Paper 2010/618

A Forgery Attack on the Candidate LTE Integrity Algorithm 128-EIA3

Thomas Fuhr, Henri Gilbert, Jean-Renë Reinhard, and Marion Videau

Abstract

In this note we show that the message authentication code 128-EIA3 considered for adoption as one of the integrity algorithms of the emerging mobile standard LTE is vulnerable to a simple existential forgery attack. This attack allows, given any message and the associated MAC value under an unknown integrity key and an initial vector, to predict the MAC value of a related message under the same key and the same initial vector with a success probability 1/2.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
message authentication codesforgery attacks
Contact author(s)
henri gilbert @ ssi gouv fr
History
2010-12-08: received
Short URL
https://ia.cr/2010/618
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/618,
      author = {Thomas Fuhr and Henri Gilbert and Jean-Renë Reinhard and Marion Videau},
      title = {A Forgery Attack on the  Candidate LTE  Integrity Algorithm 128-EIA3},
      howpublished = {Cryptology ePrint Archive, Paper 2010/618},
      year = {2010},
      note = {\url{https://eprint.iacr.org/2010/618}},
      url = {https://eprint.iacr.org/2010/618}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.