KATAN密码算法的相关密钥差分攻击被引量：2

Related-Key Differential Cryptanalysis of KATAN Family

下载PDF

导出

摘要 KATAN系列密码算法是基于非线性反馈移位寄存器的分组密码算法,最初在CHES2009上发表.按照分组长度,该算法分为三类:KATAN32,KATAN48和KATAN64.这三个算法使用相同的密钥生成算法,密钥长度均为80比特,非线性函数和加密轮数均相同.本文就是利用了相关密钥条件差分分析的方法,通过KATAN系列算法生成的密钥序列的特性来确定密钥差分,通过控制条件获得相应的明文差分,确定差分路径之后,采用了猜测密钥回推验证的方法,从而使得KATAN32、KATAN48、KATAN64相关密钥差分攻击的轮数分别提高到158轮、140轮和126轮.该攻击与Isobe等人提出的飞去来去器攻击在轮数上不占优势,但本文的攻击需求较少的数据量和存储空间. The KATAN family of block ciphers based on NLFSR are first published at CHES 2009. It contains three settings, namely KATAN32, KATAN48 and KATAN64. All of the cipher settings in the KATAN family share the same key schedule, which use an 80-bit master key, as well as the same nonlinear functions and encryption rounds. In this paper, we use conditional differential cryptanalysis to analyze the KATAN family in the related-key scenario. We get the differences of plaintext by imposing conditions on the public variables of the ciphers with the characteristic of key sequence. For the KATAN family, we guess the key of following rounds through whether it changes the disadvantage of the differential path. Finally, we obtain key-recovery attacks on 158,140 and 126 of 254 rounds of KATAN32, KATAN48 and KATAN64, respectively. Compared with the Isobe's attack results, our attack requires less data and memory, while having the same number of rounds.

作者刘爱森王美琴李艳斌

机构地区山东大学密码技术与信息安全教育部重点实验室

出处《密码学报》 CSCD 2015年第1期77-91,共15页 Journal of Cryptologic Research

基金国家重点基础研究发展项目(973计划)(2013CB834205) 国家自然科学基金项目(61133013 61103237) 教育部新世纪优秀人才支持计划(NCET-13-0350) 山东大学交叉学科基金项目(2012JC018)

关键词 KATAN密码算法相关密钥攻击条件差分分析 KATAN related-key attack conditional differential cryptanalysis

分类号 TN918.4 [电子电信—通信与信息系统]

引文网络
相关文献

参考文献7

1De Canni’’ere,C,Dimkelman,O,Knezevi’’c,M.KATAN and KTANTAN—A family of Small and Efficient Hardware-Oriented Block Ciphers. CHES 2009 . 2009
2Albrecht,M.R,Leander,G.An All-in-one Approach to Differential Crypt-analysis for Small Block Ciphers. SAC 2012 . 2013
3S. Knellwolf,W. Meier,M. Naya-Plasencia.Conditional Differential Cryptanalysis of Trivium andKATAN. Selected Areas in Cryptography . 2012
4Bogdanov A,Rechberger C.A3-subset meet-in-the-middle attack: cryptanalysis of thelightweight block cipher KTANTAN. Selected Areas in Cryptography . 2011
5S. Knellwolf,W. Meier,M. Naya-Plasencia.Conditional Differential Cryptanalysis of NLFSR-BasedCryptosystems. ASIACRYPT2010 . 2010
6Isobe T,Sasaki Y,Chen J.Related-Key Boomerang Attacks on KATAN32/48/64. Information Security and Privacy . 2013
7Isobe T,Shibutani K.All subkeys recovery attack on block ciphers:extending meet-in-the-middle approach. Selected Areas in Cryptography—SAC 2013 . 2013

共引文献1

1魏长河,张少武.对KATAN算法的相关密钥条件差分分析[J].密码学报,2015,2(3):197-206.

