计算机科学 ›› 2020, Vol. 47 ›› Issue (7): 263-267.doi: 10.11896/jsjkx.200200034
所属专题: 密码学 虚拟专题
沈璇, 王欣玫, 何俊, 孙志远
SHEN Xuan, WANG Xin-mei, HE Jun, SUN Zhi-yuan
摘要: 目前资源受限环境的应用场景越来越多,该场景下的数据加密需求也随之增加。以国际标准PRESENT算法为代表的一大批轻量级分组密码应运而生。PFP算法是一种基于Feistel结构的超轻量级分组密码算法,它的轮函数设计借鉴了国际标准PRESENT算法的设计思想。PFP算法的分组长度为64比特,密钥长度为80比特,迭代轮数为34轮。针对PFP算法,研究了其抵抗不可能差分分析的能力。在该算法的设计文档中,设计者利用5轮不可能差分区分器攻击6轮的PFP算法,能够恢复32比特的种子密钥。与该结果相比,文中通过研究轮函数的具体设计细节,利用S盒的差分性质构造出7轮不可能差分区分器,并攻击9轮的PFP算法,能够恢复36比特的种子密钥。该结果无论在攻击轮数还是恢复的密钥量方面,均优于已有结果,是目前PFP算法最好的不可能差分分析结果。
中图分类号:
[1]DAEMEN J,RIJMEN V.The Design of Rijndael:AES-the Advanced Encryption Standard[M].Berlin:Springer-Verlag,2002:31-148. [2]HONG D,SUNG J,HONG S,et al.HIGHT:a new block cipher suitable for low-resource device[C]//Proceedings of the 2006 International Workshop on Cryptographic Hardware and Embedded Systems.Yokohama,Japan,2006:46-59. [3]BOGDANOV A,KNUDSEN L R,LEANDER G,et al.PRE-SENT:an ultra-lightweight block cipher[C]//Proceedings of the 2007 International Workshop on Cryptographic Hardware and Embedded Systems.Vienna,Austria,2007:450-466. [4]GUO J,PEYRIN T,POSCHMANN A,et al.The LED block cipher[C]//Proceeding of the 2011 International Workshop on Cryptographic Hardware and Embedded Systems.Nara,Japan,2011:326-341. [5]WU W L,ZHANG L.LBlock:a lightweight block cipher[C]//Proceedings of the 9th International Conference on Applied Cryptography and Network Security.Nerja,Spain,2011:327-344. [6]YANG G Q,ZHU B,SUDER V,et al.The Simeck family of lightweight block ciphers[C]// Proceeding of the 2015 International Workshop on Cryptographic Hardware and Embedded Systems.Saint-Malo,France,2015:307-329. [7]BEIERLE C,JEAN J,KÖLBL S,et al.The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS[C]// Proceeding of the 36th Advances in Cryptology-CRYPTO 2016.Santa Barbara,CA,USA,2016:123-153. [8]BANIK S,PANDEY S K,PEYRIN T,et al.GIFT:A SmallPresent[C]//Proceeding of the 2017 International Workshop on Cryptographic Hardware and Embedded Systems.Taipei,Taiwan,2017:321-345. [9]HUANG Y H,DAI X J,SHI Y Y,et al.Ultra-light weightblock cipher algorithm(PFP) based on Feistel structure[J].Computer Science,2017,44(3):163-168. [10]KNUDSEN L R.Truncated and Higher Order Differentials[C]//Proceeding of the Fast Software Encryption-FSE 1994.Leuven:Springer-Verlag,1995:196-211. [11]BLONDEAU C,GERARD B.Multiple Differential Cryptanaly-sis:Theory and Practice [C]//Proceeding of the Fast Software Encryption-FSE 2011.Lyngby:Springer-Verlag,2011:35-54. [12]BIHAM E,BIRYUKOV A,SHAMIR A.Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials [C]//Proceeding of the Advances in Cryptology-EUROCRYT 1999.Prague:Springer-Verlag,1999:12-23. [13]BOURA C,LALLEMAND V,PLASENCIA M N,et al.Making the impossible possible[J].Journal of Cryptology,2018,31(1):101-133. [14]SHEN X,HE J.Improved Impossible Differential Attack on 7-round Reduced ARIA-256[J].KSII Transactions on Internet and Information Systems,2019,13(11):5773-5784. [15]SASAKI Y,TODO Y.New Impossible Differential Search Tool from Design and Cryptanalysis Aspects[C]//Advances in Cryptology-EUROCRYT 2017.Paris,2017:185-215. [16]WU X N,LI Y X,WEI Y Z,et al.Impossible differential distinguisher analysis of GRANULE and MANTRA algorithm[J].Journal on Communications,2020,41(1):94-101. [17]KNUDSEN L.DEAL-A 128-bit Block Cipher [R].University ofBergen,Norway,1998. |
