摘要
在通常的分组密码ECB或CBC工作模式下,当数据分组的分组长度较小时,可能会因为密文组重复导致明文信息泄露。为此,给出了一种适用于保留格式加密算法的创新工作模式。以加密初始向量为起点,用一种密钥参与运算的非线性递归方法产生不可预测序列,并以加扰形式将该序列作用到分组迭代变换的输入和输出数据组中。即明文组变换到密文组的过程由明文加扰、分组加密和密文加扰三步构成。这样的工作模式将使得攻击者难以获得和积累明密对,以及实施已知明文攻击。这将在一定程度上消除某些密码算法因为明文组空间较小而存在的安全缺陷。因此,该工作模式适用于某些保留格式加密算法或分组较小的轻量级分组算法。
Small block sizes may lead to the information leakage of plaintext due to the cipher block repetition in the block cipher′s ECB or CBC mode.This paper presents an innovative block cipher mode for format preserving encryption.Firstly,encrypting an initialization vector as the start point,and then generating the unpredictable sequence by the method of user key functioned nonlinear recursion.By scrambling,the sequence is functioned into the input and the output before and after the block iterative-transformation.The process of transforming the original plaintext into the ciphertext consists of three steps:plaintext scrambling,block cipher encryption and ciphertext scrambling.This makes it difficult for attackers to obtain and accumulate plaintext-ciphertext pairs,as well as to carry out any known-plaintext attacks.To a great extent,this will eliminate the security defects that may arise from the smaller space of plaintext blocks by using a certain block cipher scheme.Therefore,this mode applies to some FPE algorithms or lightweight cipher schemes with smaller block sizes.
作者
张玉安
王野
漆骏锋
胡伯良
Zhang Yu′an;Wang Ye;Qi Junfeng;Hu Boliang(Beijing Haitai Fangyuan Technologies Co.,Ltd.,Beijing 100094,China;University of Electronic Science and Technology of China,Chengdu 611731,China)
出处
《信息技术与网络安全》
2022年第6期22-25,35,共5页
Information Technology and Network Security
关键词
分组密码工作模式
保留格式加密
明文密文加扰
block cipher modes
format preserving encryption
plaintext-ciphertext scrambling
