摘要
针对分组较小的分组密码算法在安全方面存在的某些设计缺陷,以及因明文组空间较小可能引发的明文格式特征泄露问题,设计了一种能适用于较小分组长度的分组密码工作模式。对长段明文进行分组加密时,通过将前一组密文与系统参数及密钥因素混合产生一组伪随机向量,并将该向量以加扰形式作用到当前明文组,然后对被加扰的明文组做多轮迭代式分组加密。由于被加扰后的明文组具有不可预测性,可有效地防止已知明文或选择明文攻击。给出了一种产生认证标签的方法,使得该工作模式可提供数据加密和报文完整性检验功能。
To shelter some design weaknesses in the security of block cipher algorithms with smaller blocks as well as the leakage of plaintext features caused by the small plaintext blocks,a new block cipher operation mode that can be applied to rather small block size is put forward.For block encryption of long segment plaintexts,a set of pseudo-random vectors is generated by mixing the previous cipher block with system parameters and key factors,and the vectors are added to the current set of plaintexts in a way of masking,and then the masked block is encrypted with an iterative block cipher scheme.As the masked block has the feature of unpredictable,some known or chosen plaintext attacks can be prevented effectively.Also a method of generating message authentication code is given,allowing this operation mode can provide data encryption and message integrity verification.
作者
张玉安
漆骏锋
王野
胡伯良
ZHANG Yu’an;QI Junfeng;WANG Ye;HU Boliang(Beijing Haitai Fangyuan Technologies Co.,Ltd.,Beijing 100094,China;University of Electronic Science and Technology of China,Chengdu Sichuan 611731,China)
出处
《信息安全与通信保密》
2022年第11期92-99,共8页
Information Security and Communications Privacy
关键词
密文分组链接
工作模式设计
保留格式加密
报文完整性检验
cipher block chaining
operation mode design
format preserved encryption
message integrity verification