摘要
RECTANGLE是最近提出来基于bit-slice技术的可在多个平台快速实现的轻量级分组密码.它采用的是SPN结构,分组长度为64比特,密钥长度为80或128比特,迭代轮数为25轮.到目前为此,针对RECTANGLE算法的分析很少,其中包括算法设计者给出的18轮差分攻击.对于特定的输入、输出和轮子密钥差分,本文找出了所有活跃S盒个数为26-30的15轮相关密钥差分特征,总的差分概率为2-60.5.利用这些差分特征,我们将相应的差分区分器分别向前和向后扩展两轮,提出了19轮的相关密钥差分攻击,其中数据复杂度为262,时间复杂度为270,内存复杂度为272.数据和时间复杂度都低于设计者给出的18轮攻击.
RECTANGLE is a newly proposed lightweight block cipher which allows fast implementations for multiple platforms by using bit-slice techniques. It is an iterative 25-round SPN structured block cipher with a 64-bit block size and a 80-bit or 128-bit key size. So far, there are few results about the analysis of the cipher, including an attack proposed by the designers themselves on the 18-round reduced version. In this paper, we found all the 15-round differential characteristics with 26-30 active S-boxes for some specific input, output and round subkey differences, the overall probability of differential is 2-60.5. Based on these differential characteristics, we extend the corresponding differential distinguisher to 2 rounds backward and forward respectively, and propose an attack on the 19-round reduced RECTANGLE-80 with data complexity of 262 plaintexts, time complexity of about 270 encryptions and memory complexity of 272. These data and time complexities are lower than those of the designers for the 18-round reduced RECTANGLE-80.
出处
《密码学报》
CSCD
2015年第1期54-65,共12页
Journal of Cryptologic Research
基金
国家重点基础研究发展项目(973计划)(2013CB834203)
国家自然科学基金项目(61472417
61402469
61472415)
