摘要
本文提出一族新的分组密码算法TANGRAM.TANGRAM包含三个版本:TANGRAM128/128,分组长度和密钥长度均为128比特;TANGRAM 128/256,分组长度为128比特,密钥长度为256比特;TANGRAM 256/256,分组长度和密钥长度均为256比特.TANGRAM分组密码采用SP网络,我们对其S盒的选取以及线性层移位参数的选取进行了深入研究,以使TANGRAM尽可能达到最优的安全性和实现性能的性价比.我们深入分析了TANGRAM针对差分、线性、不可能差分、积分、相关密钥等重要密码分析方法的安全性,为它预留了足够的安全冗余.得益于比特切片方法,TANGRAM在多种软件和硬件平台上都具有很好的表现,可以灵活地适用于多种应用场景.
This study proposes a new block cipher named TANGRAM.It has 3 different versions:TANGRAM 128/128,with block length and key length both being 128 bits;TANGRAM 128/256,with 128-bit block length and 256-bit key length;TANGRAM 256/256,with block length and key length both being 256 bits.TANGRAM uses an SP-network.To achieve the best possible securityperformance tradeoff,a deep study has been made on the selection of the TANGRAM S-box and the rotation parameters of the linear layer.An extensive and deep security analysis of TANGRAM was made against known cryptanalytic approaches,including differential,linear,impossible differential,integral,and related-key cryptanalysis,the analysis shows that TANGRAM has sufficient security redundancy.Due to its bit-slice style,TANGRAM offers great performance in both hardware and software implementations,which provides good flexibility for different application platforms.
作者
张文涛
季福磊
丁天佑
杨博翰
赵雪锋
向泽军
包珍珍
刘雷波
ZHANG Wen-Tao;JI Fu-Lei;DING Tian-You;YANG Bo-Han;ZHAO Xue-Feng;XIANG Ze-Jun;BAO Zhen-Zhen;LIU Lei-Bo(State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China;Institute of Microelectronics,Tsinghua University,Beijing 100084,China;Hubei Key Laboratory of Applied Mathematics,Faculty of Mathematics and Statistics,Hubei University,Wuhan 430062,China;Nanyang Technological University,Singapore 637371,Singapore)
出处
《密码学报》
CSCD
2019年第6期727-747,共21页
Journal of Cryptologic Research
基金
国家自然科学基金(61379138)
IOT安全联合研究项目(Y8HX376678)~~
关键词
分组密码
比特切片方法
安全性分析
软件实现
硬件实现
侧信道防护
block cipher
bit-slice
security cryptanalysis
software performance
hardware performance
protection against side-channel attack