量子计算模型下PFP算法的安全性分析  

作　　者：李艳俊 景小宇[2,3] 谢惠琴 项勇 LI Yanjun;JING Xiaoyu;XIE Huiqin;XIANG Yong(Information Industry Information Security Evaluation Center,The 15th Research Institute of China Electronics Technology Group Corporation,Beijing 100083,China;Henan Key Laboratory of Network Cryptography Technology,Zhengzhou Henan 450012,China;Beijing Institute of Electronic Science and Technology,Beijing 100070,China)

机构地区：[1]中国电子科技集团公司第十五研究所信息产业信息安全测评中心,北京100083 [2]河南省网络密码技术重点实验室,郑州450012 [3]北京电子科技学院,北京100070

出　　处：《计算机应用》2024年第4期1166-1171,共6页journal of Computer Applications

基　　金：北京市自然科学基金资助项目(4234084);河南省网络密码技术重点实验室研究课题(LNCT2021⁃A09)。

摘　　要：量子技术的快速发展和量子计算效率的不断提高,以及Shor算法和Grover算法的出现,给传统公钥密码和对称密码的安全性造成了较大威胁。因此,基于Feistel结构设计的分组密码PFP算法,首先将轮函数的线性变换P融入Feistel结构的周期函数构造,推导得到PFP算法的4个5轮周期函数,比选择明文攻击模型下典型Feistel结构的周期函数多2轮,并通过实验验证正确性;进一步地,以其中一个5轮周期函数作为区分器,结合量子Grover算法和Simon算法,通过分析PFP密钥编排算法的特点对9、10轮PFP进行了安全性评估,得到正确密钥比特需要的时间复杂度为2^(26)、2^(38.5),需要的量子资源为193、212个量子比特,可以恢复58、77比特密钥,优于已有不可能差分分析结果。The rapid development of quantum technology and the continuous improvement of quantum computing efficiency,especially the emergence of Shor algorithm and Grover algorithm,greatly threaten the security of traditional public key cipher and symmetric cipher.The block cipher PFP algorithm designed based on Feistel structure was analyzed.First,the linear transformation P of the round function was fused into the periodic functions in the Feistel structure,then four 5-round periodic functions of PFP were obtained,two rounds more than periodic functions in general Feistel structure,which was verified through experiments.Furthermore,by using quantum Grover and Simon algorithms,with a 5-round periodic function as the distinguisher,the security of 9,10-round PFP was evaluated by analyzing the characteristics of PFP key arrangement algorithm.The time complexity required for key recovery is 2^(26),2^(38.5),the quantum resource required is 193,212 qubits,and the 58,77 bits key can be restored,which are superior to the existing impossible differential analysis results.

关 键 词：Simon算法 GROVER算法 PFP算法 周期函数 量子密钥恢复 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]