Misplaced Pages

COMP128

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

This is an old revision of this page, as edited by Stfg (talk | contribs) at 10:43, 15 May 2012 (tagged as {{Rough translation}}; one can only copy edit material that makes basic sense; this doesn't). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Revision as of 10:43, 15 May 2012 by Stfg (talk | contribs) (tagged as {{Rough translation}}; one can only copy edit material that makes basic sense; this doesn't)(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)
Translation arrow iconThis article may be a rough translation from German. It may have been generated, in whole or in part, by a computer or by a translator without dual proficiency. Please help to enhance the translation. The original article is under "Deutsch" in the "languages" list.
If you have just labeled this article as needing attention, please add
{{subst:Needtrans|pg=COMP128 |language=German |comments= }} ~~~~
to the bottom of the WP:PNTCU section on Misplaced Pages:Pages needing translation into English.

COMP128 is an implementation of GSM network-specified algorithms A3 and A8. A3 is the authentication of the mobile station on the network or AuC (Authentication Center). A8 is used a session key for the encrypted transmission between the mobile station and the BTS.

Technical details of the originally confidential algorithm arrived in 1998 by implementing reverse engineering to the public.

COMP128 works with nine rounds. The central core of the algorithm is a hash function. This hash function provides a 128-bit hash value for 256-bit input. It is based on a butterfly structure. The output of the algorithm contains the authentication used for the response and the session key for the A5 stream cipher, which is used to encrypt the language transfer.

Pseudocode

Let X, the 32-byte entry of the hash function, with K: = X the key goal of the SIM card and X sent by the station Challenge. are still , the tables T0, T1, T2 , T3 and T4 the secret permuted. Then passes through the first input 8 times the following compression (according to , see Related links): 

For i=0 to 4 do:
  For j=0 to 2-1 do:
    For k=0 to 2-1 do:
      s = k + j*2
      t = s + 2
      x = (X + 2X) mod 2)
      y = (2X + X) mod 2)
      X = Ti
      X = Ti

After each permutation, the 16 bytes of output in X and K are stored in X.

Security

COMP128 is considered unsafe because small changes in the hash input are not sufficiently dispersed. Due to the birthday problem, the system can be exploited to, for example, extract the SIM card's key.

External links

Category: