计算机科学

计算机科学 ›› 2020, Vol. 47 ›› Issue (11A): 368-372.doi: 10.11896/jsjkx.191200036

• 信息安全 • 上一篇    下一篇

基于线性划分的陷门S盒的设计与分析

韩羽, 张文政, 董新锋   

  1. 保密通信重点实验室 成都 610041
  • 出版日期:2020-11-15 发布日期:2020-11-17
  • 通讯作者: 张文政(zwz85169038@sina.com)
  • 作者简介:hanyu003@163.com
  • 基金资助:
    国家重点研发计划(2017YFB0802000)

Design and Analysis of Trapdoor S-Box Based on Linear Partition

HAN Yu, ZHANG Wen-zheng, DONG Xin-feng   

  1. Science and Technology on Communication Security Laboratory,Chengdu 610041,China
  • Online:2020-11-15 Published:2020-11-17
  • About author:HAN Yu,born in 1995,postgraduate.His main research interests include cryptography and symmetric cryptography.
    ZHANG Wen-zheng,born in 1966,researcher,chief expert of CETC.His main research interestsinclude cryptography,design and analysis of cryptographic algorithms,and Boolean functions.
  • Supported by:
    This work was supported by the National Key R&D Program of China (2017YFB0802000).

PDF (PC)

863

摘要: 带陷门的分组密码算法是一种可以满足特定场景下特殊需求的密码算法,陷门函数被广泛地应用于非对称加密算法中,考虑将非对称加密中陷门函数的思想引入分组密码。分组密码算法的核心是S盒,是绝大多数分组算法中唯一的非线性部件,在加密过程中起到混淆的作用,因此在构造分组算法的陷门时主要就是研究在S盒中植入陷门。针对这个问题,文中主要研究了基于陪集对有限域进行线性划分的代数性质来构造陷门S盒的方法,这种陷门S盒的陷门信息就是线性划分的方法。文中首先介绍了线性划分设计陷门算法和陷门S盒的原理,构造了一种映射在线性划分上的8×8陷门S盒,给出了具体的构造方法,并分析了这种S盒的线性性质和差分性质。为了说明这种S盒的安全性和实用性,采用Bannier等提出的陷门分组算法作为模型,简要地验证分析了陷门的有效性,证明了陷门S盒和陷门算法对线性分析和差分分析的安全性。

关键词: 差分分析, 陪集划分, 线性分析, 陷门S盒, 陷门函数

Abstract: The block cipher algorithm with trapdoor is a kind of cipher algorithm that can meet the special needs in specific scenarios.The trapdoor function is widely used in asymmetric encryption algorithms.The idea of trapdoor function in asymmetric encryption is considered to be introduced into block cipher.the S-box isthe core of block cipher,which is the only non-linear component in mostly block cipher algorithm.It plays a role of confusion in the encryption process.Therefore,when constructing the trapdoor of the block cipher,the main research is to implant trapdoor into S-box.Aiming at this problem,this paper first studies the method of constructing trapdoor S-box based on the algebraic properties of linear partition of finite fields based on cosets.The trapdoor information is the linear partition method.This article first introduces the principle of trapdoor algorithm and trapdoor S-box based on linear partition.The 8×8 trapdoor S-box mapped on the linear partition is constructed,and the specific construction method is given.The linear and differential properties of this type of S-box are analyzed.In order to illustrate the safety and practicability of this type of S-box,the trapdoor block cipher proposed by Bannier et al is used as a model to briefly verify andana-lyze the effectiveness of the trapdoor,and prove the safety of trapdoor S-box and trapdoor algorithm to linear analysis and differential analysis.

Key words: Coset partition, Differential analysis, Linear analysis, Trapdoor function, Trapdoor S-box

中图分类号: 

