Cryptology ePrint Archive: Report 2003/162
Cryptanalysis of the Alleged SecurID Hash Function
Alex Biryukov and Joseph Lano and Bart Preneel
Abstract: The SecurID hash function is used for authenticating users to a
corporate computer infrastructure. We analyse an alleged
implementation of this hash function. The block cipher at the
heart of the function can be broken in few milliseconds on a PC
with 70 adaptively chosen plaintexts. The 64-bit secret key of
10$\%$ of the cards can be discovered given two months of token
outputs and $2^{48}$ analysis steps. A larger fraction of cards
can be covered given more observation time.
Category / Keywords: secret-key cryptography / alleged SecurID, cryptanalysis, internal collision, vanishing differential
Publication Info: Updated version of a paper, which will appear in SAC'03 preproceedings
Date: received 8 Aug 2003, last revised 29 Oct 2003
Contact author: abiryuko at esat kuleuven ac be
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Note: New attack on the full Alleged SecurID Hash Function.
Version: 20031029:123127 (All versions of this report)
Short URL: ia.cr/2003/162
[ Cryptology ePrint archive ]