GRANULE和MANTRA算法的不可能差分区分器分析  被引量：6

作　　者：武小年[1,2] 李迎新 韦永壮[1] 孙亚平 WU Xiaonian;LI Yingxin;WEI Yongzhuang;SUN Yaping(Guangxi Key Laboratory of Cryptography and Information Security,Guilin University of Electronic Technology,Guilin 541004,China;Science and Technology on Communication Security Laboratory,Chengdu 610041,China;Guangxi Colleges Key Laboratory of Cloud Computing and Complex Systems,Guilin 541004,China)

机构地区：[1]桂林电子科技大学广西密码学与信息安全重点实验室,广西桂林541004 [2]保密通信重点实验室,四川成都610041 [3]广西高校云计算与复杂系统重点实验室,广西桂林541004

出　　处：《通信学报》2020年第1期94-101,共8页Journal on Communications

基　　金：保密通信重点实验室基金资助项目（No.6142103190103）;国家自然科学基金资助项目（No.61572148,No.61872103）;广西科技计划基金资助项目（桂科No.AB18281019）;广西自然科学基金资助项目（No.2018GXNSFAA294036）;广西密码学与信息安全重点实验室基金资助项目（No.GCIS201705）;广西高校云计算与复杂系统重点实验室基金资助项目（No.YF16205）;广西研究生教育创新计划基金资助项目(No.YCSW2018138,No.YCBZ2018051)~~

摘　　要：轻量级分组密码算法GRANULE和MANTRA结构简单,加密速度快且易于软硬件实现,特别适用于资源受限环境。为对这2种算法进行安全性分析,提出一种不可能差分区分器的自动化搜索方法。基于GRANULE和MANTRA算法结构特性,通过分析其S盒的差分分布表得到S盒差分特征,再利用中间相遇思想,分别对从加/解密方向得到的差分路径进行遍历,筛选出概率为0的最优差分路径。分析结果表明,GRANULE算法存在144个不同的7轮不可能差分区分器;MANTRA算法存在52个不同的9轮不可能差分区分器。与已有结果相比较,新发现的区分器轮数均是目前最高的。The lightweight block cipher algorithms called GRANULE and MANTRA have a simple structure, fast encryption speed, and they can be easy implemented in software and hardware. Two algorithms are especially suitable for resource-constrained environments. To analyze the security of two algorithms, an automatic search method of impossible differential distinguishers was proposed. Based on the structural characteristics of the GRANALE and MANTRA, the S-box differential characteristics were obtained by analyzing the S-box differential distribution table, and then the idea of intermediate encounter was used to traverse from the difference path obtained from the encryption/decryption direction seperately to select the optimal differential path with probability 0. The analysis results show that there are 144 different 7-round impossible differential distinguishers in the GRANULE, and 52 different 9-round impossible differential distinguishers in the MANTRA. Compared with the existing results, the rounds of the proposed distinguisher is currently the highest.

关 键 词：轻量级分组密码算法 S盒 不可能差分区分器 自动搜索 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]