同被引文献14

1张政馗,庞为光,谢文静,吕鸣松,王义.面向实时应用的深度学习研究综述[J].软件学报,2020(9):2654-2677. 被引量：33
2Wu W, Zhang L. LBlock : A Lightweight Block Cipher. In Proceedings of ACNS 2011 [ M ]. Berlin : Springer,2011:327 - 344.
3Suzaki T, Minematsu K, Morioka S, et al. TWINE: A Lightweight Block Cipher for Multiple Platforms. In: Knudsen, L. R. , Wu, H. (eds.) SAC 2012. LNCS, 2012, 7707: 339- 554.
4Guo J, Peyrin T, Poschmann A,et al. The LED Block Cipher. Cryptographic Hardware and Embedded Systems - CHES 2011 Lecture Notes in Computer Science, 2011,6917 : 326 - 341.
5Bogdanov A A, Knudsen L R, Leander G,et al. PRESENT: An Ultra- Lightweight Block Cipher. In: Paillier, P. , Verbauwhede, I. (eds.) CHES 2007, LNCS, 2007,4727: 450-466.
6Shibutani K, Isobe T, Hiwatari H, et al. Piccolo : An Ultra - Lightweight Block cipher. Cryptographic Hardware and Embedded Systems - CHES 2011 Lecture Notes in Computer Science, 2011,6917:342 - 357.
7Hong D, Sung J, Hong S,et al. HIGHT:A New Block Cipher Suitable for Low - Resource Device. In: Goubin, L. , Matsui, M. (eds.) CHES 2006, LNCS, 2006, 4249:46 - 59.
8Andrey Bogdanov, Christian Rechberger. A 3 - subset meet - in - the - middle attack : Cryptanalysis of the lightweight block cipher KTANTAN [A]. SAC 2010, LNCS 6544[C]. Berlin: Springer-Verlag, 2010:229-240.
9Lei Wei, Christian Rechberger, Jian Guo. Improved Meet - in - the - Middle - cryp - tanalysis of KTANTAN [ A]. ACISP 2011, LNCS 6812 [ C ]. Berlin : Springer - Vertag, 2011:433 - 438.
10Diffie W,Hellman M. Exhaustive cryptanalysis of the NBS data encryption standard [ J~. Computer, 1977, 10(6) :74 -84.

引证文献2

1陈万朴,张文英,李梦竹.对 KTANTAN32的单密钥中间相遇代数攻击[J].山东师范大学学报（自然科学版）,2016,31(1):48-52.
2林东东,李曼曼,陈少真.基于神经区分器的KATAN48算法条件差分分析方法[J].计算机应用,2023,43(8):2462-2470.

1魏长河,张少武.对KATAN算法的相关密钥条件差分分析[J].密码学报,2015,2(3):197-206.
2王君碧.用非线性反馈移位寄存器实现脉冲发生器数字化[J].电子测量技术,1990,13(4):38-42.
3锋客网NovaDNG.一起来吃Kit Kat 开发者谈Android4.4[J].商业故事（数字通讯）,2013(23):108-110.
4张文英,刘祥忠.对基于NLFSR分组密码KTANTAN32的相关密钥中间相遇代数攻击[J].电子学报,2012,40(10):2097-2100. 被引量：4
5詹英杰,关杰,丁林,张中亚.对简化版LBLock算法的相关密钥不可能差分攻击[J].电子与信息学报,2012,34(9):2161-2166. 被引量：14
6松下电器(中国)有限公司松下电器2008年度“新时代真高清”大型巡回推广活动[J].电视工程,2008(1):62-62.
7从奥运到无线城市联信永益WLAN系列全面升级[J].通信世界,2008(2).
8邹宁.Linn Katan书架式音箱[J].视听技术,2004(10):47-48.
9audio-technica（铁三角）ATH-FW33[J].家庭影院技术,2011(2):9-9.
10鲍建成.基于移动自组网的组播安全研究[J].硅谷,2008,1(21):52-52.

密码学报

2015年第1期

浏览历史

内容加载中请稍等...

KATAN密码算法的相关密钥差分攻击被引量：2

参考文献7

共引文献1

同被引文献14

引证文献2

相关作者

相关机构

相关主题

浏览历史

KATAN密码算法的相关密钥差分攻击 被引量：2

参考文献7

共引文献1

同被引文献14

引证文献2

相关作者

相关机构

相关主题

浏览历史

KATAN密码算法的相关密钥差分攻击被引量：2