Title :
Partitioning attacks: or how to rapidly clone some GSM cards
Author :
Rao, Josyula R. ; Rohatgi, Pankaj ; Scherzer, Helmut ; Tinguely, Stephane
Author_Institution :
IBM Thomas J. Watson Res. Center, Yorktown Heights, NY, USA
fDate :
6/24/1905 12:00:00 AM
Abstract :
In this paper, we introduce a new class of side-channel attacks called partitioning attacks. We have successfully launched a version of the attack on several implementations of COMP128, the popular GSM authentication algorithm that has been deployed by different service providers in several types of SIM cards, to retrieve the 128 bit key using as few as 8 chosen plaintexts. We show how partitioning attacks can be used effectively to attack implementations that have been equipped with ad hoc and inadequate countermeasures against side-channel attacks. Such ad hoc countermeasures are systemic in implementations of cryptographic algorithms, such as COMP128, which require the use of large tables since there has been a mistaken belief that sound countermeasures require more resources than are available. To address this problem, we describe a new resource-efficient countermeasure for protecting table lookups in cryptographic implementations and justify its correctness rigorously.
Keywords :
cellular radio; cryptography; message authentication; smart cards; table lookup; telecommunication security; COMP128; GSM authentication algorithm; GSM card cloning; SIM cards; cryptographic algorithms; partitioning attacks; plaintexts; resource-efficient countermeasure; side-channel attacks; table lookup protection; Authentication; Cloning; Cryptographic protocols; Cryptography; GSM; Partitioning algorithms; Protection; Resists; Security; Table lookup;
Conference_Titel :
Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on
Print_ISBN :
0-7695-1543-6
DOI :
10.1109/SECPRI.2002.1004360
