Partitioning attacks: or how to rapidly clone some GSM cards

In this paper, we introduce a new class of side-channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Rao, J.R., Rohatgi, P., Scherzer, H., Tinguely, S.
Format:	Tagungsbericht
Sprache:	eng
Schlagworte:	Applied sciences Authentication Cloning Cryptographic protocols Cryptography Exact sciences and technology GSM Information, signal and communications theory Partitioning algorithms Protection Resists Security Signal and communications theory Table lookup Telecommunications Telecommunications and information theory Teleprocessing networks. Isdn
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	41
container_issue
container_start_page	31
container_title
container_volume
creator	Rao, J.R. Rohatgi, P. Scherzer, H. Tinguely, S.
description	In this paper, we introduce a new class of side-channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of SIM cards, to retrieve the 128 bit key using as few as 8 chosen plaintexts. We show how partitioning attacks can be used effectively to attack implementations that have been equipped with ad hoc and inadequate countermeasures against side-channel attacks. Such ad hoc countermeasures are systemic in implementations of cryptographic algorithms, such as COMP128, which require the use of large tables since there has been a mistaken belief that sound countermeasures require more resources than are available. To address this problem, we describe a new resource-efficient countermeasure for protecting table lookups in cryptographic implementations and justify its correctness rigorously.
doi_str_mv	10.1109/SECPRI.2002.1004360
format	Conference Proceeding
fullrecord	<record><control><sourceid>proquest_6IE</sourceid><recordid>TN_cdi_ieee_primary_1004360</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1004360</ieee_id><sourcerecordid>27655949</sourcerecordid><originalsourceid>FETCH-LOGICAL-i304t-acb27eb858495fdfd7bebd5e94b40217200e5b08ba85d3e415e42d7df477a80b3</originalsourceid><addsrcrecordid>eNpFkE1LAzEYhIMfYKn9Bb3koretb742G_EipdZCxWL1vCSbrEa3m5psKf33LrTgXOYwDwMzCI0JTAgBdbeeTVdviwkFoBMCwFkOZ2hAmRQZoSDP0UjJAmSuBBGc8Qs0IFCQLAdCrtAopW_oxQUHkg_Qw0rHznc-tL79xLrrdPWT7nGI-CvscRdw1FtvmwOumtA6nMLG4fn6BVc62nSNLmvdJDc6-RB9PM3ep8_Z8nW-mD4uM8-Ad5muDJXOFKLgStS2ttI4Y4VT3HCgRPZLnDBQGF0IyxwnwnFqpa25lLoAw4bo9ti7jeF351JXbnyqXNPo1oVdKqnMhVBc9eDNCdSp0k0ddVv5VG6j3-h4KImQQglGe2585Lxz7j8-nsn-AMSjZOo</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype><pqid>27655949</pqid></control><display><type>conference_proceeding</type><title>Partitioning attacks: or how to rapidly clone some GSM cards</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Rao, J.R. ; Rohatgi, P. ; Scherzer, H. ; Tinguely, S.</creator><creatorcontrib>Rao, J.R. ; Rohatgi, P. ; Scherzer, H. ; Tinguely, S.</creatorcontrib><description>In this paper, we introduce a new class of side-channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of SIM cards, to retrieve the 128 bit key using as few as 8 chosen plaintexts. We show how partitioning attacks can be used effectively to attack implementations that have been equipped with ad hoc and inadequate countermeasures against side-channel attacks. Such ad hoc countermeasures are systemic in implementations of cryptographic algorithms, such as COMP128, which require the use of large tables since there has been a mistaken belief that sound countermeasures require more resources than are available. To address this problem, we describe a new resource-efficient countermeasure for protecting table lookups in cryptographic implementations and justify its correctness rigorously.