Abstract
The ESA-PSS-04-151 Authentication Layer of the European Space Agency is a MAC mechanism for authenticating telecommands transmitted to spacecrafts. We show that in spite of the very large key length of 2940 bits there are (under certain circumstances) feasible known message attacks. In particular, we show that an attacker who is given about n ≈80-100 message/MAC pairs and 60 special bits of the key can forge the MAC of any further message with high probability (> 5% for n = 100) by a single LLL lattice reduction modulo 248 of a matrix of size approximately (n − 60)×n. Most of the 2880 remaining key bits can also be recovered. Furthermore, we show that the attacker can find the 60 special key bits as well if he is given, in addition, another set of about 40-50 message/MAC pairs of a special kind with a workload of less than 231 LLL lattice reductions modulo 248 of the same size.
Chapter PDF
Similar content being viewed by others
References
von zur Gathen, J., Shparlinski, I.E.: Predicting Subset Sum Pseudorandom Generators. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 241–251. Springer, Heidelberg (2004)
Telecommand Decoder Specification, ESA PSS-04-151, Issue 1. ESA, Paris (September 1993)
Rueppel, R.A., Massey, J.L.: Knapsack as a nonlinear function. In: IEEE Intern. Symp. of Inform. Theory, p. 46. IEEE Press, Los Alamitos (1985)
Rueppel, R.A.: Analysis and design of stream ciphers. Springer, New York (1986)
Spinsante, S., Chiaraluce, F., Gambi, E.: Numerical verification of the historicity of the ESA telecommand authentication approach, talk given at Spaceops 2006, Rome (2006), on-line: http://www.aiaa.org/spaceops2006/presentations/55955.ppt
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Illies, G., Margraf, M. (2007). Attacks on the ESA-PSS-04-151 MAC Scheme. In: Adams, C., Miri, A., Wiener, M. (eds) Selected Areas in Cryptography. SAC 2007. Lecture Notes in Computer Science, vol 4876. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77360-3_19
Download citation
DOI: https://doi.org/10.1007/978-3-540-77360-3_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77359-7
Online ISBN: 978-3-540-77360-3
eBook Packages: Computer ScienceComputer Science (R0)