Paper 2004/049

Side Channel Analysis for Reverse Engineering (SCARE) - An Improved Attack Against a Secret A3/A8 GSM Algorithm

Christophe Clavier

Abstract

Side-channel analysis has been recognized for several years as a practical and powerful means to reveal secret keys of [publicly known] cryptographic algorithms. Only very recently this kind of cryptanalysis has been applied to reverse engineer a non-trivial part of the specification of a proprietary (i.e., secret) algorithm. The target here is no longer the value of secret key but the secret specifications of the cryptographic algorithm itself. In a recent paper, Roman Novak (2003) describes how to recover the value of one (out of two) substitution table of a secret instance of the A3/A8 algorithm, the GSM authentication and session-key generation algorithm. His attack presents however two drawbacks from a practical viewpoint. First, in order to retrieve one substitution table ($T_2$), the attacker must know the value of the other substitution table ($T_1$). Second, the attacker must also know the value of secret key $K$. In this paper, we improve Novak's attack and show how to retrieve \emph{both} substitution tables ($T_1$ and $T_2$) \emph{without any prior knowledge about the secret key}. Furthermore, as a side-effect, we also recover the value of the secret key. With this contribution, we intend to present a practical SCARE (Side Channel Analysis for Reverse Engineering) attack, anticipate a growing interest for this new area of side-channel signal exploitation, and remind, if needed, that security cannot be achieved through obscurity alone.

Metadata
Available format(s)
PS
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
GSM AuthenticationA3A8Reverse EngineeringSubstitution TableSide Channel Analysis
Contact author(s)
christophe clavier @ gemplus com
History
2004-02-21: received
Short URL
https://ia.cr/2004/049
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2004/049,
      author = {Christophe Clavier},
      title = {Side Channel Analysis for Reverse Engineering ({SCARE}) - An Improved Attack Against a Secret A3/A8 {GSM} Algorithm},
      howpublished = {Cryptology {ePrint} Archive, Paper 2004/049},
      year = {2004},
      url = {https://eprint.iacr.org/2004/049}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.