摘要
本文提出了一个新的分组密码算法-Ballet算法.该算法共有三个版本:Ballet-128/128/46、Ballet-128/256/48和Ballet-256/256/74.所有版本采用相同的轮函数,无S盒和复杂线性层,仅由模加、异或和循环移位操作组成,即ARX结构算法.因而本算法灵活性和延展性强,并能够轻量化实现.除此之外,Ballet算法在Lai-Massey结构的基础上进行简化设计而成,并采用4分支的近似对称ARX结构,利于软件实现.其在32位和64位平台环境下均有很好的表现,即使在采用单路实现方式下依然具有很大的优势.在安全性方面,Ballet算法能够抵抗现有的差分分析和线性分析等已知攻击方法,且因采用ARX结构,无S盒的使用,防护侧信道攻击的代价小.
A new block cipher family named Ballet was designed.Ballet has three versions:Ballet-128/128/46,Ballet-128/256/48,and Ballet-256/256/74.All versions have the same round function,which only includes modulo addition,XOR,and rotation operations(i.e.ARX construction),without any S-box and complex linear layer.This design enables Ballet cipher to have strong flexibility and scalability.In addition,Ballet cipher is inspired by simplifying the Lai-Massey construction,and adopts 4-branch almost symmetric ARX construction,so it has excellent performance in software implementation both on 32-bit and 64-bit platforms.Even though under one-way implementation,Ballet still has nice performance and some advantages.With respect to its security,Ballet can thwart against all known attacks,such as differential attack,linear attack,and so on.Since no S-box is used in Ballet,the cost to resist against side channel attack is small.
作者
崔婷婷
王美琴
樊燕红
胡凯
付勇
黄鲁宁
CUI Ting-Ting;WANG Mei-Qin;FAN Yan-Hong;HU Kai;FU Yong;HUANG Lu-Ning(School of Cyberspace,Hangzhou Dianzi University,Hangzhou 310018,China;School of Cyber Science and Technology,Shandong University,Qingdao 266237,China;Key Laboratory of Cryptologic Technology and Information Security,Ministry of Education,Shandong University,Qingdao 266237,China)
出处
《密码学报》
CSCD
2019年第6期704-712,共9页
Journal of Cryptologic Research
基金
国家自然科学基金(61902100,61572293,61502276,61692276)
国家密码发展基金(MMJJ20170102)
山东省重大科技创新工程(2017CXGC0704)
山东省自然科学基金(ZR2016FM22)~~
