Cryptanalysis of the Cellular Message Encryption Algorithm

Draft -- 20 March 1997

David Wagner, Bruce Schneier, and John Kelsey
Counterpane Labs

ABSTRACT: This paper analyzes the Telecommunications Industry Association's Cellular Message Encryption Algorithm (CMEA), which is used for confidentiality of the control channel in the most recent American digital cellular telephony systems. We describe an attack on CMEA which requires 40--80 known plaintexts, has time complexity about 2^24--2^32, and finishes in minutes or hours of computation on a standard workstation. This demonstrates that CMEA is deeply flawed.

[full text - postscript] [full text - PDF]

up to CMEA

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..