| Commercial mobile communication appeared in the late1970s and it obtained rapid development with the development of human’s science and technology and human’s new requirements in the decades. People are more and more inseparable from the mobile communication and use it for all kinds of information exchange everyday in morden life. These put forward high requirements on the safety of the mobile communication.WCDMA system is one of the three standards of3G and being used by China Unicom. An important part of the security architecture of WCDMA system is the network access security. This thesis focuses on the related cryptographic algorithms of the network access security from the perspective of cryptography analysis and obtains the following results:1. The single-key attack on the full KASUMI in is improved. Precomputation distance in the meet-in-the-middle attack has increased and the calculation in the innermost loop has decreased by using a new basic key set and exhaustive key set. And relationship between the scale of the exhaustive key set and the computation complexity and storage complexity of the attack is analyzed. As a result, wthout increasing the computation complexity, the storage complexity is236which is213times better than that in [34] when the exhaustive key set is given19bits. At the same time, the computation complexity can decrease slightly when the exhaustive set increases to25bits.2. A key recovery attack on reduced KASUMI based f9is given by the meet-in-the-middle attack method. Firstly, three rounds KASUMI nested f9algorithm is analyzed. Aiming at the situation that the block number is2, the unkown varibales in sub-module1and sub-module2offset with the linear relation between K3in the second round and the particular input plaintexts. Precompute and get some bits in the MAC sub-module directly. On the other hand, the same part of value is calculated again by inverse calculation. Then the meet-in-the-middle attack is formed there. A result,232chosen plaintexts are needed, the storage complexity is232and computation complexity is21245. Secondly, four rouds KASUMI based f9is analyzed. Compared to the former, since the more rounds and the change of structure, the unkown variables can not offset any more, but the meet-in-the-middle attack could still be given and the computation complexity increses a bit than the former one. At last,232chosen plaintexts is needed, the storage complexity is236and the computation complexity is2125.85.3. A related key attack on th f9-which is a variant of f9is given.f9-algorithm has a secret constant S·x related to the user. A scheme is designed according to the model of f9-and the constant is obtained by some online judgements. Then, the7-round KASUMI related key distinguisher is applied into f9-and f9-algorithm is attacked for the first time with278times f9-calculation. Finally, an improvement is put up with about the computation complexity, then the attack needs244times f9-calculation at most with242chosen plaintexts and267online judgements. |
PDF Full Text Request