摘要
研究了卫星电话GMR-2流密码算法的碰撞特性,以算法的F组件为桥梁,通过分析密钥差分与算法F组件输出碰撞以及F组件输出碰撞与密钥流字节碰撞之间的联系,最终得到密钥差分与密钥流碰撞之间的关系。研究表明,对于相同的帧号,当密钥对只在某一个字节上有差分,且差分的前4 bit与后4 bit相等时,该密钥对将以高概率使密钥流发生碰撞。实验结果显示,密钥流碰撞概率为2^(-8.248),远远高于理想碰撞概率2^(-120)。这再次证明了GMR-2加密算法存在较大的安全隐患。
A collision property analysis of the GMR-2 cipher used in the satellite phone was presented. By using the F-component as a bridge, the link between the difference of the key byte and the collision of the output of F as well as the link between the collision of the output of F and the collision of keystream byte were analyzed, which finally revealed the relationship between the difference of the original key byte and the keystream collision. The theoretical analysis showed that for a random frame number, a special chosen key pair could lead to a keystream collision with a high probability, when the key pair has only one byte difference in which the most significant 4 bit of the difference was equal to the last significant 4 bit. The experimental result shows that the keystream collision probability is 2?8.248, which is far higher than the ideal collision probability 2?120. This proves once again, that there exists serious potential security hazards in the GMR-2 cipher.
出处
《通信学报》
EI
CSCD
北大核心
2018年第2期88-95,共8页
Journal on Communications
基金
国家自然科学基金资助项目(No.61402515
No.61702536)~~
关键词
卫星电话
流密码
GMR-2
碰撞分析
satellite phones, stream cipher, GMR-2, collision analysis
