摘要
MANTIS密码是于2016年美密会上提出的一种轻量级可调分组密码,它的设计采用FX结构和TWEAKEY框架,适用于物联网环境中具有低延迟、高实时安全需求的受限设备中.本文基于半字节随机故障模型以及唯密文攻击,提出并讨论一种针对MANTIS密码的新型唯密文故障分析.该分析结合公开调柄,利用故障注入后中间状态的不均匀性,可以破译MANTIS的全部版本.实验结果表明,提出的新型双重区分器狄利克雷分布-汉明重量以及狄利克雷分布-极大似然最少分别需要392和396个故障,以99%及以上的成功率破译MANTIS各版本的128 bit原始密钥,不仅减少了故障注入数,而且提高了攻击效率,因此,MANTIS密码不能抵抗唯密文故障分析的攻击.该结果为其他轻量级可调分组密码的安全性分析和防护提供了重要参考.
The lightweight tweakable block cipher MANTIS was published at the international Cryptology conference in 2016.It adopts the FX construction and the TWEAKEY framework,and can be applicable to the devices with the security requirements of low latency and high real time in the Internet of Things.The novel ciphertext-only fault analysis on MANTIS is proposed and discussed on the basis of the random nibble-oriented fault model and the assumption of ciphertext-only attack.On the public tweaks,the attackers can take advantage of the non-uniform property of the nibbles after fault injections,and recover the secret keys of all versions of MANTIS.The experimental results show that the new double distinguishers of Dirichlet distribution-Hamming weight and Dirichlet distribution-maximum likelihood can recover the 128-bit secret key with 392 and 396 faults,respectively.And the probability of success is no less than 99%.The proposed ciphertext-only fault analysis can not only decrease the faults,but improve the attacking efficiency.Thus,MANTIS cannot resist against the ciphertext-only fault analysis.It is vital for the security analysis and protection of other lightweight tweakable block ciphers.
作者
李玮
张雨希
谷大武
张金煜
朱晓铭
刘春
蔡天培
李嘉耀
LI Wei;ZHANG Yu-xi;GU Da-wu;ZHANG Jin-yu;ZHU Xiao-ming;LIU Chun;CAI Tian-pei;LI Jia-yao(School of Computer Science and Technology,Donghua University,Shanghai 201620,China;Department of Computer Science and Engineering,Shanghai Jiao Tong University,Shanghai 200240,China;Department of Shanghai Key Laboratory of Scalable Computing and Systems(Shanghai Jiao Tong University),Shanghai 200240,China;Shanghai Key Laboratory of Integrate Administration Technologies for Information Security(Shanghai Jiao Tong University),Shanghai 200240,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2022年第4期967-976,共10页
Acta Electronica Sinica
基金
国家自然科学基金(No.61772129,No.61932014)
国家密码发展基金(No.MMJJ20180101)
上海市自然科学基金(No.19ZR1402000)
上海市可扩展计算与系统重点实验室开放课题
上海市信息安全综合管理技术研究重点实验室开放课题
中央高校基本科研业务费专项资金。
