SOBER-128 is a synchronous stream cipher designed by Hawkes and Rose (2003) and is a member of the SOBER family of ciphers. SOBER-128 was also designed to provide MAC (message authentication code) functionality.

Watanabe and Furuya (2004) showed a weakness in the MAC generation of SOBER-128 which means an attack could forge a message with probability 2−6.[1] MAC functionality was deleted by Qualcomm from SOBER-128 reference code.

SOBER-128 takes a key up to 128 bits in length.[2]

See also

edit

References

edit
  1. ^ Watanabe, Dai; Furuya, Soichi. "A MAC forgery attack on SOBER-128" (PDF).
  2. ^ Hawkes, Philip; Paddon, Michael; Rose, Gregory. "Primitive Specification for SOBER-128 (Version 2.0)" (PDF). p. 3. Archived from the original (PDF) on 2 April 2012.
edit