摘要
在设计一个安全高效的分组密码时,分析其抵抗差分攻击的安全性是非常有必要的.实现这种方法的一种有效途径是寻找这个密码算法的最小活性S盒数目,或者是这个最小数目的下界.孙思维等人在2013年的信息安全与密码学国际会议上提出利用MILP方法自动分析密码算法抵抗相关密钥差分攻击的安全性,这种方法显著的减少了密码工作者的工作量.然而,在对面向位级的设计中,由于缺乏合适的工具,因此在相关密钥模型中,直接利用孙思维教授等人的方法不能直接获得满轮密码算法的具体结果.在本文中,我们用简单分割方法改善孙思维教授等人的方法,并且我们将这种改善的方法应用到LBlock算法上,我们证明满轮LBlock的任何相关密钥差分特征的概率的上界是2^(-60).对LBlock关于相关密钥差分攻击来说,用改善方法得到的安全界限(2^(-60))较之前方法得到的安全界限(2^(-56))更紧.
It is necessary for us to evaluate the security against differential attacks when designing secure block ciphers. An effective way to achieve this is to find the minimum number of active S-boxes, or find the lower bound of active S- boxes. Based on MILP, Sun Siwei et al. proposed a novel method at 2013 International Conference on Information Security and Cryptography, which can automatically analyse the security of block cipher. This method can significantly reduce the workload of designers and cryptanalysts. However, in the design of the bit -oriented level, the method by Sun Siwei et al. cannot directly get the full round of the specific results of the algorithm in the related-key model due to the lack of appropriate tools. In this paper, we improved the approach by Siwei Sun et al. by using simple split method. We applied this improved method to the block cipher of LBlock and proved that the upper bound of the probability of any related key differential characteristic of the full round LBlock is 2^-60 . For the LBlock, the safety margin ( 2-60 ) which obtained by the improved method is more tight than the safety limit ( 2^-56 ) which obtained by the previous method for the related key difference attack.
作者
杨萍
武传坤
Yang Ping;Wu Chuankun(School of Information Science and Engineering, Shandong Normal University, 250358, Jinan, China;State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, 100190, Beijing, China)
出处
《山东师范大学学报(自然科学版)》
CAS
2017年第4期12-15,共4页
Journal of Shandong Normal University(Natural Science)
基金
国家自然科学基金资助项目(61173134)
