[2631] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: TIME Magazine on GSM cell phone crack

daemon@ATHENA.MIT.EDU (Ian Goldberg)
Mon May 4 20:17:11 1998

To: cryptography@c2.net
From: iang@cs.berkeley.edu (Ian Goldberg)
Date: 4 May 1998 17:52:09 GMT

In article <19980503143135H.hanche@math.ntnu.no>,
Harald Hanche-Olsen  <hanche@math.ntnu.no> wrote:
>
>- iang@cs.berkeley.edu (Ian Goldberg):
>
>| In article <19980430111709D.hanche@math.ntnu.no>,
>| Harald Hanche-Olsen  <hanche@math.ntnu.no> wrote:
>| >Presumably, only getting 32 bits of the COMP128 output per round
>| >must increase the difficulty of the cracking attempt, thereby
>| >requiring more challenge-response pairs to make up for this.
>| 
>| Nope.  In fact, we took this into account when designing the attack.
>| It is extremely rare that the first 32 bits of the COMP128 output of
>| two different inputs will match, but the whole output will not.
>
>I see.  Are you telling me that the attack does not look at the
>individual bits of the output, but only detects overall collisions?

That's exactly right.

   - Ian


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2631] in cryptography@c2.net mail archive

Re: TIME Magazine on GSM cell phone crack

daemon@ATHENA.MIT.EDU (Ian Goldberg)Mon May 4 20:17:11 1998

daemon@ATHENA.MIT.EDU (Ian Goldberg)
Mon May 4 20:17:11 1998