对DES的Rectangle攻击和Boomerang攻击  被引量：5

作　　者：张蕾[1,2] 吴文玲[1,2] 

机构地区：[1]中国科学院软件研究所信息安全国家重点实验室,北京100190 [2]中国科学院研究生院信息安全国家重点实验室,北京100049

出　　处：《软件学报》2008年第10期2659-2666,共8页Journal of Software

基　　金：国家自然科学基金;国家重点基础研究发展计划(973);国家高技术研究发展计划(863)~~

摘　　要：作为加密标准,DES(data encryption standard)算法虽然已被AES(advanced encryption standard)算法所取代,但其仍有着不可忽视的重要作用.在一些领域,尤其是金融领域,DES和Triple DES仍被广泛使用着.而近年来又提出了一些新的密码分析方法,其中,Rectangle攻击和Boomerang攻击已被证明是非常强大而有效的.因此,有必要重新评估DES算法抵抗这些新分析方法的能力.研究了DES算法针对Rectangle攻击和Boomerang攻击的安全性.利用DES各轮最优差分路径及其概率,分别得到了对12轮DES的Rectangle攻击和对11轮DES的Boomerang攻击.攻击结果分别为:利用Rectangle攻击可以攻击到12轮DES,数据复杂度为2^(62)个选择明文,时间复杂度为2^(42)次12轮加密;利用Boomerang攻击可以攻击到11轮DES,数据复杂度为2^(58)个适应性选择明密文,时间复杂度为2^(38)次11轮加密.由于使用的都是DES各轮的最优差分路径,所以可以相信,该结果是Rectangle攻击和Boomerang攻击对DES所能达到的最好结果.In spite of being replaced by AES （advanced encryption standard）, DES （data encryption standard） still plays an important role as encryption standard. DES and the triple DES are still widely used in many areas, especially in the financial sector. Recently, some new cryptanalytic techniques are introduced and of which the Rectangle attack and the Boomerang attack had proved to be very powerful. Therefore, it is necessary to re-evaluate the effects that these new cryptanalytic techniques may have on DES. This paper examines the strength of DES against the Rectangle attack and the Boomerang attack. By using the best differential characteristic of DES, the paper gets an attack against up to 12-round DES using the Rectangle attack and an attack against 11-round DES using the Boomerang attack respectively. The Rectangle attack on 12-round DES requires 2^62 chosen plaintexts and the time complexity is equivalent to 2^42 12-round encryptions, while the Boomerang attack on ll-round DES requires 2^58 adaptive chosen plaintexts and eiphertexts and the time complexity is equivalent to 2^38 11-round encryptions. Because the differential characteristics used in the attacks are all the best ones, it is believed that the attacks are the best results that the Rectangle attack and the Boomerang attack can get on DES.

关 键 词：DES(data ENCRYPTION standard)算法 Rectangle攻击 Boomerang攻击 差分路径 区分器 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]