https://thehill.com/policy/technology/558815-researchers-discover-flaw-in-2g...
Please post the long and direct links to source material, not useless shortlinks expiring and "news" sites wasting readers to do work of poster to search click etc. https://eprint.iacr.org/2021/819 Cryptology ePrint Archive: Report 2021/819 Cryptanalysis of the GPRS Encryption Algorithms GEA-1 and GEA-2 Christof Beierle and Patrick Derbez and Gregor Leander and Gaëtan Leurent and Håvard Raddum and Yann Rotella and David Rupprecht and Lukas Stennes Abstract: This paper presents the first publicly available cryptanalytic attacks on the GEA-1 and GEA-2 algorithms. Instead of providing full 64-bit security, we show that the initial state of GEA-1 can be recovered from as little as 65 bits of known keystream (with at least 24 bits coming from one frame) in time 240 GEA-1 evaluations and using 44.5 GiB of memory. The attack on GEA-1 is based on an exceptional interaction of the deployed LFSRs and the key initialization, which is highly unlikely to occur by chance. This unusual pattern indicates that the weakness is intentionally hidden to limit the security level to 40 bit by design. In contrast, for GEA-2 we did not discover the same intentional weakness. However, using a combination of algebraic techniques and list merging algorithms we are still able to break GEA-2 in time 245.1 GEA-2 evaluations. The main practical hurdle is the required knowledge of 1600 bytes of keystream. Category / Keywords: secret-key cryptography / GPRS Encryption, Stream Cipher, Algebraic attacks, GEA Original Publication (in the same form): IACR-EUROCRYPT-2021 DOI: 10.1007/978-3-030-77886-6_6 Date: received 15 Jun 2021 Contact author: christof beierle at rub de, patrick derbez@irisa fr, gregor leander@rub de, gaetan leurent@inria fr, haavardr@simula no, yann rotella@uvsq fr, david rupprecht@rub de, lukas stennes@rub de Available format(s): PDF | BibTeX Citation Version: 20210616:133848 (All versions of this report) Short URL: ia.cr/2021/819