检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:谭林[1] 曾新皓 刘加美 TAN Lin;ZENG Xin-Hao;LIU Jia-Mei(Strategic Support Force Information Engineering University,Zhengzhou 450001,China)
出 处:《密码学报(中英文)》2024年第5期1018-1028,共11页Journal of Cryptologic Research
基 金:国家密码发展基金(MMJJ20180204,MMJJ20170103)。
摘 要:相关密钥攻击是对AES十分有效的分析方法之一.在2022年亚密会上,Derbez等利用概率为2−108的10轮相关密钥飞去来器区分器给出了目前最好的AES-192的全轮攻击.本文改进了全轮AES-192的相关密钥飞去来器和矩形攻击.基于Wang等的9轮相关密钥飞去来器区分器的截断差分,本文利用飞去来器分布表(BDT)技术给出目前概率最高的10轮相关密钥飞去来器区分器,概率为2−105.92.基于该区分器,改进了全轮AES-192的相关密钥飞去来器攻击,时间、数据和存储复杂度分别为2^(121.92)、2^(121.92)和2^(90.92),与之前的结果相比时间复杂度改进了22.08.进一步,给出了全轮AES-192的相关密钥矩形攻击,时间、数据和存储复杂度分别为2^(127.9)、2^(119.5)和2^(131.5),这也是目前在选择明文模式下对全轮AES-192最好的攻击结果.Related-key attack is one of the most effective methods on AES.At Asiacrypt 2022,Derbez et al.gave the best attack on full AES-192 utilizing a 10-round related-key Boomerang distinguisher with the probability of 2−108.This paper improves the related-key Boomerang and rectangle attacks on full round AES-192.Based on the same truncated differential of Wang et al.’s 9-round relatedkey Boomerang distinguisher,a 10-round related-key Boomerang distinguisher can be computed with the probability of 2−105.92 by using the BDT technique.Based on the distinguisher,the related-key Boomerang attack on full round AES-192 can be improved to have time,data and memory complexities of 2^(121.92),2^(121.92)and 2^(90.92)respectively,where the time complexity is reduced by a factor of 22.08 compared with the previous attacks.Furthermore,a related-key rectangle attack on full round AES-192 is given with the time,data and memory complexities of 2^(127.9),2^(119.5)and 2^(131.5)respectively,which is also the best result known so far in the chosen-plaintext setting.
关 键 词:AES算法 飞去来器攻击 矩形攻击 相关密钥攻击
分 类 号:TN918.1[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.116.85.79