Improved Linear Attacks on the Chinese Block Cipher Standard 被引量：4

Improved Linear Attacks on the Chinese Block Cipher Standard

导出

摘要 The block cipher used in the Chinese Wireless LAN Standard （WAPI）, SMS4, was recently renamed as SM4, and became the block cipher standard issued by the Chinese government. This paper gives a method for finding the linear approximations of SMS4. With this method, 19-round one-dimensional approximations are given, which are used to improve the previous linear cryptanalysis of SMS4. The 19-round approximations hold with bias 2-62.27; we use one of them to leverage a linear attack on 23-round SMS4. Our attack improves the previous 23-round attacks by reducing the time complexity. Furthermore, the data complexity of our attack is further improved by the multidimensional linear approach. The block cipher used in the Chinese Wireless LAN Standard （WAPI）, SMS4, was recently renamed as SM4, and became the block cipher standard issued by the Chinese government. This paper gives a method for finding the linear approximations of SMS4. With this method, 19-round one-dimensional approximations are given, which are used to improve the previous linear cryptanalysis of SMS4. The 19-round approximations hold with bias 2-62.27; we use one of them to leverage a linear attack on 23-round SMS4. Our attack improves the previous 23-round attacks by reducing the time complexity. Furthermore, the data complexity of our attack is further improved by the multidimensional linear approach.

作者刘明洁陈佳哲

机构地区 Beijing International Center for Mathematical Research China Information Technology Security Evaluation Center

出处《Journal of Computer Science & Technology》 SCIE EI CSCD 2014年第6期1123-1133,共11页 计算机科学技术学报（英文版）

基金 supported by the National Basic Research 973 Program of China under Grant Nos.2013CB834201 and 2013CB834205 the Postdoctoral Science Foundation of China under Grant No.2013M540786 the National Natural Science Foundation of China under Grant Nos.61202493 and 61103237

关键词 block cipher SMS4 linear cryptanalysis multidimensional linear cryptanalysis block cipher, SMS4, linear cryptanalysis, multidimensional linear cryptanalysis

分类号 TN925.93 [电子电信—通信与信息系统] TN918.1 [电子电信—通信与信息系统]

引文网络
相关文献

参考文献3

1苏波展,吴文玲,张文涛.Security of the SMS4 Block Cipher Against Differential Cryptanalysis[J].Journal of Computer Science & Technology,2011,26(1):130-138. 被引量：16
2ZHANG Bin,JIN ChenHui.Practical security against linear cryptanalysis for SMS4-like ciphers with SP round function[J].Science China(Information Sciences),2012,55(9):2161-2170. 被引量：6
3LIU Zhiqiang GU Dawu ZHANG Jing.Multiple Linear Cryptanalysis of Reduced-Round SMS4 Block Cipher[J].Chinese Journal of Electronics,2010,19(3):389-393. 被引量：7

二级参考文献17

1Zhang W T, Wu W L, Feng D C, Su B Z. Some new observations on the SMS4 block cipher in the Chinese WAPI standard. In Proc. ISPEC 2009, Xi'an, China, Apr. 13-15, 2009, pp.324-335.
2Lu J, Kim J, Keller N, Dunkelman O. Improving the efficiency of impossible differential cryptanalysis of reduced camellia and MISTY1. In Proe. CT-RSA 2008, San Francisco, USA, Apr. 8-11, 2008, pp.370-386.
3Daemen J. Cipher and hash function design strategies based on linear and differential cryptanalysis [Ph.D. Dissertation]. K.U. Leuven, March 1995.
4Biham E, Shamir A. Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology, 1991, 4(1): 3-72.
5Selquk A A. On probability of success in linear and differential cryptanalysis. Journal of Cryptology, 2008, 21(1): 131-147.
6Specification of SMS4, block cipher for WLAN products - SMS4. http://www.oscca.gov.cn/UpFile/200621016423197990. pdf. (in Chinese).
7Ditt]e W, Ledin G (translators). SMS4 encryption algorithm for wireless networks. Cryptology ePrint Archive, Report 2008/329, Received Jul. 29 2008, http://eprint.iacr.org/.
8Liu F, Ji W, Hu L, Ding J, Lv S, Pyshkin A, Weinmann R P. Analysis of the SMS4 block cipher. In Proc. ACISP 2007, Townville, Australia, Jul. 2-4, 2007, pp.158-170.
9Ji W, Hu L. New description of SMS4 by an embedding over GF(2^8). In Proc. INDOCRYPT 2007, Chennai, India, Dec. 9-13, 2007, pp.238-251.
10Lu J. Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard. In Proc. ICICS 2007, Zhengzhou, China, Dec. 12-15, 2007, pp.306-318.

