At 11:43 AM 9/8/2003 -0400, Anton Stiglic wrote:
I think this is different however.  The recent attack focused on the A5/3
encryption algorithm, while the work of Lucky, Briceno, Goldberg, Wagner,
Biryukov, Shamir (and others?) was on A5/1 and A5/2 (and other crypto
algorithms of GSM, such as COMP128, ...).

No, that's not right. The attack *avoids* A5/3, by making the terminal end of the call fall back to A5/2, solving for the key in real time, then continuing to use the same key with A5/3.

A5/3 (based on Kasumi, and essentially the same as the WCDMA algorithm UEA1) is not in any way compromised by this attack.


Greg Rose INTERNET: [EMAIL PROTECTED] Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199 Level 3, 230 Victoria Road, Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C

--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to