New Security Proofs for the 3GPP Confidentiality and Integrity Algorithms (2003)
Cached
Download Links
- [eprint.iacr.org]
- [www.cs.washington.edu]
- [eprint.iacr.org]
- DBLP
Other Repositories/Bibliography
| Venue: | Fast Software Encryption, FSE 2004 |
| Citations: | 10 - 1 self |
BibTeX
@INPROCEEDINGS{Iwata03newsecurity,
author = {Tetsu Iwata and Tadayoshi Kohno},
title = {New Security Proofs for the 3GPP Confidentiality and Integrity Algorithms},
booktitle = {Fast Software Encryption, FSE 2004},
year = {2003},
pages = {306--318},
publisher = {Springer-Verlag}
}
Years of Citing Articles
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
This paper analyses the 3GPP confidentiality and integrity schemes adopted by Universal Mobile Telecommunication System, an emerging standard for third generation wireless communications. The schemes, known as f8 and f9, are based on the block cipher KASUMI. Although previous works claim security proofs for f8 and f9 ′ , where f9 ′ is a generalized versions of f9, it was recently shown that these proofs are incorrect. Moreover, Iwata and Kurosawa (2003) showed that it is impossible to prove f8 and f9 ′ secure under the standard PRP assumption on the underlying block cipher. We address this issue here, showing that it is possible to prove f8 ′ and f9 ′ secure if we make the assumption that the underlying block cipher is a secure PRP-RKA against a certain class of related-key attacks; here f8 ′ is a generalized version of f8. Our results clarify the assumptions necessary in order for f8 and f9 to be secure and, since no related-key attacks are known against the full eight rounds of KASUMI, lead us to believe that the confidentiality and integrity mechanisms used in real 3GPP applications are secure.
