GRANULE和MANTRA算法的不可能差分区分器分析

Impossible differential distinguisher analysis of GRANULE and MANTRA algorithm

轻量级分组密码算法GRANULE和MANTRA结构简单,加密速度快且易于软硬件实现,特别适用于资源受限环境。为对这2种算法进行安全性分析,提出一种不可能差分区分器的自动化搜索方法。基于GRANULE和MANTRA算法结构特性,通过分析其S盒的差分分布表得到S盒差分特征,再利用中间相遇思想,分别对从加/解密方向得到的差分路径进行遍历,筛选出概率为0的最优差分路径。分析结果表明,GRANULE算法存在144个不同的7轮不可能差分区分器;MANTRA算法存在52个不同的9轮不可能差分区分器。与已有结果相比较,新发现的区分器轮数均是目前最高的。

The lightweight block cipher algorithms called GRANULE and MANTRA have a simple structure, fast encryption speed, and they can be easy implemented in software and hardware. Two algorithms are especially suitable for resource-constrained environments. To analyze the security of two algorithms, an automatic search method of impossible differential distinguishers was proposed. Based on the structural characteristics of the GRANALE and MANTRA, the S-box differential characteristics were obtained by analyzing the S-box differential distribution table, and then the idea of intermediate encounter was used to traverse from the difference path obtained from the encryption/decryption direction seperately to select the optimal differential path with probability 0. The analysis results show that there are 144 different 7-round impossible differential distinguishers in the GRANULE, and 52 different 9-round impossible differential distinguishers in the MANTRA. Compared with the existing results, the rounds of the proposed distinguisher is currently the highest.