33轮SHACAL-2的差分非线性攻击

doi:10.3969/j.issn.1001-2400.2010.01.018

J4 ›› 2010, Vol. 37 ›› Issue (1): 102-106+118.doi: 10.3969/j.issn.1001-2400.2010.01.018

33轮SHACAL-2的差分非线性攻击

韦永壮^1,2;胡予濮¹;陈杰^1,3

(1. 西安电子科技大学计算机网络与信息安全教育部重点实验室，陕西西安 710071；
2. 桂林电子科技大学信息与通信学院，广西桂林 541004；
3. 中国科学院软件研究所信息安全国家重点实验室，北京 100039)

收稿日期:2008-10-20 出版日期:2010-02-20 发布日期:2010-03-29
通讯作者: 韦永壮
作者简介:韦永壮(1976-)，男，桂林电子科技大学讲师，西安电子科技大学博士研究生，E-mail: walker_wei@msn.com．
基金资助:
国家自然科学基金资助项目(60673072);国家重点基础研究发展计划(“973”计划)基金资助项目(2007CB311201);国家部委科技重点实验室基金资助项目(9140C1107050806)

Differential-nonlinear attack on 33-round SHACAL-2

WEI Yong-zhuang^1,2;HU Yu-pu¹;CHEN Jie^1,3

(1. Ministry of Education Key Lab. of Computer Network and Information Security, Xidian Univ., Xi'an 710071， China;
2. School of Information and Communication, Guilin Univ. of Electronic Tech., Guilin 541004， China;
3. State Key Lab. of Information Security, Inst. of Software, Chinese Academy of Sci., Beijing 100039， China)

Received:2008-10-20 Online:2010-02-20 Published:2010-03-29
Contact: WEI Yong-zhuang

摘要/Abstract

摘要：

利用SHACAL-2的一个17轮差分非线性区分器，结合被猜测子密钥空间分割的方法和快速傅立叶变换，提出了一种攻击33轮SHACAL-2的新方法．该方法攻击33轮SHACAL-2需要2⁴⁴的选择明文、2^496.6的33轮SHACAL-2加密和2⁵⁰²次算术运算，攻击成功概率为99％．与已有的结果相比较，新攻击有效地提高了单密钥下SHACAL-2的攻击轮数．

关键词: 分组密码, 差分非线性攻击, SHACAL-2算法, 计算复杂度

Abstract:

Based on a 17-round differential-nonlinear distinguisher of the SHACAL-2 encryption algorithm, a novel attack on 33-round SHACAL-2 is proposed by guessed subkey space division and Fast Fourier Transform (FFT). Moreover, it is shown that differential nonlinear attack on 33-round SHACAL-2 requires a data complexity of about 2⁴⁴ chosen plaintexts, and a computational complexity of about 2^496.6 33-round SHACAL-2 encryptions and about 2⁵⁰² arithmetic operations. The success rate of this attack is about 0.99. Compared with previous results, this new attack effectively improves the numbers of attacked rounds of SHACAL-2 in a single key attack scenario.

Key words: block ciphers, differential-nonlinear attack, SHACAL-2, computational complexity

韦永壮;胡予濮;陈杰. 33轮SHACAL-2的差分非线性攻击[J]. J4, 2010, 37(1): 102-106+118.

WEI Yong-zhuang;HU Yu-pu;CHEN Jie. Differential-nonlinear attack on 33-round SHACAL-2[J]. J4, 2010, 37(1): 102-106+118.

