Weak key-IV Pairs in the A5/1 Stream Cipher

Alhamdan, A., Bartlett, H., Dawson, E., Simpson, L. and Wong, K. K.

    A5/1 is a shift register based stream cipher which provides privacy for the GSM system. In this paper, we analyse the loading of the secret key and IV during the initialisation process of A5/1. We demonstrate the existence of weak key-IV pairs in the A5/1 cipher due to this loading process; these weak key-IV pairs may generate one, two or three registers containing all-zero values, which may lead in turn to weak keystream sequences. In the case where two or three registers contain only zeros, we describe a distinguisher which leads to a complete decryption of the affected messages.
Cite as: Alhamdan, A., Bartlett, H., Dawson, E., Simpson, L. and Wong, K. K. (2014). Weak key-IV Pairs in the A5/1 Stream Cipher. In Proc. Twelfth Australasian Information Security Conference (AISC 2014) Auckland, New Zealand. CRPIT, 149. Parampalli, U. and Welch, I. Eds., ACS. 23-36
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS