International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Time-memory Trade-offs Sound the Death Knell for GPRS and GSM

Authors:
Tristan Claverie , ANSSI, IRISA, INSA de Rennes
Gildas Avoine , INSA de Rennes, IRISA
Diane Leblanc-Albarel , Cosic Group, KU Leuven
Xavier Carpent , University of Nottingham
Christope Devine , ANSSI
Download:
DOI: 10.1007/978-3-031-68385-5_7 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2024
Abstract: This paper introduces a practical TMTO-based attack against GSM (A5/3) and GPRS (GEA-3), which are both technologies used in 2G mobile networks. Although designed in the 80s, such networks are still quite active today, especially for embedded systems. While active attacks against 2G networks with a fake base station were already known for a while, the attack introduced in this paper relies on a passive attacker. We explain in the paper how to find material in GPRS and GSM communications to perform a TMTO attack and we experimented this step with off-the-shelf devices operated in real-life networks. We provide the success probability of the attack and its performances for several real-life scenarios. We optimized the implementation of KASUMI with AVX2 instructions, and we designed a specific TMTO implementation to get around the SSD access latency. For example, an attacker passively eavesdropping a GSM communication between a target and a base station can decrypt any 2-hour call with probability 0.43, in 14 min.
BibTeX
@inproceedings{crypto-2024-34281,
  title={Time-memory Trade-offs Sound the Death Knell for GPRS and GSM},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-031-68385-5_7},
  author={Tristan Claverie and Gildas Avoine and Diane Leblanc-Albarel and Xavier Carpent and Christope Devine},
  year=2024
}