对KATAN算法的相关密钥条件差分分析

Related-key Conditional Differential Cryptanalysis of KATAN

下载PDF

导出

摘要在2010年亚密会上,Simon Knellwolf和Willi Meier等人针对基于非线性移位寄存器设计的密码算法,提出了条件差分分析方法,随后Simon Knellwolf等人又结合相关密钥分析方法,分别攻击KATAN32/48/64算法到120轮、103轮、90轮.本文给出了一种更优的密钥差分选取算法,对原有的相关密钥条件差分分析方法进行了改进,使用该算法选取的初始密钥差分在利用明文差分和约束条件抵消后,能保证在最大的轮数内不会有新的密钥差分被引入移位寄存器,这样我们就能够在更多的轮数内对移位寄存器中差分的传递进行控制,使差分以较大偏差传递更远,进而攻击算法到更多的轮数.本文使用改进后的相关密钥条件差分分析方法,分别攻击KATAN32/48/64算法到122轮、104轮、92轮,并相应恢复出13、10、8比特密钥,攻击的计算复杂度均为233,所有的结果都能在一个可行的时间内通过实验得到. The concept of conditional differential cryptanalysis was applied to NLFSR-based cryptosystems by Simon Knellwolf etc. at ASIACRYPT 2010. Then, they presented attacks on 120, 103 and 90 rounds of 254-round KATAN32, KATAN48 and KATAN64, respectively. This paper presents a better key-difference selecting algorithm, which improves the original related-key conditional differential cryptanalysis. This algorithm can ensure that in the maximum number of rounds, no new key difference will be injected into the shift registers after the initial key difference being eliminated by the plaintext difference and conditions. In this way we can control the difference propagation in more rounds, enabling the difference propagate farther with larger bias. Using the new related-key conditional differential cryptanalysis method, we tried to attack 122, 104 and 92 rounds of KATAN32, KATAN48 and KATAN 64 respectively, recovering 13, 10 and 8 bits of key respectively. The computational complexity of the attacks is always 233 and all the results can be verified within practical time.

作者魏长河张少武

机构地区信息工程大学

出处《密码学报》 CSCD 2015年第3期197-206,共10页 Journal of Cryptologic Research

基金国家自然科学基金项目(61272041 61272488)

关键词 KATAN算法条件差分相关密钥非线性移位寄存器 KATAN conditional differential cryptanalysis key-recovery NLFSR

分类号 TN918.4 [电子电信—通信与信息系统]

引文网络
相关文献

参考文献11

1Eli Biham.New types of cryptanalytic attacks using related keys[J]. Journal of Cryptology . 1994 (4)
2Biham E,Shamir A.Differential Cryptanalysis of the Data Encryption Standard. . 1993
3De Canniere C.Trivium: A stream cipher construction inspired by block cipherdesign principles. Information Security . 2006
4De Canni’’ere,C,Dimkelman,O,Knezevi’’c,M.KATAN and KTANTAN—A family of Small and Efficient Hardware-Oriented Block Ciphers. CHES 2009 . 2009
5S. Knellwolf,W. Meier,M. Naya-Plasencia.Conditional Differential Cryptanalysis of Trivium andKATAN. Selected Areas in Cryptography . 2012
6S. Knellwolf,W. Meier,M. Naya-Plasencia.Conditional Differential Cryptanalysis of NLFSR-Based Cryptosystems. Advances in Cryptology-ASIACRYPT’’2010 . 2010
7Martin Hell,Thomas Johansson,Willi Meier.Grain a stream cipher for constrained environments. International Journal of Wireless and Mobile Computing . 2007
8Isobe T,Sasaki Y,Chen J.Related-Key Boomerang Attacks on KATAN32/48/64. Information Security and Privacy . 2013
9Robshaw M,Billet O.New stream cipher designs:The e STREAM finalists. . 2008
10Biham E,Dunkelman O.Differential cryptanalysis in stream ciphers. IACR Cryptology e Print Archive 2007 . 2007

共引文献2

1单进勇,胡磊,宋凌,孙思维,马小双.19轮RECTANGLE-80的相关密钥差分分析[J].密码学报,2015,2(1):54-65. 被引量：1
2刘爱森,王美琴,李艳斌.KATAN密码算法的相关密钥差分攻击[J].密码学报,2015,2(1):77-91. 被引量：2

1杨应弼.一类非线性移位寄存器状态图的圈结构[J].科学通报,1991,36(3):239-240.
2刘爱森,王美琴,李艳斌.KATAN密码算法的相关密钥差分攻击[J].密码学报,2015,2(1):77-91. 被引量：2
3马晓敏,杨义先,章照止.二进神经网络非线性移位寄存器的综合[J].电子学报,2000,28(1):70-73. 被引量：3
4邹宁.Linn Katan书架式音箱[J].视听技术,2004(10):47-48.
5穆道光,张文政.迭代立方攻击及其应用[J].计算机工程与应用,2014,50(19):99-102. 被引量：1
6许军进,尹克震.M序列反馈函数重量与项数的分析[J].杭州电子科技大学学报（自然科学版）,2007,27(1):24-28. 被引量：3
7林南.电子分频的神奇魔力 Linn(莲)Katan书架式音箱+Kolektor/LK85、LK140前后级放大器[J].视听技术,2005(2):46-49.
8王涛,黄嘉亮.一类具有最高代数免疫阶的非对称布尔函数构造及分析[J].计算机安全,2008(10):44-47.
9程平.平衡之美——Linn Katan音箱[J].消费电子,2003,0(Z1):72-75.
10丁明威,黄培中.光纤通信系统中扰码、解码器的设计与实现[J].电讯技术,1998,38(6):59-62.

密码学报

2015年第3期

浏览历史

内容加载中请稍等...

对KATAN算法的相关密钥条件差分分析

参考文献11

共引文献2

相关作者

相关机构

相关主题

浏览历史