期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

流密码算法Grain的立方攻击 被引量:12

Cube Attack on Grain
下载PDF
导出
摘要 Dinur和Shamir在2009年欧洲密码年会上提出了立方攻击的密码分析方法.Grain算法是欧洲序列密码工程eSTREAM最终入选的3个面向硬件实现的流密码算法之一,该算法密钥长度为80比特,初始向量(initialvector,简称IV)长度为64比特,算法分为初始化过程和密钥流产生过程,初始化过程空跑160拍.利用立方攻击方法对Grain算法进行了分析,在选择IV攻击条件下,若算法初始化过程空跑70拍,则可恢复15比特密钥,并找到了关于另外23比特密钥的4个线性表达式;若算法初始化过程空跑75拍,则可恢复1比特密钥. At EUROCRYPT 2009, Dinur and Shamir proposed a new type of algebraic attacks named cube attack. Grain is one of the 3 final hardware-oriented stream ciphers in the eSTREAM portfolio, which takes an 80-bit secret key and a 64-bit initial vector as input and produces its keystream after 160 rounds of initialization. Applying cube attack on Grain with 70 initialization rounds, the study finds that 15-bit secret key can be recovered and can find 4 linear equations on another 23 bits of the secret key. Moreover, 1-bit secret key can be recovered by applying cube attack on Grain with 75 initialization rounds.
作者 宋海欣 范修斌 武传坤 冯登国
机构地区 中国科学院软件研究所信息安全国家重点实验室 中国科学院研究生院
出处 《软件学报》 EI CSCD 北大核心 2012年第1期171-176,共6页 Journal of Software
基金 国家自然科学基金(60833008 60902024)
关键词 eSTREAM工程 流密码算法 GRAIN 立方攻击 密钥恢复 eSTREAM project stream cipher Grain cube attack key recovery
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献16

  • 1eSTREAM-ECRYPT stream cipher project, http://www.ecrypt.eu.org/stream/.
  • 2Hell M, Johansson T. Breaking the F-FCSR-H stream cipher in real time. In: Pieprzyk J, ed. Proc. of the ASIACRYPT 2008. LNCS 5350, Heidelberg: Springer-Verlag, 2008. 557-569. [doi: 10.1007/978-3-540-89255-7_34].
  • 3Hell M, Johansson T, Meier W. Grain--A stream cipher for constrained environments, eSTREAM-ECRYPT Stream Cipher Project Report, 2005/010, 2005. http://www.ecrypt.eu.org/stream/ciphers/grain/grain.pdf [doi: 10.1504/IJWMC.2007.013798].
  • 4Berbain C, Gilbert H, Maximov A. Cryptanalysis of Grain. In: Robshaw MJB, ed. Proc. of the FSE 2006. LNCS 4047, Heidelberg: Springer-Verlag, 2006. 15-29. [doi: 10.1007/11799313_2].
  • 5Khazaei S, Hassanzadeh M, Kiaei M. Distinguishing attack on Grain. eSTREAM-ECRYPT Stream Cipher Project Report, 2005/071, 2005. http://www.ecrypt.eu.org/stream/papersdir/071.pdf.
  • 6Kucuk O. Slide resynchronization attack on the initialization of Grain 1.0. eSTREAM-ECRYPT Stream Cipher Project Report, 2006/044, 2006. http://www.ecrypt.eu.org/stream/papersdir/2006/044.ps.
  • 7Hell M, Johansson T, Maximov A, Meier W. The Grain family of stream ciphers. In: Robshaw M, Billet O, eds. Proc. of the New Stream Cipher Designs. LNCS 4986, Heidelberg: Springer-Verlag, 2008. 179-190. [doi: 10.1007/978-3-540-68351-3_14].
  • 8Hell M, Johansson T, Meier W. A stream cipher proposal: Grain-128. eSTREAM-ECRYPT Stream Cipher Project. 2006. http://www.ecrypt.eu.org/strearn/grainp3.html [doi: 10.1109/ISIT.2006.261549].
  • 9De Canniere C, Kucuk O, Preneel B. Analysis of Grain's initialization algorithm. In: Vaudenay S, ed. Proc. of the AFRICACRYPT 2008. LNCS 5023, Heidelberg: Springer-Verlag, 2008.276-289.
  • 10Zhang HN, Wang XY. Cryptanalysis of stream cipher Grain family. Cryptology ePrint Archive Report, 2009/109, 2009. http://eprint.iacr.org/2009/109/.

同被引文献121

  • 1MANGARD S, OSWALD E, POPP T..能量分析攻击[M].冯登国,周永彬,刘继业,等译.北京:科学出版社,2010:50-55.
  • 2DINUR I, SHAMIR A. Cube attacks on tweakable black box Polyno- mials[A]. EUROCRYPT 2009[C]. Cologne, Germany, 2009. 278-299.
  • 3CANNII~RE C, PRENEEL B. TRIVIUM - a stream cipher construc- tion inspired by block cipher design principles[EB/OL], eStream- ECRYPT Stream Cipher Project, Report 2005/030, http:// www. ecrypt.eu, org/stream/trivium.html, 2005.
  • 4AUMASSON J, DINUR I, MEIER W, et al. Cube testers and key recovery attacks on reduced-round MD6 and trivium[A]. FSE 2009[C]. Leuven, Belgium, 2009. 1-22.
  • 5YANG L, WANG M, QIAO S. Side Channel Cube Attack on PRE- SENT[A]. CANS 2009[C]. Beijing, China, 2009. 379-391.
  • 6FISCHER S, KHAZAEI S, MEIER W. Chosen IV statistical analysis for key recovery attacks on stream ciphers[A]. AFRICACRYPT 2008[C]. Casablanca, Morocco, 2008. 236-245.
  • 7KHAZAEI S, MEIER W. New self-synchronizing stream ciphers[A] pur, India, 2008.15-26. directions in cryptanalysis of INDOCRYPT 2008[C]. Kharag-.
  • 8VIELHABER M. Breaking ONE FIVIUM by AIDA an algebraic IV differential attack[EB/OL], http://eprint.iacr.org/2007/413, 2007.
  • 9ENGLUND H, JOHANSSON T, TURAN M S. A framework forchosen IV statistical analysis of stream ciphers[A]. INDOCRYPT 2007[C]. Chennai, India, 2007.268-281.
  • 10FILIOL E. A new statistical testing for symmetric ciphers and hash functions[A]. ICICS 2002[C]. Singapore, 2002. 342-353.

引证文献12

二级引证文献9

软件学报
2012年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部