有限域(F_(2)^(8))^(8)上基于循环异或移位结构的次优扩散层研究  被引量：1

作　　者：王鑫[1,2] 郭雅婷[1] 杨波 WANG Xin;GUO Ya-ting;YANG Bo(School of Electronic Information and Artificial Intelligence,Shaanxi University of Science&Technology,Xi′an 710021,China;School of Computer Science,Shaanxi Normal University,Xi′an 710119,China)

机构地区：[1]陕西科技大学电子信息与人工智能学院,陕西西安710021 [2]陕西师范大学计算机科学学院,陕西西安710119

出　　处：《陕西科技大学学报》2023年第4期188-194,共7页Journal of Shaanxi University of Science & Technology

基　　金：国家自然科学基金项目(61801281);陕西省科技厅重点研发计划项目(2020GY-091);陕西省科技厅自然科学基础研究计划项目(2022JM-346);陕西省社会发展科技攻关计划项目(2016SF-418);陕西科技大学博士科研启动基金项目(BJ11-12)。

摘　　要：基于循环移位异或运算的MDS线性变换以其具有良好的扩散雪崩性能被广泛应用于分组密码扩散层的设计中.在现有研究中,小有限域(F_(2)^(n))^(4)上最优线性变换寻找工作已接近完备,而大有限域(F_(2)^(n))^(8)上异或项数为9和11时,却不存在最优线性变换.探寻大有限域(F_(2)^(8))^(8)上次优线性变换对64位环境的实际应用需求而言具有重要意义.本文基于现有的研究成果,以大有限域(F_(2)^(n))^(8)为研究对象,通过分析循环异或扩散层的结构特点,将分支数的测试问题转换为布尔可满足性问题,借助可满足性模理论求解器Boolector求解的过程,完成对大有限域(F_(2)^(n))^(8)上次优线性变换组进行探寻研究.实验结果显示,大有限域(F_(2)^(8))^(8)上存在分支数可以达到8的次优线性变换,结合测试并给出一种具体循环异或形式,为最优扩散层的实际需求提出一种候补方法.未来将进一步研究大有限域(F_(2)^(n))^(8)上次优线性变换的理论特征和推广应用.Due to its excellent diffusion avalanche performance,MDS linear transformation based on rotational-XOR shift operation is frequently employed in the construction of block cipher diffusion layer.In existing studies,the search for the best linear transformation on the small finite field(F_(2)^(n))^(4) is almost complete,however when the number of XOR terms is between 9 and 11,there is no best linear transformation on the huge finite field(F_(2)^(n))^(8).For the actual use of the 64-bit environment,it is crucial to investigate the most recent optimum linear transformation of the huge finite field(F_(2)^(8))^(8).This work chooses a huge finite field(F_(2)^(n))^(8) as its research object based on the findings of earlier studies.The branch number test problem is converted into a Boolean Satisfiability problem(SAT)by examining the structural properties of the rotational-XOR diffusion layer.The issue is solved using the Satisfiability Modulo Theories(SMT)solver Boolector,and the final linear transformation group of the huge finite field(F_(2)^(n))^(8) is investigated.The experimental findings demonstrate the existence of a suboptimal linear transformation in the huge finite field(F_(2)^(8))^(8) with up to 8 branches.Along with the test,a particular rotational-XOR form is provided,and a different approach is suggested for determining the true requirement for the ideal diffusion layer.Future research will focus on the theoretical properties and broadened applications of the suboptimal linear transformation of the huge finite field(F_(2)^(n))^(8).

关 键 词：分组密码 有限域 扩散层 循环异或 次优线性变换 可满足性 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]