检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Wenxiao QIAO Siwei SUN Lei HU
机构地区:[1]State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100085,China [2]School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China [3]School of Cryptology,University of Chinese Academy of Sciences,Beijing 100049,China [4]State Key Laboratory of Cryptology,P.O.Box 5159,Beijing 100878,China
出 处:《Chinese Journal of Electronics》2024年第3期635-644,共10页电子学报(英文版)
基 金:supported by the National Key Research and Development Program of China (Grant No.2022YFB2701900);the National Natural Science Foundation of China (Grant No.62202444);the Fundamental Research Funds for the Central Universities。
摘 要:The rapid development of modern cryptographic applications such as zero-knowledge,secure multiparty computation,fully homomorphic encryption has motivated the design of new so-called arithmetization-oriented symmetric primitives.As designing ciphers in this domain is relatively new and not well-understood,the security of these new ciphers remains to be completely assessed.In this paper,we revisit the security analysis of arithmetizat ionoriented cipher Grendel.Grendel uses the Legendre symbol as a component,which is tailored specifically for the use in zero-knowledge and efficiently-varifiable proof systems.At FSE 2022,the first preimage attack on some original full GrendelHash instances was proposed.As a countermeasure,the designer adds this attack into the security analysis and updates the formula to derive the secure number of rounds.In our work,we present new algebraic attacks on GrendelHash.For the preimage attack,we can reduce the complexity or attack one more round than previous attacks for some instances.In addition,we present the first collision attack on some round-reduced instances by solving the constrained input/constrained output problem for the underlying permutations.
关 键 词:Grendel Solving univariate equation Bypassing substitution-permutation networks steps Preimage attack Collision attack
分 类 号:TN918.1[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7