计算机科学 ›› 2018, Vol. 45 ›› Issue (4): 152-156.doi: 10.11896/j.issn.1002-137X.2018.04.025

• 信息安全 • 上一篇    下一篇

MORUS-1280-128算法的区分分析

郑秀林,宋海燕,付伊鹏   

  1. 北京电子科技学院信息安全系 北京100070;西安电子科技大学通信工程学院 西安710071,西安电子科技大学通信工程学院 西安710071,西安电子科技大学通信工程学院 西安710071
  • 出版日期:2018-04-15 发布日期:2018-05-11

Distinguishing Attack of MORUS-1280-128

ZHENG Xiu-lin, SONG Hai-yan and FU Yi-peng   

  • Online:2018-04-15 Published:2018-05-11

摘要: MORUS算法是被提交到CAESAR竞赛中的一种认证加密算法,已经进入第三轮安全评估。对算法进行区分分析对于其安全性评估具有很重要的意义。以MORUS-1280-128为例,在nonce重用的情况下,对算法进行区分分析能够区分出密文的绝大部分比特,并通过寻找内部状态碰撞对算法进行标签伪造攻击。该研究结果对MORUS算法的安全性分析有很重要的意义。

关键词: 认证加密,MORUS算法,区分分析,伪造攻击

Abstract: MORUS is an authenticated cipher,which is submitted to CAESAR competition and has been selected into the third-round security evaluation stage.To study the distinguishing attack of MORUS is significant for its security evaluation.This paper studied the distinguishing attack of MORUS-1280-128 in a nonce-resuse scenario.By using this method,the majority ciphertext can be distinguished,and a collision in internal state can be found for a tag forgery attack.The paper’s research results are of great significance for the safety analysis of MORUS.

Key words: Authenticated encryption,MORUS algorithm,Distinguishing attack,Forgery attack

[1] CAESAR-Competition for Authenticated Encryption:Security,Applicability,and Robustness.http://competitions.cr.yp.to/caesar.html.
[2] DAEMEN J,RIJMEN V.AES and the wide trail design strategy[J].Lecture Notes in Computer Science,2002,2260:108-109.
[3] BERTONI G,DAEMEN J,PEETERS M,et al.Keccak[M]∥Advances in Cryptology-EUROCRYPT 2013.2013:313-314.
[4] WU H J,HUANG T.The Authenticated Cipher MORUS[EB/OL].http://competitions.cr.yp.to/caesar-submissions.html.
[5] DWIVEDI A D,KLOUCEK M,MORAW-IECKI P,et al.SAT-based Cryptanalysis of Authenticated Ciphers from the CAESAR Competition[C]∥International Conference on Security & Cryptography.2017.
[6] ZHANG P,GUAN J,LI J Z,et al.Research on the Confusion and Diffusion Properties of the Initialization of MORUS[J].Journal of Cryptologic Research,2015,2(6):536-548.(in Chinese) 张沛,关杰,李俊志,等.MORUS 算法初始化过程的混乱与扩散性质研究[J].密码学报,2015,2(6):536-548.
[7] SHI T,GUAN J,LI J,et al.Improved Collision Cryptanalysis of Authenticated Cipher MORUS[C]∥ International Conference on Artificial Intelligence & Industrial Engineering.2016.
[8] COPPERSMITH D,HALEVI S,JUTLA C.Cryptanalysis ofStream Ciphers with Linear Masking[C]∥Advances in Crypto-logy-CRYPTO 2002.Springer Heidelberg,2002:515-532.
[9] CHANG Y Q,JIN C H.Linear Distinguishing Attack on Shannon Algorithm[J].Journal of Electronics & Information Technology,2011,33(1):190-193.(in Chinese) 常亚勤,金晨辉.对 Shannon 算法的线性区分攻击[J].电子与信息学报,2011,33(1):190-193.
[10] MAITRA S,PAUL G,GUPTA S S.Attack on broadcast RC4 revisited[M]∥Fast Software Encryption.Springer Berlin Heidelberg,2011:199-217.
[11] WATANABE D,BIRYUKOV A,CANNIERE C D.A Distinguishing Attack of SNOW 2.0 with Linear Masking Method [C]∥Selected Areas in Cryptography,International Workshop(SAC 2003).Ottawa,Canada,DBLP.2003:222-233.
[12] MILEVA A,DIMITROVA V,VELICHKO V V.Analysis of the Authenticated Cipher MORUS(v1)[M]∥Cryptography and Information Security in the Balkans.Springer International Publishing,2015.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!