基于Nonce重用的ACORN v3状态恢复攻击

张国双; 陈晓; 林东岱; 刘凤梅

doi:10.11959/j.issn.1000-436x.2020164

您当前的位置：

首页 >

文章列表页 >

基于Nonce重用的ACORN v3状态恢复攻击

学术论文 | 更新时间：2024-06-05

- 基于Nonce重用的ACORN v3状态恢复攻击
- State recovery attack on ACORN v3 in nonce-reuse setting
- 通信学报 2020年41卷第8期页码：11-21
- 作者机构：
  
  1. 中国科学院信息工程研究所，北京 100093
  2. 中国科学院大学网络空间安全学院，北京 100049
  3. 信息保障技术重点实验室，北京 100072
- 作者简介：
  
  [ "张国双（1982- ），男，河北临城人，中国科学院信息工程研究所博士生，主要研究方向为密码理论、认证加密算法设计与分析等" ]
  [ "陈晓（1968- ），女，浙江杭州人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为信息安全" ]
  [ "林东岱（1964- ），男，山东聊城人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为密码理论、安全协议、网络空间安全等" ]
  [ "刘凤梅（1973- ），女，河南郸城人，博士，信息保障技术重点实验室研究员，主要研究方向为密码理论与应用" ]
- 基金信息：
  
  国家自然科学基金资助项目(6187204);“十三五”国家密码发展基金资助项目(MMJJ20170201);北京市自然科学基金资助项目(4202070)
- DOI：10.11959/j.issn.1000-436x.2020164
  中图分类号： TN918.1
- 网络出版日期：2020-08，
  
  纸质出版日期：2020-08-25
- 稿件说明：
移动端阅览
张国双, 陈晓, 林东岱, 等. 基于Nonce重用的ACORN v3状态恢复攻击[J]. 通信学报, 2020,41(8):11-21.

Guoshuang ZHANG, Xiao CHEN, Dongdai LIN, et al. State recovery attack on ACORN v3 in nonce-reuse setting[J]. Journal on communications, 2020, 41(8): 11-21.
张国双, 陈晓, 林东岱, 等. 基于Nonce重用的ACORN v3状态恢复攻击[J]. 通信学报, 2020,41(8):11-21. DOI： 10.11959/j.issn.1000-436x.2020164.

Guoshuang ZHANG, Xiao CHEN, Dongdai LIN, et al. State recovery attack on ACORN v3 in nonce-reuse setting[J]. Journal on communications, 2020, 41(8): 11-21. DOI： 10.11959/j.issn.1000-436x.2020164.

摘要

基于差分代数方法，利用猜测确定技术给出了Nonce重用两次情况下ACORN v3的状态恢复攻击，攻击所需的计算复杂度为2

122.5

c，数据复杂度和存储复杂度可忽略不计，其中c是求解线性方程组的复杂度。针对Nonce多次重用时的情形进行了分析，发现ACORN v3较复杂的滤波函数，使由密钥流直接提取关于内部状态线性方程的方法变得不可行，从而有效规避了通过增加Nonce重用次数来显著降低攻击复杂度的安全风险。

Abstract

Based on differential-algebraic method and guess-and-determine technique

the state recovery attack of ACORN v3 was presented when one pair of key and Nonce was used to encrypt two messages.The time complexity of the attack was 2

122.5

where c was the time complexity of solving linear equations.The data complexity and the storage complexity were negligible.Furthermore

according to the analysis on the sense of multiple nonce reuse

it is found that relatively complicated filter function of ACORN v3 makes it infeasible to extract the linear equations about the internal state directly from key streams.Thus

the risk of significantly reducing the attack complexity by increasing the times of nonce reuse can be effectively avoided.

关键词

Keywords

references

WU H J . ACORN:a lightweight authenticated cipher (v1) [R ] . CAESAR First Round Submission , 2014 .

WU H J . ACORN:a lightweight authenticated cipher (v2) [R ] . CAESAR Second Round Submission , 2015 .

