Slid pairs in the initialisation of the A5/1 stream cipher

A5/1 is a shift register based stream cipher which uses a majority clocking rule to update its registers. It is designed to provide privacy for the GSM system. In this paper, we analyse the initialisation process of A5/1. We demonstrate a sliding property of the A5/1 cipher, where every valid internal state is also a legitimate loaded state and multiple key-IV pairs produce phase shifted keystream sequences. We describe a possible ciphertext only attack based on this property.

Weak key-IV pairs in the A5/1 stream cipher

A5/1 is a shift register based stream cipher which provides privacy for the GSM system. In this paper, we analyse the loading of the secret key and IV during the initialisation process of A5/1. We demonstrate the existence of weak key-IV pairs in the A5/1 cipher due to this loading process; these weak key-IV pairs may generate one, two or three registers containing all-zero values, which may lead in turn to weak keystream sequences. In the case where two or three registers contain only zeros, we describe a distinguisher which leads to a complete decryption of the affected messages.

Seat Comfort. M4-M6.

Hardness is defined as the resistance and load bearing capability of an item. Seat hardness is an important factor in seat comfort as it impacts on a number of variables including seat postural stability, postural control, pressure comfort as a result of tissue deformation, and occupant vibration. The development of the test rig further on described in this report will enable Futuris Automotive to develop their current comfort testing procedures and thus increase the comfort of their automotive seats. The test rig consists of a buttock indenter, which produces a controlled application of a load to a seat cushion with measured displacement via a linear indenter. In parallel with the physical property presented, an analytic (software) finite element tool was developed to simulate seat pressure in an ANSYS Workbench V13 environment. This report also details the procedure required for Futuris to accurately and precisely measure cushion hardness which will enhance their comfort testing procedures, product development and target settings. The report is divided into three main sections: 1 Test equipment specification (M4) - A detailed description of the process used to build the seat cushion indenter and a description of the indenter mechanical structure and electrical functionality (chapter 2). 2 Analytic tool specification (M5) – A detailed description of the CAE seat and indenter software tool, developed as a finite element model (FEM) under ANSYS Workbench V13 to simulate indentation of a physical seat cushion similar to the hardware tool (chapter 3). 3 Product Development and Comfort Design Procedure (M6) - The cushion hardness testing procedure to be used with the physical indenter. This milestone is partially incomplete, as it covers a description of the test procedure to be applied, however not the operating system (control software) required to operate the physical property (chapter 4). Although outside the scope of this project, this report also details the testing procedures required to measure overall seatback hardness.

Initialisation flaws in the A5-GMR-1 satphone encryption algorithm

A5-GMR-1 is a synchronous stream cipher used to provide confidentiality for communications between satellite phones and satellites. The keystream generator may be considered as a finite state machine, with an internal state of 81 bits. The design is based on four linear feedback shift registers, three of which are irregularly clocked. The keystream generator takes a 64-bit secret key and 19-bit frame number as inputs, and produces an output keystream of length between $2^8$ and $2^{10}$ bits. Analysis of the initialisation process for the keystream generator reveals serious flaws which significantly reduce the number of distinct keystreams that the generator can produce. Multiple (key, frame number) pairs produce the same keystream, and the relationship between the various pairs is easy to determine. Additionally, many of the keystream sequences produced are phase shifted versions of each other, for very small phase shifts. These features increase the effectiveness of generic time-memory tradeoff attacks on the cipher, making such attacks feasible.