Orr Dunkelman

Newsletter des Horst Görtz Instituts hgi-news-deutschland at lists.ruhr-uni-bochum.de
Mo Mai 24 22:50:58 CEST 2010 

Hallo,

im Rahmen des HGI Kolloquiums "Aktuelle Themen der IT-Sicherheit" wird am kommenden *Donnerstag* der folgende Vortrag angeboten:

Orr Dunkelman (Weizmann Institute of Science)
*A Practical-Time Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony*

Termin: Donnerstag, den 27. Mai um  11.00 Uhr (*s.t.*)
Raum: IC 4/161

Abstract: The privacy of most GSM phone conversations is currently protected by the 20+ years old A5/1 and A5/2 stream ciphers, which were repeatedly shown to be cryptographically weak. They will soon be replaced by the new A5/3 (and the recently announced A5/4) algorithm based on the block cipher KASUMI, which is a modified version of MISTY.  In this work we describe a new type of attack called a sandwich attack, and use it to construct a simple distinguisher for 7 of the 8 rounds of KASUMI with an amazingly high probability of 2^{-14}. By using this distinguisher and analyzing the single remaining round, we can derive the complete 128 bit key of the full KASUMI by using only 4 related keys, 2^{26} data, 2^{30} bytes of memory, and 2^{32} time. These complexities are so small that we have actually simulated the attack in less than two hours on a single PC, and experimentally verified its correctness and complexity.
This is a joint work with Nathan Keller and Adi Shamir.

Interessierte sind herzlich eingeladen!


Vorankündigung: 
10. Juni 2010: Markus Kasper (EMSEC), Title TBA - 17. Juni 2010: Roberto Avanzi (RUB), Arithmetic of Supersingular Koblitz Curves in Characteristic Three - 24. Juni 2010: Christopher Wolf (AG Long Term Security), Äquivalente Schlüssel in Multivariaten Quadratischen Systemen - 1. Juli: Juraj Somorovsky (NDS), Streaming-based verification of XML Signatures in SOAP Messages – 5. Juli, Montag(!): Susanne Wetzel (Stevens Institute of Technology), TBA - 8. Juli: Peter Schwabe (Eindhoven University of Technology), New Software Speed Records for Cryptographic Pairings - 15. Juli: Alexander Meurer(CITS), Correcting Errors in RSA Private Keys.


Informationen über die nächsten geplanten Vorträge im Rahmen des HGI Kolloquiums sind auch im Web zu finden:
http://www.hgi.rub.de/hgi/hgi-seminar/aktuelles


Viele Grüße
Timo

Mehr Informationen über die Mailingliste Hgi-News-Deutschland