A uniform framework for cryptanalysis of the Bluetooth e0 cipher

Ophir Levy; Avishai Wool

doi:10.1109/SECURECOMM.2005.1

A uniform framework for cryptanalysis of the Bluetooth e₀ cipher

Ophir Levy^*, Avishai Wool

^*Corresponding author for this work

Department of Electrical Engineering - Systems

Tel Aviv University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

In this paper we analyze the E₀ cipher, which is the encryption system used in the Bluetooth specification. We suggest a uniform framework for cryptanalysis of the E₀ cipher. Our method requires 128 known bits of the keystream in order to recover the initial state of the LFSRs, which reflects the secret key of this encryption engine. In one setting, our framework reduces to an attack of D. Bleichenbacher. In another setting, our framework is equivalent to an attack presented by Fluhrer and Lucks. Our best attack can recover the initial state of the LFSRs after solving 2⁸⁶ boolean linear systems of equations, which is roughly equivalent to the results obtained by Fluhrer and Lucks.

Original language	English
Title of host publication	Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005
Pages	365-373
Number of pages	9
DOIs	https://doi.org/10.1109/SECURECOMM.2005.1
State	Published - 2005
Event	1st International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005 - Athens, Greece Duration: 5 Sep 2005 → 9 Sep 2005

Publication series

Name	Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005
Volume	2005

Conference

Conference	1st International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005
Country/Territory	Greece
City	Athens
Period	5/09/05 → 9/09/05

Access to Document

10.1109/SECURECOMM.2005.1

Cite this

Levy, O., & Wool, A. (2005). A uniform framework for cryptanalysis of the Bluetooth e₀ cipher. In Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005 (pp. 365-373). Article 1607592 (Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005; Vol. 2005). https://doi.org/10.1109/SECURECOMM.2005.1

Levy, Ophir ; Wool, Avishai. / A uniform framework for cryptanalysis of the Bluetooth e₀ cipher. Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005. 2005. pp. 365-373 (Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005).

@inproceedings{22bed253ff6d492e96b243d3f4a78169,

title = "A uniform framework for cryptanalysis of the Bluetooth e0 cipher",

abstract = "In this paper we analyze the E0 cipher, which is the encryption system used in the Bluetooth specification. We suggest a uniform framework for cryptanalysis of the E0 cipher. Our method requires 128 known bits of the keystream in order to recover the initial state of the LFSRs, which reflects the secret key of this encryption engine. In one setting, our framework reduces to an attack of D. Bleichenbacher. In another setting, our framework is equivalent to an attack presented by Fluhrer and Lucks. Our best attack can recover the initial state of the LFSRs after solving 286 boolean linear systems of equations, which is roughly equivalent to the results obtained by Fluhrer and Lucks.",

author = "Ophir Levy and Avishai Wool",

year = "2005",

doi = "10.1109/SECURECOMM.2005.1",

language = "אנגלית",

isbn = "0769523692",

series = "Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005",

pages = "365--373",

booktitle = "Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005",

note = "1st International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005 ; Conference date: 05-09-2005 Through 09-09-2005",

}

Levy, O & Wool, A 2005, A uniform framework for cryptanalysis of the Bluetooth e₀ cipher. in Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005., 1607592, Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005, vol. 2005, pp. 365-373, 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005, Athens, Greece, 5/09/05. https://doi.org/10.1109/SECURECOMM.2005.1

A uniform framework for cryptanalysis of the Bluetooth e₀ cipher. / Levy, Ophir; Wool, Avishai.
Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005. 2005. p. 365-373 1607592 (Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005; Vol. 2005).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A uniform framework for cryptanalysis of the Bluetooth e0 cipher

AU - Levy, Ophir

AU - Wool, Avishai

PY - 2005

Y1 - 2005

N2 - In this paper we analyze the E0 cipher, which is the encryption system used in the Bluetooth specification. We suggest a uniform framework for cryptanalysis of the E0 cipher. Our method requires 128 known bits of the keystream in order to recover the initial state of the LFSRs, which reflects the secret key of this encryption engine. In one setting, our framework reduces to an attack of D. Bleichenbacher. In another setting, our framework is equivalent to an attack presented by Fluhrer and Lucks. Our best attack can recover the initial state of the LFSRs after solving 286 boolean linear systems of equations, which is roughly equivalent to the results obtained by Fluhrer and Lucks.

AB - In this paper we analyze the E0 cipher, which is the encryption system used in the Bluetooth specification. We suggest a uniform framework for cryptanalysis of the E0 cipher. Our method requires 128 known bits of the keystream in order to recover the initial state of the LFSRs, which reflects the secret key of this encryption engine. In one setting, our framework reduces to an attack of D. Bleichenbacher. In another setting, our framework is equivalent to an attack presented by Fluhrer and Lucks. Our best attack can recover the initial state of the LFSRs after solving 286 boolean linear systems of equations, which is roughly equivalent to the results obtained by Fluhrer and Lucks.

UR - http://www.scopus.com/inward/record.url?scp=33750231213&partnerID=8YFLogxK

U2 - 10.1109/SECURECOMM.2005.1

DO - 10.1109/SECURECOMM.2005.1

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:33750231213

SN - 0769523692

SN - 9780769523699

T3 - Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005

SP - 365

EP - 373

BT - Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005

T2 - 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005

Y2 - 5 September 2005 through 9 September 2005

ER -

Levy O, Wool A. A uniform framework for cryptanalysis of the Bluetooth e₀ cipher. In Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005. 2005. p. 365-373. 1607592. (Proceedings - First International Conference on Security and Privacy for Emerging Areas in Communications Networks, SecureComm 2005). doi: 10.1109/SECURECOMM.2005.1