检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:吴克辉[1] 赵新杰[1] 王韬[1] 郭世泽[2] 刘会英[1]
机构地区:[1]军械工程学院计算机工程系,河北石家庄050003 [2]北方电子设备研究所,北京100083
出 处:《通信学报》2012年第8期85-92,共8页Journal on Communications
基 金:国家自然科学基金资助项目(60772082;61173191);河北省自然科学基金资助项目(08M010)~~
摘 要:提出了一种新的PRESENT密码故障分析方法——代数故障攻击。将代数攻击和故障攻击相结合,首先利用代数攻击方法建立密码算法等效布尔代数方程组;然后通过故障攻击手段获取错误密文信息,并将故障差分和密文差分转化为额外的布尔代数方程组;最后使用CryptoMiniSAT解析器求解方程组恢复密钥。结果表明:在PRESENT-80的第29轮注入宽度为4的故障,故障位置和值未知时,2次故障注入可在50s内恢复64bit后期白化密钥,将PRESENT-80密钥搜索空间降低为216,经1min暴力破解恢复完整主密钥;和现有PRESENT故障攻击相比,该攻击所需样本量是最小的;此外该代数故障分析方法也可为其他分组密码故障分析提供一定思路。A new fault analysis method on PRESENT--algebraic fault attack was proposed. This attack combined conventional algebraic cryptanalysis with fault attack ,firstly built equivalent Boolean algebraic equations of cipher encryption by algebraic cryptanalysis method; secondly got information of fault cryptograph by fault attack technique, and transformed differential of fault and cryptograph into additional algebraic equations; finally utilized Crypto Mini SAT solver to solve the equations and recover key. Experiments demonstrate that after injecting 4-bit fault to the 29th round of PRESENT-80,the fault location and fault value are unknown, only 2 injectings can recover 64-bit last whitening key in 50 seconds that reduce master key of PRESENT-80 searching space to 216, then recover the master key after 1 min- ute brute-force-search on average; compared with previous fault attack on PRESENT, the amount of this attack sample is the smallest; meanwhile, the analysis method proposed can be applied into the algebraic fault attack of other block ciphers.
关 键 词:故障攻击 代数攻击 代数故障攻击 PRESENT密码
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.144.115.82
