加密算法Serpent的线性变换的一些性质

SOME PROPERTIES OF THE LINEAR TRANSFORMATION OF THE BLOCK CIPHER SERPENT

对加密算法 Serpent中的线性变换进行了仔细的研究 ,证明了该线性变换的一些性质 .根据这些性质 ,并引进 Λ-集合和影响集的概念 ,得到了对于 3轮 Serpent加密算法实施 Square攻击的如下步骤 :1获取满足一定条件的 16个明文分组所对应的密文分组 ;2任意选取 12 8位的密钥 K3,并求其上述 16个密文分组的异或 ;3对所得到的 16个分组施行 S2 的逆变换 ;4求这 16个分组的按位异或 ,若为 0 ,则说明 2中所选取的 K3是正确的 ,否则返回 2 .该攻击法需要 16个选择明文分组和平均 2 1 2 7的异或运算和 S2 逆变换 .其中 S2 表示第 2轮的

The linear transformation of the block cipher Serpent is studied in detail through the introduction of a new concept called 'influence set of a bit', and another concept called 'Λ Set based on a nibble' is also introduced. In virtue of these two concepts, a modified Square attack based on a nibble is designed to attack on the reduced Serpent of 3 rounds with 16 chosen plaintext ciphertext blocks and average 2127 inverse S box operations. The detailed attack steps are as following: ① Finding ciphertext blocks corresponding to the 16 plaintext blocks satisfying some conditions given in the paper; ② Arbitrarily taking 128 bit key K 3 , and evaluating the exclusive OR's of this key and the 16 ciphertext blocks given above; ③ Finding the inverse S 2 operations on the resulting 16 blocks; and ④ Finally evaluating the bit wise exclusive OR's of the 16 blocks obtained in ③ above; if the result is 0, then K 3 is the right key, otherwise return to step ②.