Analysis of the Initial and Modified Versions of the Candidate 3GPP Integrity Algorithm 128-EIA3

Thomas Fuhr 1 Henri Gilbert 1 Jean-René Reinhard 1 Marion Videau 1, 2
2 CARAMEL - Cryptology, Arithmetic: Hardware and Software
Inria Nancy - Grand Est, LORIA - ALGO - Department of Algorithms, Computation, Image and Geometry
Abstract : In this paper we investigate the security of the two most recent versions of the message authentication code 128-EIA3, which is considered for adoption as a third integrity algorithm in the emerging 3GPP standard LTE. We first present an efficient existential forgery at- tack against the June 2010 version of the algorithm. This attack allows, given any message and the associated MAC value under an unknown integrity key and an initial vector, to predict the MAC value of a related message under the same key and the same initial vector with a success probability 1/2. We then briefly analyse the tweaked version of the al- gorithm that was introduced in January 2011 to circumvent this attack. We give some evidence that while this new version offers a provable re- sistance against similar forgery attacks under the assumption that (key, IV) pairs are never reused by any legitimate sender or receiver, some of its design features limit its resilience against IV reuse.
Type de document :
Communication dans un congrès
Miri, Ali and Vaudenay, Serge. 18th International Workshop on Selected Areas in Cryptography SAC 2011, Aug 2011, Toronto, Canada. Springer, 7118, pp.230-242, 2011, Lecture Notes in Computer Science,; Selected Areas in Cryptography. <10.1007/978-3-642-28496-0>
Liste complète des métadonnées


https://hal.inria.fr/inria-00619235
Contributeur : Marion Videau <>
Soumis le : mercredi 29 février 2012 - 20:32:27
Dernière modification le : jeudi 22 septembre 2016 - 14:31:17
Document(s) archivé(s) le : vendredi 23 novembre 2012 - 16:11:26

Fichier

forgery.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Thomas Fuhr, Henri Gilbert, Jean-René Reinhard, Marion Videau. Analysis of the Initial and Modified Versions of the Candidate 3GPP Integrity Algorithm 128-EIA3. Miri, Ali and Vaudenay, Serge. 18th International Workshop on Selected Areas in Cryptography SAC 2011, Aug 2011, Toronto, Canada. Springer, 7118, pp.230-242, 2011, Lecture Notes in Computer Science,; Selected Areas in Cryptography. <10.1007/978-3-642-28496-0>. <inria-00619235>

Partager

Métriques

Consultations de
la notice

188

Téléchargements du document

367