检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Jianfu Huang Ye Luo Qinggan Fu Yincen Chen Chao Wang Ling Song
机构地区:[1]College of Cyber Security,Jinan University,Guangzhou 510632,China [2]National Joint Engineering Research Center of Network Security Detection and Protection Technology,Jinan University,Guangzhou 510632,China
出 处:《Cybersecurity》2024年第3期69-79,共11页网络空间安全科学与技术(英文)
基 金:This work was supported by the National Natural Science Foundation of China[grant number 62022036,62132008,62372213].
摘 要:Small-state stream ciphers(SSCs),which violate the principle that the state size should exceed the key size by a factor of two,still demonstrate robust security properties while maintaining a lightweight design.These ciphers can be clas-sifed into several constructions and their basic security requirement is to resist generic attacks,ie.,the time-mem-ory-data tradeoff(TMDTO)attack.In this paper,we investigate the security of small-state constructions in the multi-user setting.Based on it,the TMDTO distinguishing attack and the TMDTO key recovery attack are developed for such a setting.It is shown that SSCs which continuously use the key can not resist the TMDTO distinguishing attack.Moreover,SSCs based on the continuous-IV-key-use construction cannot withstand the TMDTO key recovery attack when the key length is shorter than the IV length,no matter whether the keystream length is limited or not.Finally,We apply these two generic attacks to TinyJAMBU and DRACO in the multi-user setting.The TMDTO distinguish-ing attack on TinyJAMBU with a 128-bit key can be mounted with time,memory,and data complexities of 264,248,and 232,respectively.This attack is comparable with a recent work on ToSC 2022,where partial key bits of TinyJAMBU are recovered with more than 250 users(or keys).As DRACO's IV length is smaller than its key length,itis vulnerable to the TMDTO key recovery attack.The resulting attack has a time and memory complexity of both 2112,which means DRACO does not provide 128-bit security in the multi-user setting.
关 键 词:Small-state stream ciphers TMDTO attacks Multi-user setting
分 类 号:TN918[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:52.14.17.231