Sembra che nel mondo telefonico della GSM association e 3GPP l'utilizzo di algoritmi consolidati e assodati come "standard", rendendo il tutto meramente modulare ed aggiornabile nel tempo non sia una cosa
Per il 4G viene proposta la suite di algoritmi ZUC. Di seguito l'annuncio con cui viene sottoposta a public review. Sembra un po' una barzelletta, visto che c'? tempo fino a Gennaio 2011 Per AES la valutazione da parte del NIST con un contest aperto ? stata un filo pi? impegnativa (http://csrc.nist.gov/archive/aes/). Oggi invece il mondo telefonico propone solo 4 mesi per fare una public review di un set di algoritmi che rappresentano i buildingblocks del futuro della societ? dell'informazione in mobilit?? Secondo me non c'? pi? religione, si esce un ora prima e le lobby della telefonia mi hanno un po' scocciato per il modo di fare... -- New Mobile Phone Security Algorithms - Public Evaluation Invited A new set of cryptographic algorithms is being proposed for inclusion in the "4G" mobile standard called LTE (Long Term Evolution). The algorithms are: * a stream cipher called ZUC, which is the core of both new LTE algorithms; * the LTE encryption algorithm called 128-EEA3, defined straightforwardly using ZUC; * the LTE integrity algorithm called 128-EIA3, designed as a Universal Hash Function using ZUC as its core. The algorithms are here: http://gsmworld.com/our-work/programmes-and-initiatives/fraud-and-security/gsm_security_algorithms.htm <http://gsmworld.com/our-work/programmes-and-initiatives/fraud-and-security/gsm_security_algorithms.htm>. All of the algorithms were designed by DACAS, the Data Assurance and Communication Security Research Center of the Chinese Academy of Sciences. They have been evaluated by the algorithm standardisation group ETSI SAGE, and also by two other teams of well known cryptologists, and are believed to be strong and suitable for LTE. Now the algorithms are open for public evaluation. Comments and analysis are invited, before a final decision is taken in (probably) January 2011 as to whether to include the new algorithms in the LTE standard. A discussion forum http://zucalg.forumotion.net/ has been created for this - please post any evaluation results there. --
________________________________________________________ http://www.sikurezza.org - Italian Security Mailing List
