So, how long does it take you now to search these tables for a single key? With what type of hardware?
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Frank A. Stevenson Sent: Wednesday, June 16, 2010 11:21 AM To: [email protected] Subject: [A51] Announcing "Berlin A5/1 rainbow table set." Great progress has been made in computing ATI tables with 100 extra clockings, we got some unexpected but very welcome help from university students, and at most there were 8 GPUs on the job. 2x5850 + 2x5870 + 2x5970 - allowing us to compute almost 2 TB of tables in around 4 weeks of time. Currently computation has been halted while we evaluate the coverage, look at better compressions schemes, and focus on more efficient ways to perform "table lookups" - a euphemism for cracking A5/1 i.e. recovering keys from cipherstream. 39-40 tables have been computed, in what we have dubbed the "Berlin A5/1 rainbow table set." The Berlin reference I feel is significant, besides the fact that the ideas to create these tables originated there, it has also has been a collection point for assembling the tables. Moreover, Berlin was also a focal point for tensions during the cold war, tensions that in fact dictated the need for creating A5/1 in the first place. In some ways A5/1 was intended as a virtual wall erected by the West towards the East, to safeguard privacy of communication. Fortunately the physical wall that separated East & West fell even before A5/1 was fielded in the first GSM networks in 1991. Still A5/1 continued to serve as a relatively effective protective measure for cellular communications. But over time, as computers, FPGAs eventually GPUs grew faster and faster, the once significant defenses of A5/1 started crumbling, and eventually they offered little or no protection. In response to the relentless advance of computing power, key-lengths were increased, but in short order the available arsenal of remedies where exhausted. Despite numerous claims that GSM encryption was at at the end of its useful life, the GSMA kept insisting that the security offered by A5/1 was adequate. Such denials and counterclaims, are obviously counterproductive and even dangerous. I therefore feel privileged to have taken part in this project, where hackers from both former East & West have worked together on dismantling the remains of A5/1 - and effectively declared it completely dead and broken. Our hope is that this will bring about a shift towards proper security in cellular communications, and not further compromised solutions like A5/1 was from the outset. The tables that constitute the "Berlin A5/1 rainbow table set." given by their IDs are as follows: 100 108 116 124 132 140 148 156 164 172 180 188 196 204 212 220 230 238 250 260 268 276 284 292 324 332 340 348 356 364 372 380 388 396 404 412 420 428 492 500 (284 & 492 are optional) Due to their size, theses tables are not easily copied over the Internet, so I have decided to resort to physical transfer in making copies available to research etc. This I will do by announcing some of my traveling to the list, and if there are interested receiving parties, I can bring along tables on hard disk(s) for replication. After some initial seeding, I believe there will be enough interest for these tables to make them go viral. In addition, anyone who finds themselves in Oslo, Norway are welcome to request a copy. The first available location to make a copy will be: * Bucharest, Romania, June 24th - July 5th 2010 Other arrangements can also be made, such as swapping preloaded disks for cash (165EUR @cost) at Schiphol airport. regards, Frank A. Stevenson _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51 _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