WU H J . ACORN:a lightweight authenticated cipher (v3) [R ] . Candidate for the CAESAR Competition , 2016 .

LIU M C , LIN D D . Cryptanalysis of lightweight authenticated cipher acorn [R ] . Crypto-Competition Mailing List , 2014 .

CHAIGNEAU C , FUHR T , GIBERT H . Full key-recovery on acorn in nonce-reuse and decryption-misuse settings [R ] . Crypto-Competition Mailing List , 2015 .

WANG S P , HU B , LIU Y , et al . Nonce-reuse attack on authenticated cipher ACORN [C ] // 2016 International Conference on Artificial Intelligence and Computer Science . Lancaster:DEStech Publication , 2016 : 379 - 385 .

ZHANG X J , LIN D D . Cryptanalysis of ACORN in nonce-reuse setting [C ] // 13th International Conference on Information Security and Cryptology . Berlin:Springer , 2017 : 342 - 361 .

SALAM M , BARTLETT H , DAWSON E , et al . Investigating cube attacks on the authenticated encryption stream cipher acorn [C ] // 2016 International Conference on Applications and Techniques in Information Security . Berlin:Springer , 2016 : 15 - 26 .

SALAM M , WONG K , BARTLETT H , et al . Finding state collisions in the authenticated encryption stream cipher ACORN [C ] // 2016 Proceedings of the Australasian Computer Science Week Multiconference . New York:ACM Press , 2016 , 36 : 1 - 10 .

LAFITTE F , LERMAN L , MARKOWITCH O , et al . SAT-based cryptanalysis of ACORN [R ] . IACR Cryptology ePrint Archive,Report 2016/521 , 2016 .

DWIVEDI A D , KLOUČEK M , MORAWIECKI P . SAT-based cryptanalysis of authenticated ciphers from the CAESAR competetion [C ] // 2017 The 14th International Conference on Security and Cryptography . Berlin:Springer , 2017 : 275 - 284 .

DIBYENDU R , SOURAV M . Some results on ACORN [R ] . IACR Cryptology ePrint Archive,Report 2016/1132 , 2016 .

TODO Y , ISOBE T , HAO Y L , et al . Cube attacks on non-blackbox polynomials based on division property [C ] // 2017 37th Annual International Cryptology Conference . Berlin:Springer , 2017 : 250 - 279 .

SIDDHANTI A A , MAITRA S , SINHA N . Certain observations on acorn v3 and the implications to TMDTO attacks [C ] // 2017 7th International Conference on Security,Privacy,and Applied Cryptography Engineering . Berlin:Springer , 2017 : 264 - 280 .

GHAFARI V A , HU H G . A new chosen IV statistical distinguishing framework to attack symmetric ciphers,and its application to ACORN-v3 and Grain-128a [J ] . Journal of Ambient Intelligence and Humanized Computing , 2019 , 10 : 2393 - 2400 .

WANG Q J , HAO Y L , TODO Y , et al . Improved division property based cube attacks exploiting algebraic properties of superpoly [C ] // 2018 38th Annual International Cryptology Conference . Berlin:Springer , 2018 : 275 - 305 .

ZHANG F , LIANG Z Y , YANG B L , et al . Survey of design and security evaluation of authenticated encryption algorithms in the CAESAR competition [J ] . Frontiers of Information Technology ＆Electronic Engineering , 2018 , 19 ( 12 ): 1475 - 1499 .

YANG J C , LIU M C , LIN D D . Cube cryptanalysis of round-reduced ACORN [C ] // 2019 22nd International Conference on Information Security . Berlin:Springer , 2019 : 44 - 64 .

KESARWANI A , ROY D , SARKAR S , et al . New cube distinguishers on NFSR-based stream ciphers [J ] . Design,Codes and Cryptography , 2020 , 88 : 173 - 199 .

浏览量

397

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

Saturnin-Short轻量级认证加密算法的统计无效故障分析

MIBS密码的零相关—积分攻击

FOX算法的中间相遇攻击

HIGHT算法的积分攻击

MIBS算法的积分攻击