[1] | 王舰, 陈华, 匡晓云, 杨祎巍, 黄开天. 持久故障攻击威胁性研究 Study on Threat of Persistent Fault Attack 计算机科学, 2021, 48(11A): 523-527. https://doi.org/10.11896/jsjkx.210200138 |
[2] | 朱仁杰. 扩大故障注入范围的SM4差分故障攻击研究 Study on SM4 Differential Fault Attack Under Extended Fault Injection Range 计算机科学, 2019, 46(11A): 493-495. |
[3] | 李浪,刘波涛. Surge:一种新型、低资源、高效的轻量级分组密码算法 Surge:A New Low-resource and Efficient Lightweight Block Cipher 计算机科学, 2018, 45(2): 236-240. https://doi.org/10.11896/j.issn.1002-137X.2018.02.041 |
[4] | 李浪,邹祎,李株华,刘波涛. DBlock密码算法差分故障分析 Differential Fault Analysis on DBlock Cipher Algorithm 计算机科学, 2017, 44(7): 116-119. https://doi.org/10.11896/j.issn.1002-137X.2017.07.022 |
[5] | 黄玉划,代学俊,时阳阳,刘宁钟,曾庆喜,苏菲. 基于Feistel结构的超轻量级分组密码算法(PFP) Ultra-lightweight Block Cipher Algorithm (PFP) Based on Feistel Structure 计算机科学, 2017, 44(3): 163-167. https://doi.org/10.11896/j.issn.1002-137X.2017.03.036 |
[6] | 马猛,赵亚群,刘庆聪. Zodiac算法的零相关-积分攻击 Integral Zero-correlation Cryptanalysis on Zodiac 计算机科学, 2017, 44(2): 202-205. https://doi.org/10.11896/j.issn.1002-137X.2017.02.032 |
[7] | 代学俊,黄玉划,刘宁钟. 基于双伪随机变换和Feistel结构的轻量级分组密码VHF VHF:A Lightweight Block Cipher Based on Dual Pseudo-random Transformation and Feistel Structure 计算机科学, 2017, 44(2): 192-194. https://doi.org/10.11896/j.issn.1002-137X.2017.02.030 |
[8] | 董大强,殷新春. 基于REESSE3+算法的改进算法 New Improved Algorithm Based on REESSE3+ 计算机科学, 2017, 44(12): 120-125. https://doi.org/10.11896/j.issn.1002-137X.2017.12.024 |
[9] | 高红杰,卫宏儒. 用不可能差分法分析12轮ESF算法 Impossible Differential Attack on 12-round Block Cipher ESF 计算机科学, 2017, 44(10): 147-149. https://doi.org/10.11896/j.issn.1002-137X.2017.10.028 |
[10] | 陈玉磊,卫宏儒. ESF算法的不可能差分密码分析 Impossible Differential Cryptanalysis of ESF 计算机科学, 2016, 43(8): 89-91. https://doi.org/10.11896/j.issn.1002-137X.2016.08.018 |
[11] | 孙翠玲 卫宏儒. SMS4算法的不可能差分攻击研究 Research on Impossible Differential Attack of Cipher SMS4 计算机科学, 2015, 42(7): 191-193. https://doi.org/10.11896/j.issn.1002-137X.2015.07.042 |
[12] | 温雅敏,黎凤霞,龚 征,唐韶华. 一种AVR环境下KLEIN分组密码抗计时和缓存边信道攻击的快速保护方法 Fast Implementation of KLEIN for Resisting Timing and Cache Side-channel Attacks on AVR 计算机科学, 2015, 42(3): 148-152. https://doi.org/10.11896/j.issn.1002-137X.2015.03.031 |
[13] | 邱丰品,卫宏儒. CLEFIA-128算法的不可能差分密码分析 Impossible Differential Cryptanalysis of CLEFIA-128 计算机科学, 2015, 42(11): 208-211. https://doi.org/10.11896/j.issn.1002-137X.2015.11.043 |
[14] | 殷广丽,卫宏儒. CLEFIA算法的不可能差分密码分析 Impossible Differential Cryptanalysis of CLEFIA 计算机科学, 2014, 41(Z6): 352-356. |
[15] | 胡志华,覃中平,张青. 一种新的9轮AES_256不可能差分分析 Novel Method for Impossible Differential Cryptanalysis of 9-Round AES_256 计算机科学, 2014, 41(8): 197-201. https://doi.org/10.11896/j.issn.1002-137X.2014.08.043 |
|