截断差分概率的上界估计与应用  被引量:2

Evaluation and Application of the Upper Bound Probability of the Truncated Differential

在线阅读下载全文

作  者:杨明[1] 金晨辉[1] 张国双 

机构地区:[1]解放军信息工程大学,郑州450001 [2]信息保障技术重点实验室,北京100072

出  处:《电子与信息学报》2014年第9期2124-2130,共7页Journal of Electronics & Information Technology

基  金:国家自然科学基金(61272488);信息保障技术重点实验室开放基金(KJ-13-007)资助课题

摘  要:截断差分分析是差分分析的一个变形。为说明一个密码算法能够抵抗截断差分分析,需要给出截断差分概率的上界。Masayuki Kanda等人就密码算法中S盒为GF(256)上的乘法逆变换和仿射双射变换复合而成时,提出了截断差分概率的上界一个猜想。该文就一般双射S盒给出了该概率上界问题的一个估计,Masayuki Kanda的猜想是该估计所考虑问题的一个特例,在一些情况下,该估计给出的上界与Masayuki Kanda的猜想接近。利用该结论可以衡量密码算法截断差分传递链概率的上界。该结论为分组密码抗截断差分分析的可证明安全性提供了理论依据。Abstract: Truncated differential cryptanalysis is a variant of differential cryptanalysis. In order to evaluate the ability of a block cipher against the truncated differential cryptanalysis, it is needed to give out the upper bound of the probability of the truncated differential chain. Masayuki Kanda et al. propose a conjecture about the upper bound of the probability of the truncated differential when the S-boxes in block cipher are the combination of the inverse function and a bijective affine transformation in GF(256). This paper gives out an evaluation about the upper bound of the probability of the truncated differential by assuming the S-boxes as bijective S-boxes and Masayuki Kanda's conjecture is the special case of the problem that the evaluation considers. In some cases, the upper bound given by the evaluation is approaching to the conjecture. This conclusion can serve to evaluate the upper bound probability of the truncated differential chain. The results provide further support for the provable security of a block cipher against the truncated differential cryptanalysis in theory.

关 键 词:密码学 差分密码分析 截断差分概率 上界 

分 类 号:TN918.1[电子电信—通信与信息系统]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象