摘要
S盒可分特征的刻画是自动化积分分析的关键。为实现通用性,支持动态S盒和大状态S盒的刻画,给出了3种线性不等式刻画方法及其一般刻画形式,其中,凸包的H表示方法不会引入临时变量,其一般刻画形式使用的线性不等式数量最少,但属于非等价刻画;大M方法在引入一个二进制临时变量的情况下实现等价刻画,但线性不等式数量最多;维数扩充法同样引入一个二进制临时变量,在实现等价刻画的同时线性不等式数量与凸包的H表示方法相当,刻画效果最优。
The characterization of division trails of S-box is very important for automatic integral cryptanalysis. In order to realize universality and support dynamic S-box and large S-box, three methods to characterize division trails by using linear inequalities and their general forms are studied. Among them, the H-representation-of-convex-hull method does not introduce temporary variables, and the corresponding general form uses the least number of linear inequalities, but it belongs to non-equivalent characterization.The big-M method realizes equivalent characterization by introducing a binary temporary variable, but uses the maximum number of linear inequalities. The dimension-extend method also introduces a binary temporary variable and realizes equivalent characterization. At the same time, it almost uses the same number of linear inequalities as the H-representation-of-convex-hull method. It is the best method to characterize division trails of S-box by using linear inequalities.
作者
胡建勇
张文政
董新锋
周宇
苗旭东
HU Jianyong;ZHANG Wenzheng;DONG Xinfeng;ZHOU Yu;MIAO Xudong(No.30 Institute of CETC,Chengdu Sichuan 610041,China;Science and Technology on Communication Security Laboratory,Chengdu Sichuan 610041,China)
出处
《通信技术》
2022年第4期480-485,共6页
Communications Technology
基金
国家重点研发计划(2020YFC1522900)
四川省科技计划(2020JDJQ0076)。
关键词
S盒
积分分析
可分性质
线性不等式
凸包
S-box
integral cryptanalysis
division property
linear inequality
convex hull
