The Conditional Correlation Attack: A Practical Attack on Bluetooth Encryption

Lu, Yi; Meier, Willi; Vaudenay, Serge

doi:10.1007/11535218_7

Cited by 62 publications

(31 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…But it became a significant problem when it was incorporated into mobile devices [10][11][12][13][14][15]. Some of the recent and significant incidents about the security issues are enlisted below:…”

Section: Bluetooth Network Vulnerabilitiesmentioning

confidence: 99%

A Secured Bluetooth Based Social Network

Minar¹,

Tarique²

2011

IJCA

View full text Add to dashboard Cite

Bluetooth is a technology for short range wireless real-time data transfer between devices. It is becoming increasingly more prevalent in modern society, with technical gadgets now ranging from mobile phones and game controllers to PDAs and personal computers. In Bangladesh, use of technology has not reached its maximum potential and it is yet to spread among the majority of population and devices like PDA/Smart phones/Laptops that consist of WLAN feature is not widely used in public environments. But the use of basic mobile phones (consisting of Bluetooth feature) is greatly increasing over the years. This paper proposes a way to implement the Bluetooth Standard as a communication medium for a social network like a university in order to send and receive valuable information and services which can be used as a cheaper solution and replacement to WLAN devices. However, Bluetooth has security threats too; hence this paper also addresses the potential weaknesses and vulnerabilities in security protocols of this technology so that protection against malicious attacks, identity theft and eavesdropping can be insured. Due to the public nature of this network some application level security features have been incorporated to make it a safer network. Finally, the paper concludes w ith some recommendations for the future works regarding this Bluetooth networking concept.

show abstract

Section: Bluetooth Network Vulnerabilitiesmentioning

confidence: 99%

A Secured Bluetooth Based Social Network

Minar¹,

Tarique²

2011

IJCA

View full text Add to dashboard Cite

show abstract

“…For the minimum number of 132 available keystream bits the attack needs 2 84 polynomial time operations. The best currently known longkeystream attacks against E 0 are algebraic attacks [1] and correlation attacks [12,11]. These attacks all need a large amount of keystream (2 28 to 2 39 in the case of correlation attacks), and even in terms of time and memory requirements, [11] is the only feasible attack among them.…”

Section: Applicationsmentioning

confidence: 99%

“…For each r ∈ {0, 1, 2}, a register cell q N r , N r ∈ { nr 2 − 1, nr 2 }, is selected in LFSR R r as input for the clock control. The GSM standard uses the parameters (n 0 , n 1 , n 2 ) = (19,22,23) and (N 0 , N 1 , N 2 ) = (11,12,13).…”

Section: Applicationsmentioning

confidence: 99%

Reducing the Space Complexity of BDD-Based Attacks on Keystream Generators

Krause

Stegemann

2006

Fast Software Encryption

View full text Add to dashboard Cite

Abstract. The main application of stream ciphers is online-encryption of arbitrarily long data, for example when transmitting speech data between a Bluetooth headset and a mobile GSM phone or between the phone and a GSM base station. Many practically used and intensively discussed stream ciphers such as the E0 generator used in Bluetooth and the GSM cipher A5/1 consist of a small number of linear feedback shift registers (LFSRs) that transform a secret key x ∈ {0, 1} n into an output keystream of arbitrary length. In 2002, Krause proposed a Binary Decision Diagram (BDD) based attack on this type of ciphers, which in the case of E0 is the best short-keystream attack known so far. However, BDD-attacks generally require a large amount of memory. In this paper, we show how to substantially reduce the memory consumption by divide-and-conquer strategies and present the first comprehensive experimental results for the BDD-attack on reduced versions of E0, A5/1 and the self-shrinking generator.

show abstract

“…Considering a maximal keystream length of 2745 bits for E0 used in Bluetooth, the attack is impractical. Nonetheless, the resynchronization flaw of E0 (see [34]) enables us to deduce non-trivial correlations of full E0 from those of the core E0; this finally leads to the fastest (and only) practical known-plaintext attack on full E0 in 2005 (see [33]). …”

Section: Introductionmentioning

confidence: 99%

Cryptanalysis of an E0-like Combiner with Memory

Vaudenay

2007

J Cryptol

Self Cite

View full text Add to dashboard Cite

Abstract. In this paper, we study an E0-like combiner with memory as the keystream generator. First, we formulate a systematic and simple method to compute correlations of the FSM output sequences (up to certain bits). An upper bound of the correlations is given, which is useful to the designer. Second, we show how to build either a uni-bias-based or multi-bias-based distinguisher to distinguish the keystream produced by the combiner from a truly random sequence, once correlations are found. The data complexity of both distinguishers is carefully analyzed for performance comparison. We show that the multi-bias-based distinguisher outperforms the uni-bias-based distinguisher only when the patterns of the largest biases are linearly dependent. The keystream distinguisher is then upgraded for use in the key-recovery attack. The latter actually reduces to the well-known Maximum Likelihood Decoding (MLD) problem given the keystream long enough. We devise an algorithm based on Fast Walsh Transform (FWT) to solve the MLD problem for any linear code with dimension L and length n within time O(n + L · 2 L ). Meanwhile, we summarize a design criterion for our E0-like combiner with memory to resist the proposed attacks.

show abstract

The Conditional Correlation Attack: A Practical Attack on Bluetooth Encryption

Cited by 62 publications

References 28 publications

A Secured Bluetooth Based Social Network

A Secured Bluetooth Based Social Network

Reducing the Space Complexity of BDD-Based Attacks on Keystream Generators

Cryptanalysis of an E0-like Combiner with Memory

Contact Info

Product

Resources

About