Entry Lu:2005:CCA from lncs2005a.bib

Last update: Fri Mar 15 02:12:13 MDT 2019

Index sections

Top | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Y | Z

BibTeX entry

@Article{Lu:2005:CCA,
  author =       "Yi Lu and Willi Meier and Serge Vaudenay",
  title =        "The Conditional Correlation Attack: {A} Practical
                 Attack on {Bluetooth} Encryption",
  journal =      j-LECT-NOTES-COMP-SCI,
  volume =       "3621",
  pages =        "97--??",
  year =         "2005",
  CODEN =        "LNCSD9",
  DOI =          "https://doi.org/10.1007/11535218_7",
  ISSN =         "0302-9743 (print), 1611-3349 (electronic)",
  ISSN-L =       "0302-9743",
  bibdate =      "Mon Apr 3 08:32:34 2006",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/lncs2005a.bib",
  abstract =     "Motivated by the security of the nonlinear filter
                 generator, the concept of correlation was previously
                 extended to the conditional correlation, that studied
                 the linear correlation of the inputs conditioned on a
                 given (short) output pattern of some specific nonlinear
                 function. Based on the conditional correlations,
                 conditional correlation attacks were shown to be
                 successful and efficient against the nonlinear filter
                 generator. In this paper, we further generalize the
                 concept of conditional correlations by assigning it
                 with a different meaning, i.e. the correlation of the
                 output of an arbitrary function conditioned on the
                 unknown (partial) input which is uniformly distributed.
                 Based on this generalized conditional correlation, a
                 general statistical model is studied for dedicated
                 key-recovery distinguishers. It is shown that the
                 generalized conditional correlation is no smaller than
                 the unconditional correlation. Consequently, our
                 distinguisher improves on the traditional one (in the
                 worst case it degrades into the traditional one). In
                 particular, the distinguisher may be successful even if
                 no ordinary correlation exists. As an application, a
                 conditional correlation attack is developed and
                 optimized against Bluetooth two-level E0. The attack is
                 based on a recently detected flaw in the
                 resynchronization of E0, as well as the investigation
                 of conditional correlations in the Finite State Machine
                 (FSM) governing the keystream output of E0. Our best
                 attack finds the original encryption key for two-level
                 E0 using the first 24 bits of $ 2^{23.8} $ frames and
                 with $ 2^{38} $ computations. This is clearly the
                 fastest and only practical known-plaintext attack on
                 Bluetooth encryption compared with all existing
                 attacks. Current experiments confirm our analysis.",
  acknowledgement = ack-nhfb,
  keywords =     "Bluetooth; Correlation; E0.; Stream Ciphers",
}

Related entries

analysis, 3621(0)412, 3718(0)208
application, 0(0)478, 3621(0)395
attack, 3621(0)1, 3621(0)17, 3621(0)86
based, 3621(0)86, 3621(0)309
Cipher, 0(0)494
efficient, 0(0)511, 3621(0)1, 3621(0)188
encryption, 0(0)478, 3621(0)205, 3621(0)258, 3621(0)276
find, 3621(0)1
Finite, 3718(0)52
first, 3621(0)17
function, 0(0)430, 3621(0)1, 3621(0)17
generator, 3621(0)378
investigation, 3718(0)236
linear, 3621(0)327, 3718(0)1
ordinary, 3718(0)1
paper, 3621(0)1, 3621(0)17
practical, 3621(0)86, 3621(0)412
security, 0(0)511, 0(0)527, 3621(0)55
short, 3621(0)258, 3621(0)309
state, 3718(0)115
than, 3621(0)1, 3621(0)17
unconditional, 0(0)467, 3621(0)118
using, 3621(0)1, 3621(0)378
Vaudenay, Serge, 3621(0)309