In this paper, we present one method to attack on the GMR-2 algorithm used in satellite phone under the chosen-plaintexts. First using the relationship of the rows of the two s-boxes and outputs of the F coordinate, w...In this paper, we present one method to attack on the GMR-2 algorithm used in satellite phone under the chosen-plaintexts. First using the relationship of the rows of the two s-boxes and outputs of the F coordinate, we attack on the GMR-2 algorithm. Then we deduce the happening probability of read-collision, and analyze its mathematical expectation. Finally, combining with the read-collision, we present an improved method to attack on the GMR-2 algorithm. The research results show that the complexity of the improved algorithm is about 220, and the session key Kc can be recovered in about 0.3 seconds. Compared with the available method, our method takes less time than the guess-and-decide attack method which is 700 s.展开更多
基金supported by China Scholarship Council under Grant No.201506965088
文摘In this paper, we present one method to attack on the GMR-2 algorithm used in satellite phone under the chosen-plaintexts. First using the relationship of the rows of the two s-boxes and outputs of the F coordinate, we attack on the GMR-2 algorithm. Then we deduce the happening probability of read-collision, and analyze its mathematical expectation. Finally, combining with the read-collision, we present an improved method to attack on the GMR-2 algorithm. The research results show that the complexity of the improved algorithm is about 220, and the session key Kc can be recovered in about 0.3 seconds. Compared with the available method, our method takes less time than the guess-and-decide attack method which is 700 s.