浏览全部资源
扫码关注微信
基于矩阵方法的减轮
Impossible differential cryptanalysis of reduced-round
- 通信学报 2024年45卷第11期 页码:106-113
- 作者机构:
1.西北师范大学数学与统计学院,甘肃 兰州 730070
2.西北师范大学密码技术与数据分析重点实验室,甘肃 兰州 730070
- 作者简介:
[ "杜小妮(1972- ),女,甘肃庆阳人,博士,西北师范大学教授、博士生导师,主要研究方向为密码学与信息安全等。" ]
[ "余恬(2001- ),女,安徽安庆人,西北师范大学硕士生,主要研究方向为密码学与信息安全等。" ]
[ "贾美纯(1998- ),女,河南南阳人,西北师范大学硕士生,主要研究方向为密码学与信息安全等。" ]
[ "梁丽芳(1995- ),女,甘肃定西人,西北师范大学博士生,主要研究方向为密码学与信息安全等。" ]
- 基金信息:国家自然科学基金资助项目;The National Natural Science Foundation of China(62172337);甘肃省自然科学基金重点资助项目;Key Project of Gansu Natural Science Foundation(23JRRA685);甘肃省基础研究创新群体基金资助项目(23JRRA684)
DOI:10.11959/j.issn.1000-436x.2024196
中图分类号: TP309.7收稿日期:2024-07-02,
修回日期:2024-10-22,
纸质出版日期:2024-11-25
- 稿件说明:
移动端阅览
杜小妮,余恬,贾美纯等.基于矩阵方法的减轮μ2算法不可能差分分析[J].通信学报,2024,45(11):106-113.
DU Xiaoni,YU Tian,JIA Meichun,et al.Impossible differential cryptanalysis of reduced-round μ2 algorithm based on matrix method[J].Journal on Communications,2024,45(11):106-113.
杜小妮,余恬,贾美纯等.基于矩阵方法的减轮μ2算法不可能差分分析[J].通信学报,2024,45(11):106-113. DOI: 10.11959/j.issn.1000-436x.2024196.
DU Xiaoni,YU Tian,JIA Meichun,et al.Impossible differential cryptanalysis of reduced-round μ2 algorithm based on matrix method[J].Journal on Communications,2024,45(11):106-113. DOI: 10.11959/j.issn.1000-436x.2024196.
![PDF下载](/rc-pub/front/front-article/download/79134106/lowqualitypdf/基于矩阵方法的减轮<inline-formula><alternatives><math xmlns:mml="http://www.w3.org/1998/Math/MathML" id="M1"><msup><mrow><mi mathvariant="bold-italic">μ</mi></mrow><mrow><mn mathvariant="normal">2</mn></mrow></msup></math><graphic specific-use="big" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="alternativeImage/22C9D519-EA4F-4e54-A8CF-1ACB826F2179-M001.jpg"><?fx-imagestate width="5.50333309" height="5.58799982"?></graphic><graphic specific-use="small" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="alternativeImage/22C9D519-EA4F-4e54-A8CF-1ACB826F2179-M001c.jpg"><?fx-imagestate width="5.50333309" height="5.58799982"?></graphic></alternatives></inline-formula>算法不可能差分分析.pdf){kind=link}
摘要
为了评估
<math id="M3"><msup><mrow><mi>μ</mi></mrow><mrow><mn mathvariant="normal">2</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157537&type=
3.13266683
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157556&type=
2.87866688
算法在不可能差分分析方面的安全性,首先基于矩阵方法,结合中间相错技术构造了
<math id="M4"><msup><mrow><mi>μ</mi></mrow><mrow><mn mathvariant="normal">2</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157537&type=
3.13266683
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157556&type=
2.87866688
算法的9轮不可能差分区分器。其次在该区分器的基础上分别向前和向后扩展2轮,利用密钥桥技术,对
<math id="M5"><msup><mrow><mi>μ</mi></mrow><mrow><mn mathvariant="normal">2</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157537&type=
3.13266683
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157556&type=
2.87866688
算法进行了13轮密钥恢复攻击。研究结果表明,该攻击可恢复45 bit主密钥,数据复杂度为
<math id="M6"><msup><mrow><mn mathvariant="normal">2</mn></mrow><mrow><mn mathvariant="normal">42.5</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157544&type=
2.45533323
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157546&type=
5.24933338
个选择明文,时间复杂度为
<math id="M7"><msup><mrow><mn mathvariant="normal">2</mn></mrow><mrow><mn mathvariant="normal">65.3</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157547&type=
2.45533323
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157572&type=
5.24933338
次13轮算法加密。相比之前的研究结果,该研究实现了最长的攻击轮数,且数据复杂度显著降低。
Abstract
To evaluate the security of
<math id="M8"><msup><mrow><mi>μ</mi></mrow><mrow><mn mathvariant="normal">2</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157624&type=
3.13266683
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157642&type=
2.87866688
algorithm in impossible differential cryptanalysis
a 9-round impossible differential distinguisher of
<math id="M9"><msup><mrow><mi>μ</mi></mrow><mrow><mn mathvariant="normal">2</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157624&type=
3.13266683
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157642&type=
2.87866688
algorithm was constructed based on matrix method and meet-in-the middle technique firstly. Then
with the utilization of key-bridge technique
a 13-round key recovery attack was presented to
<math id="M10"><msup><mrow><mi>μ</mi></mrow><mrow><mn mathvariant="normal">2</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157587&type=
3.13266683
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157590&type=
2.87866688
algorithm by expanding the 9-round distinguisher forward and backward 2 rounds
respectively. The results show that the master key can be recovered 45 bit in the attack
the data complexity of plaintexts is
<math id="M11"><msup><mrow><mn mathvariant="normal">2</mn></mrow><mrow><mn mathvariant="normal">42.5</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157606&type=
2.45533323
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157595&type=
5.24933338
and the time complexity of 13 rounds of algorithm encryptions is
<math id="M12"><msup><mrow><mn mathvariant="normal">2</mn></mrow><mrow><mn mathvariant="normal">65.3</mn></mrow></msup></math>
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157628&type=
2.45533323
https://html.publish.founderss.cn/rc-pub/api/common/picture?pictureId=71157631&type=
5.24933338
. Compared with the previous research
the study achieves the longest attack rounds
and the data complexity is effectively reduced.
