[2580] in cryptography@c2.net mail archive
Re: More on A5 strength
daemon@ATHENA.MIT.EDU (Greg Rose)
Sun Apr 26 22:56:02 1998
To: ukcrypto@maillist.ox.ac.uk
cc: cryptography@c2.net, Ross.Anderson@cl.cam.ac.uk
In-reply-to: Your message of Fri, 24 Apr 1998 12:31:55 +0100.
<E0ySghy-0002Nc-00@heaton.cl.cam.ac.uk>
Date: Sat, 25 Apr 1998 13:12:45 +1000
From: Greg Rose <ggr@qualcomm.com>
Ross Anderson writes:
>> Does anyone see a shortcut there?
>
>Last time I looked at it carefully I concluded that you only
>need to guess the clock inout bit half the time, so you need
>about 5 bit guesses giving an overall complexity of 2^45. I
>could be wrong though - it's notorious that you only get the
>real complexity of an attack when you implement and test it.
I implemented this kind of attack about a year
ago, and you're right, the complexity is about
2^44 (measured).
Greg.
Greg Rose INTERNET: ggr@qualcomm.com
QUALCOMM Australia VOICE: +61-2-9181 4851 FAX: +61-2-9181 5470
Suite 410, Birkenhead Point http://people.qualcomm.com/ggr/
Drummoyne NSW 2047 B5 DF 66 95 89 68 1F C8 EF 29 FA 27 F2 2A 94 8F
