An Improved Framework of Massive Superpoly Recovery in Cube Attacks Against NFSR-Based Stream Ciphers

针对立方攻击中大规模超多项式恢复技术的改进

下载PDF

导出

摘要 A critical problem in the cube attack is how to recover superpolies efficiently.As the targeting number of rounds of an iterative stream cipher increases,the scale of its superpolies becomes larger and larger.Recently,to recover massive superpolies,the nested monomial prediction technique,the algorithm based on the divide-and-conquer strategy,and stretching cube attacks were proposed,which have been used to recover a superpoly with over ten million monomials for the NFSR-based stream ciphers such as Trivium and Grain-128AEAD.Nevertheless,when these methods are used to recover superpolies,many invalid calculations are performed,which makes recovering superpolies more difficult.This study finds an interesting observation that can be used to improve the above methods.Based on the observation,a new method is proposed to avoid a part of invalid calculations during the process of recovering superpolies.Then,the new method is applied to the nested monomial prediction technique and an improved superpoly recovery framework is presented.To verify the effectiveness of the proposed scheme,the improved framework is applied to 844-and 846-round Trivium and the exact ANFs of the superpolies is obtained with over one hundred million monomials,showing the improved superpoly recovery technique is powerful.Besides,extensive experiments on other scaled-down variants of NFSR-based stream ciphers show that the proposed scheme indeed could be more efficient on the superpoly recovery against NFSR-based stream ciphers. 立方攻击的一个关键问题是如何有效地恢复超多项式.随着序列密码算法目标轮数的增长,其超多项式的规模也变的越来越大.近年来,为了恢复大规模超多项式,一系列新的技术被提出,包括嵌套单项预测技术、基于分治策略的恢复算法以及延展立方攻击.针对基于NFSR的序列密码算法,这些新技术能够用来恢复项数达到千万级别的超多项式.然而,利用这些新技术恢复超多项式的过程中,许多无效计算的存在使得超多项式的恢复变得更加困难.本文观察到一些有趣的实验现象能够用于改进上述方法.基于这一观察,提出了一种新的方法来避免超多项式恢复过程中存在的部分无效计算,将该方法与嵌套单项预测技术相结合,得到了改进的超多项式恢复框架.将其应用于844和846轮的Trivium算法,成功恢复了具有项数达到亿级的超多项式的准确的代数正规型,证明了改进的恢复超多项式的技术是有效的.此外,在其他减轮的基于NFSR的序列密码算法上的广泛实验表明,所提出的改进确实能够更加有效地恢复其超多项式.

作者 LIU Chen TIAN Tian QI Wen-Feng 刘晨;田甜;戚文峰(信息工程大学,郑州450001)

机构地区 Information Engineering University

出处《密码学报（中英文）》 CSCD 北大核心 2024年第5期1179-1198,共20页 Journal of Cryptologic Research

基金 National Natural Science Foundation of China(62372464)。

关键词 NFSR-based stream ciphers cube attacks MILP Trivium 基于NFSR的序列密码立方攻击 MILP Trivium

分类号 TP309.7 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

1杨光,金钊,闫静.芳纶纳米纤维/碳纳米管复合气凝胶传感器的制备及其性能[J].天津工业大学学报,2024,43(5):1-7.
2李小娴,王彦铭,陶华,吴灿雄,吴鲤滨.基于能源和频率优化调节的电动汽车超级充电站电池储能调度策略研究[J].自动化与仪器仪表,2024(9):60-63.
3Yu Pan,Michelle Åhlén,Maria Strømme,Chao Xu.Recovering noble metals from waste streams using porous organic frameworks for heterogeneous catalysis[J].Science China Chemistry,2024,67(11):3578-3587.
4刘帅,任小广,王世雄,关杰,张啸川,谭捷,王军.基于MILP的轻量级密码算法ACE与SPIX的线性分析[J].电子学报,2024,52(9):3065-3074.
5田鹏超,周乐其,潘比康,石野.融合图神经网络与凸差优化的高效混合整数优化方法[J].人工智能,2024(5):35-43.
6杨路,AKRAM Naeem,常承林,莫文龙,申威峰.耦合有机朗肯循环的换热网络全局优化[J].华东理工大学学报（自然科学版）,2024,50(5):668-677.
7石磊,刘红岩,姜楠,宋俊,庄旭品.MOF-808@ANFs气凝胶的制备及其对CEES的催化降解[J].天津工业大学学报,2024,43(5):38-44.
8Yixuan Cheng,Wenqing Fan,Wei Huang,Jingyu Yang,Gaoqing Yu,Wen Liu.MSLFuzzer:black-box fuzzing of SOHO router devices via message segment list inference[J].Cybersecurity,2024,7(4):89-109.
9王慧.思想政治教育融入粮食专业人才培养的价值意蕴及实践路径研究[J].教育进展,2024,14(10):1133-1137.
10Shuohui Yin,Yingjie Wang,Jingang Liu.Predicting the probability distribution of Martian rocks mechanical property based on microscale rock mechanical experiments and accurate grain-based modeling[J].International Journal of Mining Science and Technology,2024,34(9):1327-1339. 被引量：1

密码学报（中英文）

2024年第5期

浏览历史

内容加载中请稍等...

An Improved Framework of Massive Superpoly Recovery in Cube Attacks Against NFSR-Based Stream Ciphers

相关作者

相关机构

相关主题

浏览历史