检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,No.89 Minzhuang Road,Haidian District,100093 Beijing,China [2]School of Cyber Security,University of Chinese Academy of Sciences,No.19 Yuquan Road,Shijingshan District,100049 Beijing,China [3]School of Mathematics and Statistics,Shandong University of Technology,No.266Xincunxi Road,Zhangdian District,255000 Zibo,Shandong,China
出 处:《Cybersecurity》2021年第1期501-518,共18页网络空间安全科学与技术(英文)
基 金:the National Natural Science Foundation of China(Grant No.61379138).
摘 要:For block ciphers,Bogdanov et al.found that there are some linear approximations satisfying that their biases are deterministically invariant under key difference.This property is called key difference invariant bias.Based on this property,Bogdanov et al.proposed a related-key statistical distinguisher and turned it into key-recovery attacks on LBlock and TWINE-128.In this paper,we propose a new related-key model by combining multidimensional linear cryptanalysis with key difference invariant bias.The main theoretical advantage is that our new model does not depend on statistical independence of linear approximations.We demonstrate our cryptanalysis technique by performing key recovery attacks on LBlock and TWINE-128.By using the relations of the involved round keys to reduce the number of guessed subkey bits.Moreover,the partial-compression technique is used to reduce the time complexity.We can recover the master key of LBlock up to 25 rounds with about 260.4 distinct known plaintexts,278.85 time complexity and 261 bytes of memory requirements.Our attack can recover the master key of TWINE-128 up to 28 rounds with about 261.5 distinct known plaintexts,2126.15 time complexity and 261 bytes of memory requirements.The results are the currently best ones on cryptanalysis of LBlock and TWINE-128.
关 键 词:Key-alternating cipher Key difference invariant bias Multidimensional linear cryptanalysis LBlock TWINE
分 类 号:TN918.4[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.218.60.55