共引文献22

1刘凤梅,陈连俊,李春祥,李艳梅,张国双.一般SPT模型的抗差分和线性攻击安全性研究[J].通信学报,2012,33(1):120-127.
2张文英,刘祥忠.对基于NLFSR分组密码KTANTAN32的相关密钥中间相遇代数攻击[J].电子学报,2012,40(10):2097-2100. 被引量：4
3李校南,徐岩,戴紫彬.CBC模式下SMS4算法并行化研究[J].计算机工程与设计,2013,34(4):1226-1231. 被引量：2
4张少武,郑磊.模2n数乘运算的向量Walsh谱“1”值点分布特性[J].电子与信息学报,2013,35(10):2532-2535.
5吴筱,郭培源,何多多.DES和SM4算法的可重构研究与实现[J].计算机应用研究,2014,31(3):853-856. 被引量：10
6HUANG JiaLin,LAI XueJia.What is the effective key length for a block cipher: an attack on every practical block cipher[J].Science China(Information Sciences),2014,57(7):134-144. 被引量：2
7胡振宇,李志华,陈超群.基于用户社会关系的移动终端认证方案[J].计算机应用,2016,36(6):1552-1557. 被引量：1
8吕述望,苏波展,王鹏,毛颖颖,霍利利.SM4分组密码算法综述[J].信息安全研究,2016,2(11):995-1007. 被引量：75
9Lei CHENG,Bing SUN,Chao LI.Revised cryptanalysis for SMS4[J].Science China(Information Sciences),2017,60(12):139-147.
10李聪.基于任务宏的数据安全性验证方案[J].信息安全研究,2019,5(7):631-634.

同被引文献27

1Bogdanov A,Leander G,Nyberg K,et al.Integral and multidimensional linear distinguishers with correlation zero. Advances in Cryptology—ASIACRYPT 2012 . 2012
2Andrey Bogdanov,Meiqin Wang.Zero Correlation Linear Cryptanalysis with Reduced Data Complexity. Fast Software Encryption 2012 . 2012
3Bogdanov A,Geng H,Wang M,et al.Zero-correlation linear cryptanalysis with FFT and improved attacks on ISO standards Camellia and CLEFIA. Selected Areas in Cryptography—SAC 2013 . 2014
4Wen L,Wang M,Bogdanov A.Multidimensional zero-correlation linear cryptanalysis of E2. Progress in Cryptology—AFRICACRYPT 2014 . 2014
5Lu J.Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard. Information and Communications Security . 2007
6董晓丽.分组密码AES和SMS4的安全性分析[D].西安电子科技大学2011
7Andrey Bogdanov,Vincent Rijmen.Linear hulls with correlation zero and linear cryptanalysis of block ciphers[J]. Designs, Codes and Cryptography . 2014 (3)
8Office of State Commercial Cipher Administration.Block Cipher for WLAN Products-SMS4. http://www.oscca.gov.cn/UpFile/ 2006021016423197990 . 2006
9Lei Zang,Wen Tao Zhang,Wen Ling Wu.Cryptanalysis of reduced-round SMS4 block cipher. Information Security and Privacy . 2008
10Kim T H,Kim J,Hong S, et al.Linear and Differential Cryptanalysis of Reduced SMS4 Block Cipher. IACR Cryptology ePrint Archive2008/281 . 2008

