基于Nonce重用的ACORN v3状态恢复攻击
State recovery attack on ACORN v3 in nonce-reuse setting
- 通信学报 2020年41卷第8期 页码:11-21
- 作者机构:
1. 中国科学院信息工程研究所,北京 100093
2. 中国科学院大学网络空间安全学院,北京 100049
3. 信息保障技术重点实验室,北京 100072
- 作者简介:
[ "张国双(1982- ),男,河北临城人,中国科学院信息工程研究所博士生,主要研究方向为密码理论、认证加密算法设计与分析等" ]
[ "陈晓(1968- ),女,浙江杭州人,博士,中国科学院信息工程研究所研究员、博士生导师,主要研究方向为信息安全" ]
[ "林东岱(1964- ),男,山东聊城人,博士,中国科学院信息工程研究所研究员、博士生导师,主要研究方向为密码理论、安全协议、网络空间安全等" ]
[ "刘凤梅(1973- ),女,河南郸城人,博士,信息保障技术重点实验室研究员,主要研究方向为密码理论与应用" ]
- 基金信息:国家自然科学基金资助项目(6187204);“十三五”国家密码发展基金资助项目(MMJJ20170201);北京市自然科学基金资助项目(4202070)
DOI:10.11959/j.issn.1000-436x.2020164
中图分类号: TN918.1-
网络首发:2020-08,
纸质出版:2020-08-25
- 稿件说明:
移动端阅览
张国双, 陈晓, 林东岱, 等. 基于Nonce重用的ACORN v3状态恢复攻击[J]. 通信学报, 2020,41(8):11-21.
Guoshuang ZHANG, Xiao CHEN, Dongdai LIN, et al. State recovery attack on ACORN v3 in nonce-reuse setting[J]. Journal on Communications, 2020, 41(8): 11-21.
张国双, 陈晓, 林东岱, 等. 基于Nonce重用的ACORN v3状态恢复攻击[J]. 通信学报, 2020,41(8):11-21. DOI: 10.11959/j.issn.1000-436x.2020164.
Guoshuang ZHANG, Xiao CHEN, Dongdai LIN, et al. State recovery attack on ACORN v3 in nonce-reuse setting[J]. Journal on Communications, 2020, 41(8): 11-21. DOI: 10.11959/j.issn.1000-436x.2020164.
摘要
基于差分代数方法,利用猜测确定技术给出了Nonce重用两次情况下ACORN v3的状态恢复攻击,攻击所需的计算复杂度为2
122.5
c,数据复杂度和存储复杂度可忽略不计,其中c是求解线性方程组的复杂度。针对Nonce多次重用时的情形进行了分析,发现ACORN v3较复杂的滤波函数,使由密钥流直接提取关于内部状态线性方程的方法变得不可行,从而有效规避了通过增加Nonce重用次数来显著降低攻击复杂度的安全风险。
Abstract
Based on differential-algebraic method and guess-and-determine technique
the state recovery attack of ACORN v3 was presented when one pair of key and Nonce was used to encrypt two messages.The time complexity of the attack was 2
122.5
c
where c was the time complexity of solving linear equations.The data complexity and the storage complexity were negligible.Furthermore
according to the analysis on the sense of multiple nonce reuse
it is found that relatively complicated filter function of ACORN v3 makes it infeasible to extract the linear equations about the internal state directly from key streams.Thus
the risk of significantly reducing the attack complexity by increasing the times of nonce reuse can be effectively avoided.
关键词
Keywords
references
WU H J . ACORN:a lightweight authenticated cipher (v1) [R ] . CAESAR First Round Submission , 2014 .
WU H J . ACORN:a lightweight authenticated cipher (v2) [R ] . CAESAR Second Round Submission , 2015 .
WU H J . ACORN:a lightweight authenticated cipher (v3) [R ] . Candidate for the CAESAR Competition , 2016 .
LIU M C , LIN D D . Cryptanalysis of lightweight authenticated cipher acorn [R ] . Crypto-Competition Mailing List , 2014 .
CHAIGNEAU C , FUHR T , GIBERT H . Full key-recovery on acorn in nonce-reuse and decryption-misuse settings [R ] . Crypto-Competition Mailing List , 2015 .
WANG S P , HU B , LIU Y , et al . Nonce-reuse attack on authenticated cipher ACORN [C ] // 2016 International Conference on Artificial Intelligence and Computer Science . Lancaster:DEStech Publication , 2016 : 379 - 385 .
ZHANG X J , LIN D D . Cryptanalysis of ACORN in nonce-reuse setting [C ] // 13th International Conference on Information Security and Cryptology . Berlin:Springer , 2017 : 342 - 361 .
SALAM M , BARTLETT H , DAWSON E , et al . Investigating cube attacks on the authenticated encryption stream cipher acorn [C ] // 2016 International Conference on Applications and Techniques in Information Security . Berlin:Springer , 2016 : 15 - 26 .
SALAM M , WONG K , BARTLETT H , et al . Finding state collisions in the authenticated encryption stream cipher ACORN [C ] // 2016 Proceedings of the Australasian Computer Science Week Multiconference . New York:ACM Press , 2016 , 36 : 1 - 10 .
LAFITTE F , LERMAN L , MARKOWITCH O , et al . SAT-based cryptanalysis of ACORN [R ] . IACR Cryptology ePrint Archive,Report 2016/521 , 2016 .
DWIVEDI A D , KLOUČEK M , MORAWIECKI P . SAT-based cryptanalysis of authenticated ciphers from the CAESAR competetion [C ] // 2017 The 14th International Conference on Security and Cryptography . Berlin:Springer , 2017 : 275 - 284 .
DIBYENDU R , SOURAV M . Some results on ACORN [R ] . IACR Cryptology ePrint Archive,Report 2016/1132 , 2016 .
TODO Y , ISOBE T , HAO Y L , et al . Cube attacks on non-blackbox polynomials based on division property [C ] // 2017 37th Annual International Cryptology Conference . Berlin:Springer , 2017 : 250 - 279 .
SIDDHANTI A A , MAITRA S , SINHA N . Certain observations on acorn v3 and the implications to TMDTO attacks [C ] // 2017 7th International Conference on Security,Privacy,and Applied Cryptography Engineering . Berlin:Springer , 2017 : 264 - 280 .
GHAFARI V A , HU H G . A new chosen IV statistical distinguishing framework to attack symmetric ciphers,and its application to ACORN-v3 and Grain-128a [J ] . Journal of Ambient Intelligence and Humanized Computing , 2019 , 10 : 2393 - 2400 .
WANG Q J , HAO Y L , TODO Y , et al . Improved division property based cube attacks exploiting algebraic properties of superpoly [C ] // 2018 38th Annual International Cryptology Conference . Berlin:Springer , 2018 : 275 - 305 .
ZHANG F , LIANG Z Y , YANG B L , et al . Survey of design and security evaluation of authenticated encryption algorithms in the CAESAR competition [J ] . Frontiers of Information Technology &Electronic Engineering , 2018 , 19 ( 12 ): 1475 - 1499 .
YANG J C , LIU M C , LIN D D . Cube cryptanalysis of round-reduced ACORN [C ] // 2019 22nd International Conference on Information Security . Berlin:Springer , 2019 : 44 - 64 .
KESARWANI A , ROY D , SARKAR S , et al . New cube distinguishers on NFSR-based stream ciphers [J ] . Design,Codes and Cryptography , 2020 , 88 : 173 - 199 .
0
浏览量
607
下载量
0
CSCD
- 网络PDF下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
AI问答- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:584097 今日访问量:1913