Creating A5/1 Rainbow Tables
The Time/Memory Trade-off framework is still in its early stage of development. It was started in early 2009 and now, it reached its basic architectural stability.
The attack on the A5/1, is a reimplementation of the THC work THC, which was done in early 2008.
Our approach differs slightly, as we use more common hardware to generate the tables, namely, graphics cards with GPGPU capability, and attempt to build a distributed infrastructure of nodes. Wherein each node will donate a small portions of a disk space, as part of the table and some kind of fast hardware and will be used for the generation of, and lookup of, the nodes own table.
We also took this project, as a motivation to design, and code a general purpose TMTO library. The attack itself is still the same, and we owe THC much for their pioneering work.
For the GSM data information and software please visit http://airprobe.org.
This wiki is the canonical documentation.
Please take a look at the ---->IMPORTANT ANNOUNCEMENTS<---- first
and stay up to date with the NewsAndChanges, and find a common answers in the FAQ
get unique table parameters here
The unique id was not stored in the tables, so you’ll have to write that down somewhere, without that id the tables will be useless, as one would have to find the correct id, by brute forcing all possible values. (Well the current svn version does create a metadata file for a table (named <prefix>.table), but you'll never know)
Download binaries (linux 32bit) (linux 64bit) (windows 32bit) (windows 64bit). (revision 58 from October 25 2009)
Here, you can see the current working condition of the nodes; report shows the status of the server, on left is 24 hours, and on right is 7 days statistics. Note that the status updates can easily be forged until a verification process is implemented (coming soon). The graph looks strange, because, the total number of chains will only be computed from the connected nodes. (It will be fixed together with the verification).
Important note: The only way that the software should be used at this point is to run with a fixed set of options without deviation. As it is still alpha software, other uses to certainly reveal bugs. Some of the documented features are not actually implemented but will be in the near future. The only reason for giving out incomplete software is the fact that table generation takes a lot of time and should be started as soon as possible. Still the software was designed from the start as a general purpose tool and can already do a lot more.
These are the options that should be used now to generate tables. Every table that is generated needs to have a different initial seed for the round function generator, which is given as the arguments to the advance sub option of the --roundfunc:generator option. As you can see the seed is zero in the example. Use the cgi above to request a tabled. At this stage of deployment, the developers will answer all your questions and check small portions of your generated tables against a reference implementation (set the --chains option of the generate command to something like 1024 and send in the generated table, for example by creating a trac ticket).
With the build-in default configuration file, the invocation looks like this:
$ a51table --advance XXX --consume file:prefix=data:append --network nickname=<your_name>:password=<your_passwd>:host=reflextor.com:port=80 --operations 512 generate
Written in full detail that amounts to:
--condition rounds:rounds=32 --roundfunc xor:condition=distinguished_point::bits=15:generator=lfsr::tablesize=32::advance=0 --network nickname=your_name:password=<your_passwd>:host=reflextor.com:port=80 --implementation sharedmem --algorithm A51 --device cuda:operations=512 --work random:prefix=11,0 --consume file:prefix=data:append --logger normal generate --chains 380000000 --chainlength 3000000 --intermediate filter:runlength=512
The mailing list address is a51@… and you can subscribe here
Check out the code with
svn co https://svn.reflextor.com/tmto-svn
