对轻量级分组密码I-PRESENT-80和I-PRESENT-128的biclique攻击

崔杰; 左海风; 仲红

doi:10.11959/j.issn.1000-436x.2017214

您当前的位置：

首页 >

文章列表页 >

对轻量级分组密码I-PRESENT-80和I-PRESENT-128的biclique攻击

学术论文 | 更新时间：2024-06-05

- 对轻量级分组密码I-PRESENT-80和I-PRESENT-128的biclique攻击
- Biclique cryptanalysis on lightweight block ciphers I-PRESENT-80 and I-PRESENT-128
- 通信学报 2017年38卷第11期页码：13-23
- 作者机构：
  
  安徽大学计算机科学与技术学院，安徽合肥 230039
- 作者简介：
  
  [ "崔杰（1980-），男，河南淮阳人，博士，安徽大学副教授、硕士生导师，主要研究方向为网络与信息安全。" ]
  [ "左海风（1992-），男，安徽宿州人，安徽大学硕士生，主要研究方向为分组密码的设计与分析。" ]
  [ "仲红（1965-），女，安徽固镇人，博士，安徽大学教授、博士生导师，主要研究方向为网络与信息安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61502008);国家自然科学基金资助项目(6157200);安徽省自然科学基金资助项目(1508085QF132)
- DOI：10.11959/j.issn.1000-436x.2017214
  中图分类号： TN918.1
- 网络首发：2017-11，
  
  纸质出版：2017-11-25
- 稿件说明：
移动端阅览
崔杰, 左海风, 仲红. 对轻量级分组密码I-PRESENT-80和I-PRESENT-128的biclique攻击[J]. 通信学报, 2017,38(11):13-23.

Jie CUI, Hai-feng ZUO, Hong ZHONG. Biclique cryptanalysis on lightweight block ciphers I-PRESENT-80 and I-PRESENT-128[J]. Journal on Communications, 2017, 38(11): 13-23.
崔杰, 左海风, 仲红. 对轻量级分组密码I-PRESENT-80和I-PRESENT-128的biclique攻击[J]. 通信学报, 2017,38(11):13-23. DOI： 10.11959/j.issn.1000-436x.2017214.

Jie CUI, Hai-feng ZUO, Hong ZHONG. Biclique cryptanalysis on lightweight block ciphers I-PRESENT-80 and I-PRESENT-128[J]. Journal on Communications, 2017, 38(11): 13-23. DOI： 10.11959/j.issn.1000-436x.2017214.

摘要

I-PRESENT是一种适用于RFID、无线传感节点等资源受限环境的代换——置换型分组密码。利用中间筛选技术来构造I-PRESENT的biclique结构，首次对全轮I-PRESENT-80和I-PRESENT-128算法进行了biclique攻击。结果表明，biclique对I-PRESENT-80和I-PRESENT-128攻击的数据复杂度分别为2

和2

个选择密文；攻击的时间复杂度分别为2

79.48

和2

127.33

次加密。攻击在时间复杂度和数据复杂度上均优于穷举。利用提出的I-PRESENT的密钥相关性技术，攻击的时间复杂度可以进一步降低到2

78.61

和2

126.48

。

Abstract

I-PRESENT was a lightweight SPN block cipher for resource-constraint environments such as RFID tags and sensor networks.The biclique structures of I-PRESENT with sieve-in-the-middle technique was an constracted.The biclique cryptanalysis schemes on full-round I-PRESENT-80 and I-PRESENT-128 were proposed for the first time.The results show that the data complexity of the biclique cryptanalysis on I-PRESENT-80 and I-PRESENT-128 is 2

and 2

chosen ciphertexts respectively，and the time complexity on them is 2

79.48

and 2

127.33

encryptions respectively.The time and data complexity are better than that of the exhaustive attack.In addition

the time complexity on them can be reduced to 2

78.61

and 2

126.48

encryptions by using related-key technology of I-PRESENT.

关键词

Keywords

references

BOGDANOV A , KNUDSEN L R , LEANDER G , et al . PRESENT:an ultra-lightweight block cipher [C ] // Internation Workshop on Cryptographic Hardware and Embedded Systems . 2007 : 450 - 466 .