关键词
Keywords
references
WU W L , ZHANG L . LBlock: a lightweight block cipher [C ] // Applied Cryptography and Network Security: 9th International Conference . Berlin : Springer , 2011 : 327 - 344 .
BANIK S , BOGDANOV A , ISOBE T , et al . Midori: a block cipher for low energy [C ] // Proceedings of the 21st International Conference on the Theory and Application of Cryptology and Information Security . Berlin : Springer , 2015 : 411 - 436 .
BEIERLE C , JEAN J , KÖLBL S , et al . The SKINNY family of block ciphers and its low-latency variant MANTIS [C ] // Annual International Cryptology Conference . Berlin : Springer , 2016 : 123 - 153 .
BANIK S , PANDEY S K , PEYRIN T , et al . GIFT: a small present: towards reaching the limit of lightweight encryption [C ] // Cryptographic Hardware and Embedded Systems . Berlin : Springer , 2017 : 321 - 345 .
YEOH W Z , TEH J S , SAZALI M I S B M . µ2: a lightweight block cipher [C ] // Computational Science and Technology . Berlin : Springer , 2020 : 281 - 290 .
SHI J L , LI C , LIU G Q . Differential attack with constants on μ2 block cipher [J ] . The Computer Journal , 2024 , 67 ( 1 ): 195 - 209 .
KNUDSEN L R . DEAL-a 128-bit block cipher [J ] . Complexity , 1998 , 258 ( 2 ): 216 .
BIHAM E , BIRYUKOV A , SHAMIR A . Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials [J ] . Journal of Cryptology , 2005 , 18 ( 4 ): 291 - 311 .
WU W L , ZHANG W T , FENG D G . Impossible differential cryptanalysis of reduced-round ARIA and camellia [J ] . Journal of Computer Science and Technology , 2007 , 22 ( 3 ): 449 - 456 .
WU W L , ZHANG L , ZHANG W T . Improved impossible differential cryptanalysis of reduced-round camellia [C ] // Selected Areas in Cryptography . Berlin : Springer , 2009 : 442 - 456 .
CHEN J Z , JIA K T , YU H B , et al . New impossible differential attacks of reduced-round camellia-192 and camellia-256 [C ] // Australasian Conference on Information Security and Privacy . Berlin : Springer , 2011 : 16 - 33 .
DU C H , CHEN J Z . Impossible differential cryptanalysis of ARIA reduced to 7 rounds [C ] // Cryptology and Network Security . Berlin : Springer , 2010 : 20 - 30 .
ZHANG K , GUAN J , HU B . Impossible differential cryptanalysis on DVB-CSA [J ] . KSII Transactions on Internet and Information Systems , 2016 , 10 ( 4 ): 1944 - 1956 .
BOURA C , NAYA-PLASENCIA M , SUDER V . Scrutinizing and improving impossible differential attacks: applications to CLEFIA, camellia, LBlock and Simon [C ] // International Conference on the Theory and Application of Cryptology and Information Security . Berlin : Springer , 2014 : 179 - 199 .
ZHANG K , LAI X J , GUAN J , et al . Research on the security level of μ2 against impossible differential cryptanalysis [J ] . KSII Transactions on Internet and Information Systems , 2022 , 16 ( 3 ): 972 - 985 .
胡斌 , 张贵显 . μ2算法的积分攻击和不可能差分攻击 [J ] . 电子与信息学报 , 2022 , 44 ( 9 ): 3335 - 3342 .
HU B , ZHANG G X . Integral cryptanalysis and impossible differential cryptanalysis of the μ2 algorithm [J ] . Journal of Electronics & Information Technology , 2022 , 44 ( 9 ): 3335 - 3342 .
KIM J , HONG S , LIM J . Impossible differential cryptanalysis using matrix method [J ] . Discrete Mathematics , 2010 , 310 ( 5 ): 988 - 1002 .
SOLEIMANY H , NYBERG K . Zero-correlation linear cryptanalysis of reduced-round LBlock [J ] . Designs, Codes and Cryptography , 2014 , 73 ( 2 ): 683 - 698 .
LUO Y Y , LAI X J , WU Z M , et al . A unified method for finding impossible differentials of block cipher structures [J ] . Information Sciences , 2014 , 263 : 211 - 220 .
0
浏览量
10
下载量
0
CSCD
- 网络PDF下载
- WORD下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:128263 今日访问量:528