摘要
CAST-256是在CAST-128基础上改进的Feistel结构分组密码,作为首轮AES候选算法,该算法的分析成果已有不少。目前,已知的攻击方法分析中,多维零相关线性分析和积分分析能实现28轮的密钥恢复攻击。根据已有的文献资料,详细分析了如何利用积分分析与零相关分析两种方法之间联系,实现28轮CAST-256算法积分分析,并且密钥恢复算法的复杂度达到2247Enc。
CAST-256 is a block cipher designed based on CAST-128. As a candidate for the first AES conference, there are a lot of researches on CAST- 256. As known, the zero-correlation eryptanalysis and integral cryptanalysis for 28-round CAST- 256 have been given. According to the existing literature, this paper studied the links between those methods and gave the integral analysis for 28-round CAST-256 with the links in tail.
出处
《计算机应用研究》
CSCD
北大核心
2017年第1期221-223,共3页
Application Research of Computers
基金
国家自然科学基金资助项目(61272434)
山东省自然科学基金资助项目(ZR2012FM004
ZR2013FQ021)
信息保障技术重点实验室开放课题(KJ-13-004)
