Sciweavers

CARDIS
1998
Springer

Reducing the Collision Probability of Alleged Comp128

14 years 4 months ago
Reducing the Collision Probability of Alleged Comp128
Wagner, Goldberg and Briceno have recently published an attack [2] on what they believe to be Comp128, the GSM A3A8 authentication hash function [1]. Provided that the attacker has physical access to the card and to its secret PIN code (the card has to be activated), this chosen plaintext attack recovers the secret key of the personalized SIM (Secure Identification Module) card by inducing collisions on the second (out of 40) round of the hash function. In this paper we suggest two different approaches to strengthen the alleged Comp128 algorithm with respect to this attack. An evaluation of the number of chosen plaintexts and the new complexity of the attack are given. Keywords. Alleged Comp128, chosen plaintext attack, authentication, hash function, cryptanalysis, smart cards, GSM.
Helena Handschuh, Pascal Paillier
Added 05 Aug 2010
Updated 05 Aug 2010
Type Conference
Year 1998
Where CARDIS
Authors Helena Handschuh, Pascal Paillier
Comments (0)