引证文献4

1吕述望,苏波展,王鹏,毛颖颖,霍利利.SM4分组密码算法综述[J].信息安全研究,2016,2(11):995-1007. 被引量：75
2魏鹏娟.国密分组算法SM4研究综述[J].陕西交通科教研究,2023(1):27-31. 被引量：1
3马猛,赵亚群,刘庆聪,刘凤梅.SMS4算法的多维零相关线性分析[J].密码学报,2015,2(5):458-466. 被引量：10
4宋何颖秀,高海英.对21轮SMS4算法的多差分攻击[J].密码学报,2016,3(6):584-595. 被引量：1

二级引证文献85

1马双棚,丁谊.SM4掩码方案的机器学习攻击方法研究[J].武警工程大学学报,2018,34(6):63-67.
2吕述望,苏波展,王鹏,毛颖颖,霍利利.SM4分组密码算法综述[J].信息安全研究,2016,2(11):995-1007. 被引量：75
3程璐,魏悦川,潘晓中,李安辉.Zodiac密码算法的多维零相关线性分析[J].计算机应用,2017,37(6):1605-1608.
4王启武.SMS4算法原理及C语言实现[J].电脑编程技巧与维护,2017(12):30-32. 被引量：2
5程璐,魏悦川,牛向洲.分组密码Midori128的多维零相关线性分析[J].武警工程大学学报,2017,33(6):51-55.
6张俊贤,汪丽,安晓江.国产安全浏览器技术研究[J].信息安全研究,2018,4(1):31-39. 被引量：3
7徐小辉,芦志伟,张毅辉,魏秀丽,王姹娣.国密算法SM4在SAGD井下测温数据远传中的应用探索[J].新疆石油科技,2017,27(4):62-66. 被引量：1
8王剑,宋阳,韩绍程.基于国密SM4算法的ACARS数据链信息加密[J].中国民航大学学报,2018,36(1):6-10. 被引量：8
9刘书勇,付义伦.基于PKI技术的可搜索云加密存储系统[J].软件导刊,2018,17(2):182-185. 被引量：2
10程璐,魏悦川,李安辉,潘晓中.Midori算法的多维零相关线性分析[J].山东大学学报（理学版）,2018,53(2):88-94. 被引量：2

1李申华,张海纳,王小云.Dedicated Linear Attack on ARIA Version 1.0[J].Tsinghua Science and Technology,2009,14(2):212-217.
2燕善俊,余昭平.DES线性攻击的一点注记[J].信息安全与通信保密,2005,27(7):93-95.
3于晓丽,吴文玲,石振青,张建,张蕾,汪艳凤.Zero-Correlation Linear Cryptanalysis of Reduced-Round SIMON[J].Journal of Computer Science & Technology,2015,30(6):1358-1369. 被引量：4
4卢良安.NIST正在研究新的密码标准[J].电信技术研究,2000(1):36-39.
5苏波展,吴文玲,张文涛.Security of the SMS4 Block Cipher Against Differential Cryptanalysis[J].Journal of Computer Science & Technology,2011,26(1):130-138. 被引量：16
6邢育森,杨义先.分组密码安全性研究的新进展[J].信息安全与通信保密,1996,18(3):39-42. 被引量：5
7ZHANG HuanGuo,LI ChunLei,TANG Ming.Evolutionary cryptography against multidimensional linear cryptanalysis[J].Science China(Information Sciences),2011,54(12):2565-2577. 被引量：5
8董军武.4轮AES零相关线性壳的存在性[J].安徽师范大学学报（自然科学版）,2017,40(2):116-124.
9Jing Li,Wenhua Chen,Qian Zhang.A 600W Broadband Doherty Power Amplifier with Improved Linearity for Wireless Communication System[J].China Communications,2017,14(2):21-29.
10“国密”相关标准为构建金融信息安全体系提供支持[J].金融电子化,2013(11):93-93.

Journal of Computer Science & Technology

2014年第6期

浏览历史

内容加载中请稍等...