参考文献

［1］NESSIE: New European Schemes for Signatures, Integrity and Encryption, Performance of Optimized Implementations of the NESSIE Primitives, Version 2.0 ［EB/OL］. ［2000-11-1］. https://www.cosic.esat.kuleuven.be/nessie/deliverables/D21-v2.pdf.
［2］Aoki K, Ichikawa T, Kanda M, et al. Camellia: a 128-bit Block Cipher Suitable for Multiple Platforms Design and Analysis ［C］//Proceedings of TACS 1997: LNCS 1281. Berlin: Springer-Verlag, 1997: 39-56.
［3］Matsui M. New Block Encryption Algorithm MISTY ［C］//Proceedings of FSE1997: LNCS1267. Berlin: Springer-Verlag, 1997: 54-68.
［4］Daemen J, Rijnmen V. The design of Rijndael AES: the Advanced Encryption Standard ［M］. 1st ed. Berlin: Springer-Verlag, 2002, 30-45.
［5］Handschuh H, Naccache D. SHACAL, NESSIE［EB/OL］. ［2001-6-1］. https://www.cosic.esat.kuleuven.be/nessie.
［6］National Institute of Standards and Technology. Federal Information Processing Standards Publication 180-1 (FIPS180-1) —Secure Hash Standard (SHA)［EB/OL］. ［1995-04-10］. http://csrc.nist.gov/publications/fips/fips180/fips-180.pdf.
［7］Lai Xuejia, Massey J-L, Murphy S. Markov Ciphers and Differential Cryptanalysis ［C］//Proceedings of EUROCRYPT1991: LNCS547. Berlin: Springer-Verlag, 1992: 17-38.
［8］Hong S, Kim J, Kim G, et al. Impossible Differential Attack 30-round SHACAL-2 ［C］//Proceedings of INDOCRYPT2003: LNCS2904. Berlin: Springer-Verlag, 2003: 97-106.
［9］Shin Y, Kim J, Kim G, et al. Differential-linear Type Attacks on Reduced Rounds of SHACAL-2 ［C］//Proceedings of ACISP2004: LNCS3108. Berlin: Springer-Verlag, 2004: 110-122.
［10］Kim J, Kim G, Lee S, et al. Related-key Attacks on Reduced Rounds of SHACAL-2 ［C］//Proceedings of INDOCRYPT2004: LNCS 3348. Berlin: Springer-Verlag, 2004: 175-190.
［11］Lu Jiqiang, Lee C, Kim G, et al. Related-key Attack on 42-round SHACAL-2 ［C］//Proceedings of ISC2006: LNCS 4176. Berlin: Springer-Verlag, 2006: 85-100.
［12］Lu Jiqiang, Kim J. Attacking 44 Rounds of the SHACAL-2 Block Cipher Using Related-key Rectangle Cryptanalysis ［J］. IEICE Trans. Fundamentals, 2008, 91(9): 2588-2596.
［13］Wang G. Related-key Rectangle Attack on 43-Round SHACAL-2 ［C］//Proceeding of ISPEC2007: LNCS 4464. Berlin: Springer-Verlag, 2007: 33-42.
［14］韦永壮,胡予濮. 42轮SHACAL-2的相关密钥矩形新攻击［J］. 通信学报, 2009, 30(1): 7-11.
Wei Yongzhuang, Hu Yupu. New Related-key Rectangle Attack on 42-round SHACAL-2 ［J］. Journal on Communication, 2009, 30(1): 7-11.
［15］刘景美, 赵林森, 王新梅. 一种具有最小实现代价的AES改进方法［J］. 西安电子科技大学学报, 2009, 36(1): 52-57.
Liu Jingmei, Zhao Linsen, Wang Xinmei. Improvement of AES with Minimal Implementation Complexity ［J］. Journal of Xidian University, 2009, 36(1): 52-57.
［16］钟名富, 胡予濮, 陈杰. 分组加密算法SMS4的14轮Square攻击［J］. 西安电子科技大学学报, 2008, 35(1): 105-109.
Zhong Mingfu, Hu Yupu, Chen Jie. Square Attack on the 14-round Block Cipher SMS4 ［J］. Journal of Xidian University, 2008, 35(1): 105-109.
［17］Collard B, Standaert, F-X. Quisquater J-J. Improving the Time Complexity of Matsui’s Linear Cryptanalysis ［C］//Proceeding of ICISC2007: LNCS 4817. Berlin: Springer-Verlag, 2007: 77-78.
［18］Kim T, Kim J, Hong S, Sung J. Linear and Differential Cryptanalysis of Reduced SMS4 Block Cipher ［EB/OL］. ［2008-05-08］. http://www.eprint.org/2008.
［19］季虎, 夏胜平, 郁文贤. 快速傅里叶变换算法概述［J］. 现代电子, 2001, 76 (3): 5-8.
Ji Hu, Xia Shengping, Yu Wenxian. Outline of Fast Fourier Transform Algorithm ［J］. Modern Electronics, 2001, 76(3): 5-8.

[1]	叶涛,韦永壮,李灵琛. KNOT认证加密算法的零和区分器分析[J]. 西安电子科技大学学报, 2021, 48(1): 76-86.
[2]	张政和,李逸洋,张林让,刘楠. 二维面阵子空间重构快速估计方法[J]. 西安电子科技大学学报, 2019, 46(3): 32-38.
[3]	魏悦川;潘晓中;戎宜生;王绪安. 对PRINCE分组密码的不可能差分攻击[J]. 西安电子科技大学学报, 2017, 44(1): 119-124.
[4]	洪银芳;李晖;王新梅. 一种改进的Polar码的BP译码算法[J]. 西安电子科技大学学报, 2016, 43(4): 39-44.
[5]	罗芳;周学广;欧庆于. 对LBlock算法的多重零相关线性分析[J]. J4, 2014, 41(5): 173-179.
[6]	田心记;倪水平;宋成;赵伟. 一种改进的广义正交空时分组码[J]. J4, 2012, 39(4): 161-166.
[7]	李学远;王新梅. 广义可调加密方案[J]. J4, 2009, 36(4): 686-690.
[8]	陈杰;胡予濮;张跃宇. 用不可能差分法分析17轮SMS4算法 [J]. J4, 2008, 35(3): 455-458.
[9]	钟名富;胡予濮;陈杰. 分组加密算法SMS4的14轮Square攻击 [J]. J4, 2008, 35(1): 105-109.
[10]	刘锋;庄奕琪;代国定. 一种计算复杂度可调整的块匹配运动估计算法[J]. J4, 2005, 32(6): 901-906.
[11]	陈杰;胡予濮;韦永壮. 一种快速构造降次函数的新算法[J]. J4, 2005, 32(5): 790-793.
[12]	李赞1;蔡觉平2;金力军1;常义林1. 基于3DES的跳频序列族构造方法的VLSI实现[J]. J4, 2004, 31(4): 501-504.
[13]	韦宝典1;2;刘景伟;1王新梅1. NESSIE分组密码及其安全性分析[J]. J4, 2004, 31(3): 377-382.
[14]	李赞;金力军;常义林. 利用3DES的迭代型分组密码构造跳频码序列[J]. J4, 2002, 29(3): 411-415.
[15]	暂时无作者信息. 域Fqn上的一类仿射置换[J]. J4, 2001, 28(6): 828-831.

33轮SHACAL-2的差分非线性攻击

Differential-nonlinear attack on 33-round SHACAL-2

PDF (PC)

赞

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

Metrics

本文评价

推荐阅读 0