  • TP309.7
[1] RIJMEN V,PRENEEL B.A family of trapdoor ciphers[M]//Fast Software Encryption.Springer-Verlag,1997:139-148.
[2] WU H J,BAO F,DENG R H,et al.Cryptanalysisof rijmen-preneel trapdoor ciphers[C]//Advances in Cryptology-Asiacrypt'98.Springer,1998:126-132.
[3] BANNIER A,BODIN N,FILIOL E.Partition-based trapdoor ciphers[OL].http://dx.doi.org/10.5772/intechopen.70420.
[4] BANNIER A,FILIOL E.Mathematical backdoors in symmetric encryption systems:Proposal for a backdoored AES-like block cipher[C]//International Workshop on FORmal Methods in Security Engineering (ForSE).2017:622-631.
[5] 聂灵沼,丁石孙.代数学引论[M].北京:高等教育出版社,2003.
[6] DAEMEN J,RIJMEN V.The design of Rijndael[M].Heidelberg:Springer,2002.
[7] BUDAGHYAN L,HELLESETH T.On isotopisms of commuta-tive presemifields and CCZ-equivalence of functions.Int.[J].Found.Comput.Sci.,2011,22:1243-1258.
[8] CHEN X,QU L J,LI C,et al.A New Method to Investigate the CCZ- Equivalence between Functions with Low Differential Uniformity[J].Finite Fields and Their Applications,2016,42:165-186.
[9] YOSHIARA S.Equivalences of power APN functions with po-wer or quadratic APN functions[J].Journal of Algebraic Combinatorics,2016,44(3):561-585.
[10] QU T J,CHEN X,NIU T L,et al.Recent Progress in Low Differential Uniformity Functions over Finite Fields[J].Journal of Computer Research and Development,2018,55(9):1931-1945.
[11] CANTEAUT A,DUVAL S,PERRIN L.A generalisation ofDillon's APN permutation with the best knowndifferential and nonlinear properties for all fields of size 24k+2[J].IEEE Tran-sactions on Information Theory,2017,63(11):7575-7591.
[12] WANG X C,CHEN K F,SHEN Z H,et al.Construction of a Family of Balanced Boolean Functions with Optimal Algebraic Immunity[J].Computer Applications and Software,2018,35(1):325-329.
[13] SUN L,FU F W.Constructions of even-variable RSBFs withoptimal algebraic immunity and high nonlinearity[J].Journal of Applied Mathematics & Computing,2018,56:593-610.
[14] ZHANG F R,PASALIC E,WEI Y Z.Constructing bent functions outside the Maiorana-McFarland class using a general form of rothaus[J].IEEE Transactions on Information Theory,2017,63(8):5336-5349.
[15] ZHANG W G,PASALIC E.Generalized Maiorana-McFarlandConstruction of Resilient Boolean Functions with High Nonli-nearity and Good Algebraic Properties[J].IEEE Transactions on Information Theory,2014,60(10):6681-6695.
[16] FILIOL E.BSEA-1-A Stream Cipher Backdooring Technique[J].arXiv:1903.11063,2019.
[17] CHEN S Z,ZHANG Y F,REN J J.Constructions of Maximal Distance Separable Matrices with Minimum XOR-counts[J].Journal of Electronics and Information Technology,2019,41(10):2416-2422.
[18] JEAN J,PEYRIN T,SIM S M,et al.Optimizingimplementations of lightweight building blocks[J].IACRTransactions on Symmetric Cryptology,2017,2017(4):130-168.
[1] 沈璇, 王欣玫, 何俊, 孙志远.
PFP算法改进的不可能差分分析
Revised Impossible Differential Cryptanalysis of PFP Block Cipher
计算机科学, 2020, 47(7): 263-267. https://doi.org/10.11896/jsjkx.200200034
[2] 禹峰,龚馨慧,王世红.
基于快速置换和可选择像素扩散的医疗图像加密算法的安全性分析
Cryptanalysis of Medical Image Encryption Algorithm Using High-speed Scrambling and Pixel Adaptive Diffusion
计算机科学, 2020, 47(2): 276-280. https://doi.org/10.11896/jsjkx.190100051
[3] 胡志华,覃中平,张青.
一种新的9轮AES_256不可能差分分析
Novel Method for Impossible Differential Cryptanalysis of 9-Round AES_256
计算机科学, 2014, 41(8): 197-201. https://doi.org/10.11896/j.issn.1002-137X.2014.08.043
[4] 高晓东,杨亚涛,李子臣.
SHA-3置换函数的差分转移概率分析
Differential Transition Probability Analysis of SHA-3Permutation Function
计算机科学, 2014, 41(3): 159-162.
[5] .
自相似网络流量差分分析新方法

计算机科学, 2008, 35(4): 112-114.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发