</description><identifier>ISSN: 1081-6011</identifier><identifier>ISSN: 1063-7109</identifier><identifier>ISBN: 9780769515434</identifier><identifier>ISBN: 0769515436</identifier><identifier>EISSN: 2375-1207</identifier><identifier>DOI: 10.1109/SECPRI.2002.1004360</identifier><language>eng</language><publisher>Los Alamitos CA: IEEE</publisher><subject>Applied sciences ; Authentication ; Cloning ; Cryptographic protocols ; Cryptography ; Exact sciences and technology ; GSM ; Information, signal and communications theory ; Partitioning algorithms ; Protection ; Resists ; Security ; Signal and communications theory ; Table lookup ; Telecommunications ; Telecommunications and information theory ; Teleprocessing networks. Isdn</subject><ispartof>Proceedings - IEEE Computer Society Symposium on Research in Security and Privacy, 2002, p.31-41</ispartof><rights>2004 INIST-CNRS</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1004360$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>310,311,781,785,790,791,2059,4051,4052,27930,54925</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1004360$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=15759532$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><creatorcontrib>Rao, J.R.</creatorcontrib><creatorcontrib>Rohatgi, P.</creatorcontrib><creatorcontrib>Scherzer, H.</creatorcontrib><creatorcontrib>Tinguely, S.</creatorcontrib><title>Partitioning attacks: or how to rapidly clone some GSM cards</title><title>Proceedings - IEEE Computer Society Symposium on Research in Security and Privacy</title><addtitle>SECPRI</addtitle><description>In this paper, we introduce a new class of side-channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of SIM cards, to retrieve the 128 bit key using as few as 8 chosen plaintexts. We show how partitioning attacks can be used effectively to attack implementations that have been equipped with ad hoc and inadequate countermeasures against side-channel attacks. Such ad hoc countermeasures are systemic in implementations of cryptographic algorithms, such as COMP128, which require the use of large tables since there has been a mistaken belief that sound countermeasures require more resources than are available. To address this problem, we describe a new resource-efficient countermeasure for protecting table lookups in cryptographic implementations and justify its correctness rigorously.</description><subject>Applied sciences</subject><subject>Authentication</subject><subject>Cloning</subject><subject>Cryptographic protocols</subject><subject>Cryptography</subject><subject>Exact sciences and technology</subject><subject>GSM</subject><subject>Information, signal and communications theory</subject><subject>Partitioning algorithms</subject><subject>Protection</subject><subject>Resists</subject><subject>Security</subject><subject>Signal and communications theory</subject><subject>Table lookup</subject><subject>Telecommunications</subject><subject>Telecommunications and information theory</subject><subject>Teleprocessing networks. Isdn</subject><issn>1081-6011</issn><issn>1063-7109</issn><issn>2375-1207</issn><isbn>9780769515434</isbn><isbn>0769515436</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2002</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpFkE1LAzEYhIMfYKn9Bb3koretb742G_EipdZCxWL1vCSbrEa3m5psKf33LrTgXOYwDwMzCI0JTAgBdbeeTVdviwkFoBMCwFkOZ2hAmRQZoSDP0UjJAmSuBBGc8Qs0IFCQLAdCrtAopW_oxQUHkg_Qw0rHznc-tL79xLrrdPWT7nGI-CvscRdw1FtvmwOumtA6nMLG4fn6BVc62nSNLmvdJDc6-RB9PM3ep8_Z8nW-mD4uM8-Ad5muDJXOFKLgStS2ttI4Y4VT3HCgRPZLnDBQGF0IyxwnwnFqpa25lLoAw4bo9ti7jeF351JXbnyqXNPo1oVdKqnMhVBc9eDNCdSp0k0ddVv5VG6j3-h4KImQQglGe2585Lxz7j8-nsn-AMSjZOo</recordid><startdate>2002</startdate><enddate>2002</enddate><creator>Rao, J.R.</creator><creator>Rohatgi, P.</creator><creator>Scherzer, H.</creator><creator>Tinguely, S.</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope><scope>IQODW</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>2002</creationdate><title>Partitioning attacks: or how to rapidly clone some GSM cards</title><author>Rao, J.R. ; Rohatgi, P. ; Scherzer, H. ; Tinguely, S.