摘要
压缩函数采用高级加密标准AES(Advanced Encryption Standard)的杂凑模型是杂凑函数设计的重要方式之一,研究者已经提出了针对7轮单AES分组杂凑模型的原像攻击和6轮单AES分组杂凑模型的碰撞攻击,而针对多AES分组的杂凑模型安全性仍未知.本文提出了适应于后量子时代的两AES分组和四AES分组的杂凑函数模型的原像攻击,该攻击中采用了初始结构、连接剪切、部分匹配等技巧,恢复了7轮双AES分组和6轮四AES分组的杂凑函数的原像,与已有7轮单AES分组杂凑模型的原像攻击相比,双AES分组杂凑模型可以达到几乎相当的安全强度,而四AES分组杂凑模型安全强度更强.此研究成果是对AES分组杂凑模型原像攻击的一个重要补充,为AES分组杂凑模型的设计提供了有力的理论保障.
The hash mode with the AES(Advanced Encryption Standard)compression function is one of the important methods of hash function design.Researchers have proposed preimage attacks on the 7-round single AES grouping hash model and the 6-round single AES grouping hash model.The security of multiple AES grouping hash model is still unknown.This paper proposes preimage attacks on the hash function models of double AES grouping and four AES grouping in the post-quantum era.In these attacks,some techniques such as initial structure,split-and-cut,and partial matching are used to recover the preimages of 7-round double AES grouping hash function model and 6-round four AES grouping hash model.Compared with the previous preimage attack on the 7-round single AES grouping hashing model,the double AES grouping hashing model can almost achieve the same security strength,while the four AES grouping hashing model has stronger security strength.These research results are an important supplement of the preimage attacks on the AES grouping hash model,and can provide a strong theoretical guarantee for the design of the AES grouping hash model.
作者
李瑞同
刘亚
赵逢禹
LI Rui-tong;LIU Ya;ZHAO Feng-yu(Dept.of Computer Science&Engineering,Shanghai Key Lab of Modern Optical System,University of Shanghai for Science&Technology,Shanghai 200093,China;State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2023年第6期1274-1282,共9页
Journal of Chinese Computer Systems
基金
“十三五”密码发展基金理论项目(MMJJ20180202)资助.
关键词
AES
杂凑函数
原像攻击
中间相遇攻击
AES
hash functions
preimage attacks
meet-in-the-middle attacks