摘要
2012年,Keccak在SHA-3算法竞赛中脱颖而出成为SHA-3算法标准.自此之后对Keccak算法的分析成为研究热点.本文探究的是对缩减轮Keccak杂凑函数的差分区分器攻击.在已有研究中,Sourav和Meier等提出了一种6轮的Keccak区分器,该区分器基于TDA算法、Double Kernel结构和Keccak内部置换的差分传播特性,得到的区分器复杂度为2^(52).本文在上述结果的基础上,首先改进了Willi Meier等提出的差分路径,得到了一个更优的6轮差分区分器,该结果为目前已知最好的6轮差分区分器,数据复杂度为2^(28);接着文章探究7轮的差分区分器,按照新的差分路径,文章得到了新的7轮差分区分器,但是因为在差分路径中Keccak内部函数的扩散作用,增大了得到该差分路径的数据复杂度.文章通过对于S盒性质的分析,提出了一种S盒控制技术,通过忽略一些对结果中的偏置位没有影响的S盒,能够很好地降低得到该区分器的数据复杂度,从而保证在7轮之后的输出中存在偏置位,得到了一个复杂度为2^(68)的7轮Keccak区分器.
The Keccak hash function is the winner of NIST's SHA-3 competition. The best cryptanalysis result for the differential distinguisher attack on the hash function settings of Keccak is a6 round distinguisher proposed by Sourav Das and Willi Meier, which is based on TDA algorithm,Double Kernel structure and differential propagation characteristics. This paper improves the result and obtains a 6-round distinguisher with the best known complexity of the same kind of distinguishers.Moreover, an S-Box control method is proposed, which finds out the influence of each active S-Box on the output difference. Combing the S-Box control method and the 6-round distinguisher mentioned above, a distinguisher on 7 rounds of Keccak hash function is found with complexity being 2^(68).
出处
《密码学报》
CSCD
2017年第5期431-446,共16页
Journal of Cryptologic Research
基金
国家自然科学基金项目(61373142)
国家重点研发计划(2017YFA0303903)
