Exploration
Accueil
Racine
Exploration
Accueil
Racine

Serveur d'exploration sur la recherche en informatique en Lorraine

Attention, ce site est en cours de développement !
Attention, site généré par des moyens informatiques à partir de corpus bruts.
Les informations ne sont donc pas validées.

Analysis of the Initial and Modified Versions of the Candidate 3GPP Integrity Algorithm 128-EIA3

Identifieur interne : 002190 ( Main/Exploration ); précédent : 002189; suivant : 002191

Analysis of the Initial and Modified Versions of the Candidate 3GPP Integrity Algorithm 128-EIA3

Auteurs : Thomas Fuhr [France] ; Henri Gilbert [France] ; Jean-René Reinhard [France] ; Marion Videau [France]

Source :

RBID : Hal:inria-00619235

Abstract

In this paper we investigate the security of the two most recent versions of the message authentication code 128-EIA3, which is considered for adoption as a third integrity algorithm in the emerging 3GPP standard LTE. We first present an efficient existential forgery at- tack against the June 2010 version of the algorithm. This attack allows, given any message and the associated MAC value under an unknown integrity key and an initial vector, to predict the MAC value of a related message under the same key and the same initial vector with a success probability 1/2. We then briefly analyse the tweaked version of the al- gorithm that was introduced in January 2011 to circumvent this attack. We give some evidence that while this new version offers a provable re- sistance against similar forgery attacks under the assumption that (key, IV) pairs are never reused by any legitimate sender or receiver, some of its design features limit its resilience against IV reuse.

Url:
DOI: 10.1007/978-3-642-28496-0


Affiliations:

Links toward previous steps (curation, corpus...)

