A52HackTool 1.3.0
Turnkey & easy to use tool for cracking the GSM A5/2 cipher
Functions | Variables
attack.c File Reference

Implementation of A52 attack. More...

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <pthread.h>
#include <time.h>
#include "utils.h"
#include "attack.h"
#include "code.h"
#include "keygen.h"
#include "matrices_generation.h"
#include "keysetup_reverse.h"

Functions

void attack_redispatchLFSRdata (const byte LFSRState[REGS_TOTAL_VARS-1], byte R1[R1_BITS], byte R2[R2_BITS], byte R3[R3_BITS])
 Translates a compact LFSR representation (only including variables) into separate registers (adding initial "1" constants)
int attack_checkDoubleVars (const byte LFSRState[REGS_TOTAL_VARS-1])
 Checks that all double variables values are consistent with single variables ones.
void freeRAM ()
 Frees the RAM used to store resolution matrices.
int initializeRAM (const char *filename)
 Initializes the RAM storage of resolution matrices from a given binary file.
int attack_decipherSecretKey (cipherTextArgs *ctArgs, int lowindex, int highindex, int *keyFound, byte secretKey[SECRETKEY_BITS])
 Thread attack method.
void * attack_launchAttack (void *data)
 Thread initializer.
int attack (cipherTextArgs *ctArgs, byte secretKey[SECRETKEY_BITS])
 Performs the attack on a given problem, then writes back the solution.
int attack_test ()
 Autotests the attack on a verified set of problem/solution.

Variables

unsigned int ** ALLMATRICES
 RAM Storage for Resolution Matrices.

Detailed Description

Implementation of A52 attack.

Author:
Nicolas Paglieri & Olivier Benjamin
Version:
File Revision #27
Date:
01/12/2011

Function Documentation

int attack ( cipherTextArgs ctArgs,
byte  secretKey[SECRETKEY_BITS] 
)

Performs the attack on a given problem, then writes back the solution.

Parameters:
[in]ctArgsProblem to be solved
[out]secretKeyDeciphered secret key if the attack succeeded, all zeros otherwise
Returns:
0 if the attack is successfull, non-zero otherwise

References ALLMATRICES, attack_launchAttack(), threadArgs::ctArgs, DEBUG, DUMP_CHAR_VECTOR, threadArgs::highindex, threadArgs::keyFound, threadArgs::lowindex, PROCESSING_THREADS, and THREAD_CHUNKSIZE.

Referenced by attack_test(), and main().

int attack_checkDoubleVars ( const byte  LFSRState[REGS_TOTAL_VARS-1])

Checks that all double variables values are consistent with single variables ones.

Parameters:
[in]LFSRStateCompact LFSR representation
Returns:
0 if the state is consistent, non-zero otherwise

References R1_SIMPLE_VARS, R2_SIMPLE_VARS, R3_SIMPLE_VARS, and REGS_SIMPLE_VARS.

Referenced by attack_decipherSecretKey().

int attack_decipherSecretKey ( cipherTextArgs ctArgs,
int  lowindex,
int  highindex,
int *  keyFound,
byte  secretKey[SECRETKEY_BITS] 
)

Thread attack method.

Parameters:
[in]ctArgsProblem to solve
[in]lowindexIndex to start the search form (inclusive)
[in]highindexLast index to be analyzed (exclusive)
[in]keyFoundSolution found flag
[out]secretKeyStorage for a potential solution
Returns:
0 if the attack is thread-locally successful, non-zero otherwise

References ALLMATRICES, attack_checkDoubleVars(), attack_redispatchLFSRdata(), BINPRODUCT_MATRIX_VECTOR, cipherTextArgs::cipherText1, cipherTextArgs::cipherText2, cipherTextArgs::cipherText3, CODEWORD_LENGTH, cipherTextArgs::frameId, getR4fromIndex(), NEEDED_ENCRYPTED_MESSAGES, processFullEncodingGMatrix(), processFullEncodingHMatrix(), PROGRESSBAR, R1, R1_BITS, R2, R2_BITS, R3, R3_BITS, R4, R4_BITS, REGS_TOTAL_VARS, RESOLUTION_MATRIX_INT_WIDTH, reverseKeysetup(), SOURCEWORD_LENGTH, SYNDROME_EMPTY_EQUATIONS, SYNDROME_LENGTH, and THREAD_CHUNKSIZE.

Referenced by attack_launchAttack().

void * attack_launchAttack ( void *  data)

Thread initializer.

Parameters:
[in]dataPointer to the thread's arguments
Returns:
NULL

References attack_decipherSecretKey(), threadArgs::ctArgs, threadArgs::highindex, threadArgs::keyFound, threadArgs::lowindex, and threadArgs::secretKey.

Referenced by attack().

void attack_redispatchLFSRdata ( const byte  LFSRState[REGS_TOTAL_VARS-1],
byte  R1[R1_BITS],
byte  R2[R2_BITS],
byte  R3[R3_BITS] 
)

Translates a compact LFSR representation (only including variables) into separate registers (adding initial "1" constants)

Parameters:
[in]LFSRStateCompact LFSR representation
[out]R1First LFSR
[out]R2Second LFSR
[out]R3Third LFSR

References R1, R1_INITIAL_CONST_POS, R1_SIMPLE_VARS, R2, R2_INITIAL_CONST_POS, R2_SIMPLE_VARS, R3, R3_INITIAL_CONST_POS, and R3_SIMPLE_VARS.

Referenced by attack_decipherSecretKey().

int attack_test ( )
int initializeRAM ( const char *  filename)

Initializes the RAM storage of resolution matrices from a given binary file.

Parameters:
[in]filenamePath of the file containing resolution matrices
Returns:
0 if the initialization is successfull, non-zero otherwise

References ALLMATRICES, BUFFER_SIZE, DEBUG, freeRAM(), NEEDED_ENCRYPTED_MESSAGES, RESOLUTION_MATRIX_INT_WIDTH, SYNDROME_LENGTH, and TOTAL_MATRICES.

Referenced by attack_test(), and main().