A New Guess-and-Determine Method for Cryptanalysis of the GSM Encryption

Abstract

Cryptanalysis is the process of finding flaws or oversights in an encryption algorithm. Nearly, all encryption algorithms are carefully examined through cryptanalysis to determine the security of the system in which the encryption algorithm has been employed. A5/1 is a well-known encryption algorithm which is inbuilt in mobile phone for securing GSM communication, and therefore, cryptanalysis of this algorithm is also important. A5/1 consists of three linear feedback registers of lengths 23, 22, and 19 bits. Due to the nonlinear clocking mechanism of A5/1, cryptanalytic attacks of guess-and-determine (GD) nature are efficient and more successful. In this paper, we propose a new low keystream GD attack on GSM encryption algorithm A5/1. The basic idea of GD attack is guessing some portion of the registers of A5/1 and determining remaining portion of the registers via the relationship between the register’s state and the known intercepted keystream. The guessed and determined register’s state is validated by running the cipher forward from that state. If the intercepted keystream matches the generated keystream, we accept it. Otherwise, we discard and try the attack again. The computational complexity and the success rate of the proposed attack are O (2⁵²) and 96.6%, respectively.