DE C , DUNKELMAN O,KNEŽEVIĆ M . KATAN and KTANTAN-a family of small and efficient hardware-oriented block ciphers [M ] // Cryptographic Hardware and Embedded Systems-CHES 2009 . Springer,Berlin,Heidelberg , 2009 : 272 - 288 .

WU W , ZHANG L . LBlock:a lightweight block cipher [C ] // Applied Cryptography and Network Security,9th InternationalConference . 2011 : 327 - 344 .

GUO J , PEYRIN T , POSCHMANN A , et al . The LED block cipher [M ] // Cryptographic Hardware and Embedded Systems . 2011 : 326 - 341 .

BORGHOFF J , CANTEAUT A , GÜNEYSU T , et al . PRINCE-A low-latency block cipher for pervasive computing applications [C ] // International Conference on the Theory and Application of Cryptology and Information Security . 2012 : 208 - 225 .

BEAULIEU R , SHORS D , SMITH J , et al . The simon and speck families of lightweight block ciphers [J ] . Cryptology ePrint Archive , 2013 .

ZABA M R , JAMIL N , RUSLI M E , et al . I-PRESENT:an involutive lightweight block cipher [J ] . Journal of Information Security , 2014 , 5 ( 3 ): 114 - 122 .

KHOVRATOVICH D , RECHBERGER C , SAVELIEVA A . Bicliques for preimages:attacks on skein-512 and the SHA-2 family [C ] // International Conference on FAST Software Encryption . 2012 : 244 - 263 .

BOGDANOV A , KHOVRATOVICH D , RECHBERGER C . Biclique cryptanalysis of the full AES [C ] // The Theory and Application of Cryptology and Information Security . 2011 : 344 - 371 .

陈少真 , 刘佳 . 对全轮3D分组密码算法的Biclique攻击 [J ] . 计算机学报 . 2014 , 37 ( 5 ): 1063 - 1070 .

CHEN S Z , LIU J . Biclique cryptanalysis on full 3D block cipher [J ] . Chinese Journal of Computers , 2014 , 37 ( 5 ): 1063 - 1070 .

MALA H . Biclique-based cryptanalysis of the block cipher SQUARE [J ] . Iet Information Security , 2014 , 8 ( 3 ): 207 - 212 .

HONG D , KOO B , KWON D . Biclique attack on the Full HIGHT [C ] // International Conference on Information Security and Cryptology . 2011 : 365 - 374 .

WANG Y , WU W , YU X . Biclique cryptanalysis of reduced-round piccolo block cipher [C ] // International Conference on Information Security Practice and Experience . 2012 : 337 - 352 .

CHEN S Z , XU T M , CHEN S Z , et al . Biclique attack of the full ARIA-256 [C ] // IACR Cryptology ePrint Archive . 2012 .

WANG Y , WU W , YU X , et al . Security on LBlock against biclique cryptanalysis [M ] // Information Security Applications . 2012 : 1 - 14 .

COBAN M , KARAKOC F , BOZTAS Ö . Biclique cryptanalysis of TWINE [C ] // CANS . 2012 : 43 - 55 .

KHOVRATOVICH D , LEURENT G , RECHBERGER C . Narrowbicliques:cryptanalysis of full IDEA [C ] // International Conference on Theory and Applications of Cryptographic Techniques . 2012 : 392 - 410 .

AHMADIAN Z , SALMASIZADEH M , AREF M R . Biclique cryptanalysis of the full-round KLEIN block cipher [J ] . Information Security Iet , 2015 , 9 ( 5 ): 294 - 301 .

SHAKIBA M , DAKHILALIAN M , MALA H . Non-isomorphic biclique cryptanalysis and its application to full-round mCrypton [J ] . IACR Cryptology ePrint Archive , 2013 :141.

CANTEAUT A , NAYA-PLASENCIA M , VAYSSIERE B . Sieve-inthe-middle:improved MITM attacks [M ] // Cryptology-CRYPTO 2013 . Springer,Berlin,Heidelberg , 2013 : 222 - 240 .

浏览量

1379

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于矩阵方法的减轮

μ^{2}

算法不可能差分分析

Saturnin算法的不可能差分分析

FeW的差分故障攻击

TWINE算法的相关密钥不可能飞来去器攻击

轻量级分组密码算法TWINE差分故障攻击的改进