期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

SHACAL-2算法中非线性函数的差分特性及其应用 被引量:1

Differential Analysis of the Nonlinear Functions of SHACAL-2 Algorithm and the Application
下载PDF
导出
摘要 SHACAL-2算法是欧洲NESSIE计划推荐的分组密码标准算法之一,选择函数和主函数是SHACAL-2算法中两类基本的非线性函数。该文分析了这两类非线性函数的差分特性,证明了当选择函数的第1个位置输入差分非零或者主函数的前两个位置中任意一个输入差分非零时(其它位置差分均为零),对应差分方程解的个数仅与输入差分的重量有关。将这一特性引入到SHACHL-2算法的差分故障攻击中,结果表明至少需要160个随机故障才能使该攻击以超过60%的成功概率恢复512 bit的种子密钥,至少需要240个随机故障才能以超过98%的成功概率恢复512 bit的种子密钥。 SHACAL-2 algorithm is one of the standard block ciphers recommended by European NESSIE plan. It includes two kinds of nonlinear functions, the choice function and the major function. This paper studies mainly differential properties of the two nonlinear functions, and it is shown that the number of solutions of the differential equation is only related with the weight of the input difference when the difference only appears at the first position of the choice function, or only appears at the first or the second position of the major function. This observation is applied to the differential fault analysis on SHACAL-2. The results demonstrate that at least 160 random faults are needed to obtain 512 bit key with successful probability more than 60%, while at least 240 random faults are needed to obtain 512 bit key with successful probability more than 98%.
作者 沈璇 李瑞林 李超 赵光耀
机构地区 国防科技大学理学院 国防科技大学电子科学与工程学院 国防科技大学计算机学院
出处 《电子与信息学报》 EI CSCD 北大核心 2014年第7期1661-1666,共6页 Journal of Electronics & Information Technology
基金 国家自然科学基金(61103192) 国家973计划项目(2013CB338002)资助课题
关键词 密码学 SHACAL-2算法 选择函数 主函数 差分特性 故障分析 Cryptography SHACAL-2 algorithm Choice function Major function Differential property Fault analysis
分类号 TN918 [电子电信—通信与信息系统]
  • 相关文献

参考文献13

  • 1Handschuh H,Naccache D. SHACAL:a family of block ciphers[OL].https://www.cosic.esat.kuleuven.be/nessie/,2002.
  • 2Boneh D,DeMillo R A,Lipton R J. On the importance of eliminating errors in cryptographic computations[J].Journal of Cryptology,2001,(02):101-119.
  • 3Biham E,Shamir A. Differential fault analysis of secret key cryptosystems[J].LNCS,1997.513-525.
  • 4Hemme L. A differential fault attack against early rounds of(Triple-)DES[J].LNCS,2004.254-267.
  • 5张蕾,吴文玲.SMS4密码算法的差分故障攻击[J].计算机学报,2006,29(9):1596-1602. 被引量:67
  • 6李玮,谷大武.基于密钥编排故障的SMS4算法的差分故障分析[J].通信学报,2008,29(10):135-142. 被引量:23
  • 7Kim C H. Differential fault analysis of AES:toward reducing number of faults[J].Information Sciences,2012.43-57.
  • 8张中亚,关杰.对流密码算法LEX的差分故障攻击[J].上海交通大学学报,2012,46(6):865-869. 被引量:5
  • 9Hu Y,Gao J,Liu Q. Fault analysis of Trivium[J].Designs Codes and Crytography,2012,(03):289-311.
  • 10Gu D,Guo Z,Liu J. Differential fault analysis on lightweight blockciphers with statiastical cryptanalysis techniques[A].Leuven,2012.27-33.

二级参考文献50

  • 1张蕾,吴文玲.SMS4密码算法的差分故障攻击[J].计算机学报,2006,29(9):1596-1602. 被引量:67
  • 2KELSEY J, SCHNE/ER B, WANGNER D, et al. Side channel crypt-analysis of product ciphers[A]. The European Symposium on Research in Computer Security-ESORICS '98[C]. Louvain-la-Neuve, Belgium, 1998.97-110.
  • 3BONEH D, DEMILLO R A, LIPTON R J. On the importance of checking cryptographic protocols for faults[A]. EUROCRYPT'97[C]. Konstanz, Germany, 1999.37-51.
  • 4KOCHER C P. Timing analysis on implementations of Diffie-Hellman, RSA, DSS, and other systems[A]. CRYPTO'96[C]. Santa Barbara, California, 1996. 204-223.
  • 5KOCHER C P, JAFFE J, JUN B. Differential power analysis[A]. CRYPTO'99[C]. 1999.388-397.
  • 6BIHAM E, SHAMIR A. Differential fault analysis of secret key cryptosystems[A]. CRYPTO'97[C]. Santa Barbara, California, USA, 1997. 523-525.
  • 7BIEHL I, MEYER B, MULLER V. Differential fault analysis on elliptic curve cryptosystems[A]. CRYPTO 2000[C]. Santa Barbara, California, 2000. 232-246.
  • 8BLOMER J, SEIFERT J E Fault based cryptanalysis of the advanced encryption standard (AES)[A]. Financial Cryptography-FC 2003[C]. Guadeloupe, French West Indies, 2003. 162-181.
  • 9GIRAOUD C. DFA on AES[A]. Advanced Encryption Standard-AES[C]. Berlin, 2005.27-41.
  • 10CHEN C N, YEN S M. Differential fault analysis on AES key schedule and some countermeasures[A]. Proceedings of the Australasian Conference on Information Security and Privacy-ACISP 2003[C]. Wollongong, Australia, 2003. 118-129.

共引文献79

同被引文献18

  • 1DAEMEN J and RIJMEN V. The design of Rijndael: AES- the advanced encryption standard[S]. Springer-Verlag, 2002.
  • 2NIELS F, JOHN K, STEFAN L, et al. Improved cryptanalysis of Rijndael[J]. LNCS, 2000, 1978: 213-230.
  • 3HENRI G and MARINE M. A collision attack on 7 rounds of Rijndael[C]. Third AES Candidate Conference, New York, USA, 2000: 230-241.
  • 4TYGE T, LARS R, STEFAN K, et al. Security of the AES with a secret S-box[EB/OL]. http://eprint.iacr.org/2015/144. 2015.2.
  • 5CHRISTOF B, PHILIPP J, MARTIN M, et al. Analyzing permutations for AES-like ciphers: understanding ShiftRows [EB/OL]. http://eprint.iacr.org/2015/212. 2015.3.
  • 6HAMID M, MOHAMMAD D, RIJMEN V, et al. Improved impossible differential cryptanalysis of 7-round AES-128[J]. LNCS, 2010, 6498: 282-291.
  • 7DUNKELMAN O, KELLER N, and SHAMIR A. Improved single-key attacks on 8-round AES-192 and AES-256[J]. LNCS, 2010, 6477: 158-176.
  • 8PATRICK D and PIERRE-ALAIN F. Exhausting Demirci- Sel?uk meet-in-the-middle attacks against reduced-round AES[EB/OL]. http://eprint.iacr.org/ 2015/ 259. 2015.3.
  • 9J?R?MY J, MARIA N, and THOMAS P. Improved cryptanalysis of AES-like permutations[EB/OL]. http://eprint. iacr.org/2015/279. 2015.3.
  • 10DMITRY K, CHRISTIAN R, and ALEXANDRA S. Bicliques for preimages: attacks on Skein-512 and the SHA-2 family[C]. 19th International Workshop on Fast Software Encryption, Washington DC, USA, 2012: 244-263.

引证文献1

二级引证文献2

电子与信息学报
2014年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部