Abstract
A general linear iterative cryptanalysis method for solving binary systems of approximate linear equations which is also applicable to keystream generators producing short keystream sequences is proposed. A linear cryptanalysis method for reconstructing the secret key in a general type of initialization schemes is also developed. A large class of linear correlations in the Bluetooth combiner, unconditioned or conditioned on the output or on both the output and one input, are found and characterized. As a result, an attack on the Bluetooth stream cipher that can reconstruct the 128-bit secret key with complexity about 270 from about 45 initializations is proposed. In the precomputation stage, a database of about 280 103-bit words has to be sorted out.
Chapter PDF
References
Bluetooth™, Bluetooth Specification, Version 1.1, Feb. 2001.
V. Chepyzhov and B. Smeets, “On a fast correlation attack on stream ciphers,” Advances in Cryptology-EUROCRYPT’ 91, Lecture Notes in Computer Science, vol. 547, pp. 176–185, 1991.
E. Dawson and A. Clark, “Divide and conquer attacks on certain classes of stream ciphers,” Cryptologia, vol. 18, pp. 25–40, 1994.
S. Fluhrer and S. Lucks, “Analysis of the E0 encryption system,” Selected Areas in Cryptography-SAC 2001, Lecture Notes in Computer Science, vol. 2259, pp. 38–48, 2001.
M. P. C. Fossorier, M. J. Mihaljević, and H. Imai, “Reduced complexity iterative decoding of low-density parity check codes based on belief propagation,” IEEE Trans. Commun., vol. 47, pp. 673–680, May 1999.
R. G. Gallager, “Low-density parity-check codes,” IRE Trans. Inform. Theory, vol. 8, pp. 21–28, Jan. 1962.
J. Dj. Golić, “Correlation properties of a general binary combiner with memory,” Journal of Cryptology, vol. 9, pp. 111–126, 1996.
J. Dj. Golić, “Computation of low-weight parity-check polynomials,” Electronics Letters, vol. 32, pp. 1981–1982, Oct. 1996.
J. Dj. Golić, “Cryptanalysis of alleged A5 stream cipher,” Advances in Cryptology-EUROCRYPT’ 97, Lecture Notes in Computer Science, vol. 1233, pp. 239–255, 1997.
J. Dj. Golić, M. Salmasizadeh, and E. Dawson, “Fast correlation attacks on the summation generator,” Journal of Cryptology, vol. 13, pp. 245–262, 2000.
J. Dj. Golić, “Iterative optimum symbol-by-symbol decoding and fast correlation attacks,” IEEE Trans. Inform. Theory, vol. 47, pp. 3040–3049, 2001.
M. Jakobsson and S. Wetzel, “Security weaknesses in Bluetooth,” Topics in Cryptology-CT-RSA 2001, Lecture Notes in Computer Science, vol. 2020, pp. 176–191, 2001.
C. R. P. Hartmann and L. D. Rudolph, “An optimum symbol-by-symbol decoding rule for linear codes,” IEEE Trans. Inform. Theory, vol. 22, pp. 514–517, Sept. 1976.
M. Hermelin and K. Nyberg, “Correlation properties of the Bluetooth combiner,” Information Security and Cryptology-ICISC’ 99, Lecture Notes in Computer Science, vol. 1787, pp. 17–29, 1999.
D. J. C. MacKay, “Good error-correcting codes based on very sparse matrices,” IEEE Trans. Inform. Theory, vol. 45, pp. 399–431, Mar. 1999.
W. Meier and O. Staffelbach, “Fast correlation attacks on certain stream ciphers,” Journal of Cryptology, vol. 1, pp. 159–176, 1989.
W. Meier and O. Staffelbach, “Correlation properties of combiners with memory in stream ciphers,” Journal of Cryptology, vol. 5, pp. 67–86, 1992.
M. J. Mihaljević and J. Dj. Golić, “A method for convergence analysis of iterative probabilistic decoding,” IEEE Trans. Inform. Theory, vol. 46, pp. 2206–2211, Sept. 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Golić, J.D., Bagini, V., Morgari, G. (2002). Linear Cryptanalysis of Bluetooth Stream Cipher. In: Knudsen, L.R. (eds) Advances in Cryptology — EUROCRYPT 2002. EUROCRYPT 2002. Lecture Notes in Computer Science, vol 2332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46035-7_16
Download citation
DOI: https://doi.org/10.1007/3-540-46035-7_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43553-2
Online ISBN: 978-3-540-46035-0
eBook Packages: Springer Book Archive