Le document en format XML

<record>
<TEI>
<teiHeader>
<fileDesc>
<titleStmt>
<title xml:lang="en">Analysis of the Initial and Modified Versions of the Candidate 3GPP Integrity Algorithm 128-EIA3</title>
<author>
<name sortKey="Fuhr, Thomas" sort="Fuhr, Thomas" uniqKey="Fuhr T" first="Thomas" last="Fuhr">Thomas Fuhr</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
<author>
<name sortKey="Gilbert, Henri" sort="Gilbert, Henri" uniqKey="Gilbert H" first="Henri" last="Gilbert">Henri Gilbert</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
<author>
<name sortKey="Reinhard, Jean Rene" sort="Reinhard, Jean Rene" uniqKey="Reinhard J" first="Jean-René" last="Reinhard">Jean-René Reinhard</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
<author>
<name sortKey="Videau, Marion" sort="Videau, Marion" uniqKey="Videau M" first="Marion" last="Videau">Marion Videau</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
</titleStmt>
<publicationStmt>
<idno type="wicri:source">HAL</idno>
<idno type="RBID">Hal:inria-00619235</idno>
<idno type="halId">inria-00619235</idno>
<idno type="halUri">https://hal.inria.fr/inria-00619235</idno>
<idno type="url">https://hal.inria.fr/inria-00619235</idno>
<idno type="doi">10.1007/978-3-642-28496-0</idno>
<date when="2011-08-11">2011-08-11</date>
<idno type="wicri:Area/Hal/Corpus">000E71</idno>
<idno type="wicri:Area/Hal/Curation">000E71</idno>
<idno type="wicri:Area/Hal/Checkpoint">001C51</idno>
<idno type="wicri:explorRef" wicri:stream="Hal" wicri:step="Checkpoint">001C51</idno>
<idno type="wicri:Area/Main/Merge">002234</idno>
<idno type="wicri:Area/Main/Curation">002190</idno>
<idno type="wicri:Area/Main/Exploration">002190</idno>
</publicationStmt>
<sourceDesc>
<biblStruct>
<analytic>
<title xml:lang="en">Analysis of the Initial and Modified Versions of the Candidate 3GPP Integrity Algorithm 128-EIA3</title>
<author>
<name sortKey="Fuhr, Thomas" sort="Fuhr, Thomas" uniqKey="Fuhr T" first="Thomas" last="Fuhr">Thomas Fuhr</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
<author>
<name sortKey="Gilbert, Henri" sort="Gilbert, Henri" uniqKey="Gilbert H" first="Henri" last="Gilbert">Henri Gilbert</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
<author>
<name sortKey="Reinhard, Jean Rene" sort="Reinhard, Jean Rene" uniqKey="Reinhard J" first="Jean-René" last="Reinhard">Jean-René Reinhard</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
<author>
<name sortKey="Videau, Marion" sort="Videau, Marion" uniqKey="Videau M" first="Marion" last="Videau">Marion Videau</name>
<affiliation wicri:level="1">
<hal:affiliation type="laboratory" xml:id="struct-167155" status="VALID">
<orgName>Laboratoire de cryptographie de l'ANSSI</orgName>
<orgName type="acronym">LCR</orgName>
<desc>
<address>
<addrLine>51 boulevard de La Tour-Maubourg 75007 Paris</addrLine>
<country key="FR"></country>
</address>
<ref type="url">http://www.ssi.gouv.fr/</ref>
</desc>
<listRelation>
<relation active="#struct-325006" type="direct"></relation>
</listRelation>
<tutelles>
<tutelle active="#struct-325006" type="direct">
<org type="institution" xml:id="struct-325006" status="INCOMING">
<orgName>Agence nationale de la sécurité des systèmes d'information</orgName>
<desc>
<address>
<country key="FR"></country>
</address>
</desc>
</org>
</tutelle>
</tutelles>
</hal:affiliation>
<country>France</country>
</affiliation>
</author>
</analytic>
<idno type="DOI">10.1007/978-3-642-28496-0</idno>
</biblStruct>
</sourceDesc>
</fileDesc>
<profileDesc>
<textClass></textClass>
</profileDesc>
</teiHeader>
<front>
<div type="abstract" xml:lang="en">In this paper we investigate the security of the two most recent versions of the message authentication code 128-EIA3, which is considered for adoption as a third integrity algorithm in the emerging 3GPP standard LTE. We first present an efficient existential forgery at- tack against the June 2010 version of the algorithm. This attack allows, given any message and the associated MAC value under an unknown integrity key and an initial vector, to predict the MAC value of a related message under the same key and the same initial vector with a success probability 1/2. We then briefly analyse the tweaked version of the al- gorithm that was introduced in January 2011 to circumvent this attack. We give some evidence that while this new version offers a provable re- sistance against similar forgery attacks under the assumption that (key, IV) pairs are never reused by any legitimate sender or receiver, some of its design features limit its resilience against IV reuse.</div>
</front>
</TEI>
<affiliations>
<list>
<country>
<li>France</li>
</country>
</list>
<tree>
<country name="France">
<noRegion>
<name sortKey="Fuhr, Thomas" sort="Fuhr, Thomas" uniqKey="Fuhr T" first="Thomas" last="Fuhr">Thomas Fuhr</name>
</noRegion>
<name sortKey="Gilbert, Henri" sort="Gilbert, Henri" uniqKey="Gilbert H" first="Henri" last="Gilbert">Henri Gilbert</name>
<name sortKey="Reinhard, Jean Rene" sort="Reinhard, Jean Rene" uniqKey="Reinhard J" first="Jean-René" last="Reinhard">Jean-René Reinhard</name>
<name sortKey="Videau, Marion" sort="Videau, Marion" uniqKey="Videau M" first="Marion" last="Videau">Marion Videau</name>
</country>
</tree>
</affiliations>
</record>

Pour manipuler ce document sous Unix (Dilib)

EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Main/Exploration

HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 002190 | SxmlIndent | more

Ou

HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 002190 | SxmlIndent | more

Pour mettre un lien sur cette page dans le réseau Wicri

{{Explor lien
   |wiki=    Wicri/Lorraine
   |area=    InforLorV4
   |flux=    Main
   |étape=   Exploration
   |type=    RBID
   |clé=     Hal:inria-00619235
   |texte=   Analysis of the Initial and Modified Versions of the Candidate 3GPP Integrity Algorithm 128-EIA3
}}
Wicri

This area was generated with Dilib version V0.6.33.
Data generation: Mon Jun 10 21:56:28 2019. Site generation: Fri Feb 25 15:29:27 2022