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i304t-acb27eb858495fdfd7bebd5e94b40217200e5b08ba85d3e415e42d7df477a80b3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2002</creationdate><topic>Applied sciences</topic><topic>Authentication</topic><topic>Cloning</topic><topic>Cryptographic protocols</topic><topic>Cryptography</topic><topic>Exact sciences and technology</topic><topic>GSM</topic><topic>Information, signal and communications theory</topic><topic>Partitioning algorithms</topic><topic>Protection</topic><topic>Resists</topic><topic>Security</topic><topic>Signal and communications theory</topic><topic>Table lookup</topic><topic>Telecommunications</topic><topic>Telecommunications and information theory</topic><topic>Teleprocessing networks. Isdn</topic><toplevel>online_resources</toplevel><creatorcontrib>Rao, J.R.</creatorcontrib><creatorcontrib>Rohatgi, P.</creatorcontrib><creatorcontrib>Scherzer, H.</creatorcontrib><creatorcontrib>Tinguely, S.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection><collection>Pascal-Francis</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Rao, J.R.</au><au>Rohatgi, P.</au><au>Scherzer, H.</au><au>Tinguely, S.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Partitioning attacks: or how to rapidly clone some GSM cards</atitle><btitle>Proceedings - IEEE Computer Society Symposium on Research in Security and Privacy</btitle><stitle>SECPRI</stitle><date>2002</date><risdate>2002</risdate><spage>31</spage><epage>41</epage><pages>31-41</pages><issn>1081-6011</issn><issn>1063-7109</issn><eissn>2375-1207</eissn><isbn>9780769515434</isbn><isbn>0769515436</isbn><abstract>In this paper, we introduce a new class of side-channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of SIM cards, to retrieve the 128 bit key using as few as 8 chosen plaintexts. We show how partitioning attacks can be used effectively to attack implementations that have been equipped with ad hoc and inadequate countermeasures against side-channel attacks. Such ad hoc countermeasures are systemic in implementations of cryptographic algorithms, such as COMP128, which require the use of large tables since there has been a mistaken belief that sound countermeasures require more resources than are available. To address this problem, we describe a new resource-efficient countermeasure for protecting table lookups in cryptographic implementations and justify its correctness rigorously.</abstract><cop>Los Alamitos CA</cop><pub>IEEE</pub><doi>10.1109/SECPRI.2002.1004360</doi><tpages>11</tpages></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 1081-6011
ispartof	Proceedings - IEEE Computer Society Symposium on Research in Security and Privacy, 2002, p.31-41
issn	1081-6011 1063-7109 2375-1207
language	eng
recordid	cdi_ieee_primary_1004360
source	IEEE Electronic Library (IEL) Conference Proceedings
subjects	Applied sciences Authentication Cloning Cryptographic protocols Cryptography Exact sciences and technology GSM Information, signal and communications theory Partitioning algorithms Protection Resists Security Signal and communications theory Table lookup Telecommunications Telecommunications and information theory Teleprocessing networks. Isdn
title	Partitioning attacks: or how to rapidly clone some GSM cards
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-14T04%3A03%3A18IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Partitioning%20attacks:%20or%20how%20to%20rapidly%20clone%20some%20GSM%20cards&rft.btitle=Proceedings%20-%20IEEE%20Computer%20Society%20Symposium%20on%20Research%20in%20Security%20and%20Privacy&rft.au=Rao,%20J.R.&rft.date=2002&rft.spage=31&rft.epage=41&rft.pages=31-41&rft.issn=1081-6011&rft.eissn=2375-1207&rft.isbn=9780769515434&rft.isbn_list=0769515436&rft_id=info:doi/10.1109/SECPRI.2002.1004360&rft_dat=%3Cproquest_6IE%3E27655949%3C/proquest_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=27655949&rft_id=info:pmid/&rft_ieee_id=1004360&rfr_iscdi=true