检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
出 处:《电子与信息学报》2016年第4期848-855,共8页Journal of Electronics & Information Technology
基 金:国家自然科学基金(61272488;61402523)~~
摘 要:该文首次对13轮MIBS-80算法进行了不可能差分分析。首先基于MIBS-80中S盒的不可能差分筛选明文对,其次通过第1轮轮密钥与第2轮轮密钥、第1轮轮密钥与第13轮轮密钥之间的制约关系进一步筛选明文对。该文的攻击排除掉的明文对数量是已有的不可能差分攻击排除掉的明文对数量的18.22倍,因而同时降低了攻击的存储复杂度和时间复杂度。此外,该文多次利用查表的方法求出攻击中涉及的密钥,进一步降低了攻击所需的时间复杂度和存储复杂度。最后,该文利用独立的80 bit轮密钥来恢复主密钥,确保得到正确密钥。该文的攻击需要60.12个选择明文,69.52次13轮加密,存储量为71.22个64 bit,该结果优于已有的不可能差分攻击。This paper presents the 13-round impossible differential cryptanalysis on MIBS-80 for the first time. Firstly, this paper filters the plaintexts based on the impossible differentia of S-box in MIBS-80. Secondly, by taking advantage of the restrict relation between key in the first round and in the second round, the restrict relation between key in the first round and in the 13 th round, the number of plaintexts is further reduced. To sum up, 18.22 times can be eliminated as big as the number of plaintexts eliminated in former impossible attacks, therefore both the time complexity and memory complexity are saved. Besides, by looking up various tables to get the needed key bits in the attack, the time complexity and memory complexity are thereafter reduced. Finally, 80 independent key bit are used to recover the main key, which ensures that only the right key is kept. The presented attack needs 60.12 chosen plaintexts, 69.52 13-round encryptions and 71.22 64 bit blocks, which is the best result of impossible differential attack on MIBS so far.
关 键 词:轻量级分组密码 MIBS-80算法 不可能差分分析 密钥制约关系
分 类 号:TN918.1[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.136.22.241
