分组密码TWIS的三子集中间相遇攻击
上传者:金士良|上传时间:2015-04-22|密次下载
分组密码TWIS的三子集中间相遇攻击
?35??6? 2014?6?
? ? ? ?
Journal on Communications
Vol.35 No. 6 June 2014
doi:10.3969/j.issn.1000-436x.2014.06.023
????TWIS???▊Ё?????
???ē???
(?????? ?ˊ?┦??? 100083)
? ??????????TWIS??????????????▊Ё?????????Щ???????10?TWIS???TWIS?????ЩЁ????┻????┉??????62 bit???????????????10?TWIS??62 bit?????????245????????????????????????????TWIS???▊Ё???????????? ?????????TWIS?Ё?????????
Ё?????TP309 ??????A ?????1000-436X(2014)06-0180-05
3-subset meet-in-the-middle attack on block cipher TWIS
ZHENG Ya-fei,??WEI Hong-ru??
(School of Mathematics and Physics, University of Science and Technology Beijing, Beijing 100083, China)
Abstract: To do further analysis of the security of lightweight block cipher TWIS, 3-subset meet-in-the-middle attack was applied to 10-round TWIS without the final whitening. Based on the weakness in the key schedule of TWIS?its ac-tual key size was only 62-bit and the confusion speed of the initial key was rather slow, the time complexity to recover the whole 62-bit key of 10-round TWIS was 245, and the data complexity was low enough with only one known plain-text-ciphertext pair. The result shows that block cipher TWIS is not secure under 3-subset meet-in-the-middle attack. Key words: block cipher; TWIS; meet-in-the-middle attack; complexity
1 ??
TWIS??Ojha???2009?????????????[1]???????CLEFIA[2]????НFeistel???????????????????128 bit??????10?????????????????????Su Bozhan???????????????????10??????????10?TWIS??????????[3]?╓??Onur Kocak ?Nese Oztop???TWIS???????????????10??TWIS???12 bit????????????221????9.5???????????????????TWIS??┉??????62 bit??????????
128 bit[4]?
Ё?????(meet-in-the-middle attack)?Diffie?Hellman?1977???DES??????[5]???????????????????????????????????????????Ё???????????????Ё????????????????Щ?????????????????????Ё???????????DES?AES?Keeloq?????????????Ё?????????????[6~10]?
?????Ё?????????????????????????▊Ё????????▊Ё??????Andrey Bogdanov????
?????2013-03-05??????2013-11-20
??-????????????-??61272476??????????????????????-??2012?
Foundation Items: The National Natural Science Foundation of China (61272476); The Oriented Award Foundation for Science and Technological Innovation, Inner Mongolia Autonomous Region (2012)
?6? ?▉???????TWIS???▊Ё????? g181g
??????KTANTAN[11]??????Ё????????????▊????????????????????Ё???????????????▊Ё??????????KTANTAN32?KTANTAN48????????????3/2??????????????275.044
/ 275.584[12]???▊Ё???????????Ё???????????????Ё???????????Gautham Sekar???XTEA????????[13]?
??????????TWIS???????┻???Щ????????10?TWIS????▊Ё?????????┉??62 bit???????????245?
??????????????????????TWIS???????▊Ё???????????????????????TWIS???????????
2 ????TWIS??
2.1 ????
A(l)?A????l bit?
<<<i??????i bit? >>>j??????j bit? A⊕B?A?B???????? A∧B?A?B?????? |A|?▊?AЁ??????
?i,j??i???j???????
2.2 ????TWIS
TWIS?????????????????????128 bit??????2-????НFeistel????????10??????????32 bit??P(128)=(P0,P1,P2,P3)??128 bit?????C(128)=(C0,C1,C2,C3)??128 bit?????RKi(i=0,1,??,10)???????TWIS????
???
(T0,T1,T2,T3)=(P0⊕RK0,P1,P2,P3⊕RK1)
fori=1to10do
(X0,X1)=G(RKi?1,T0,T1)
T2=X0⊕T2T3=X1⊕T3
T1=T1<<<8
T3=T3>>>1
(T0,T1,T2,T3)=(T2,T3,T0,T1)(X0,X1)=G(RKi,T0,T3)
T1=X0⊕T1T2=X1⊕T2
T2=T2>>>1T3=T3<<<8endfor
(C0,C1,C2,C3)=(T0⊕RK2,T1,T2,T3⊕RK3)
?Ё????G????3?32 bit??????2?32 bit?????32 bit???????2?32 bit????
G(RK,X0,X1)=(Y0,Y1)
Y1=X1⊕F(RK,X0)
Y0=X1
F???????????????????
????????????????????[1]?
TWIS?????????Щ?128 bit?????K??11?32 bit????RKi(i=0,1,??,10)??ЁRK0?RK1????????RK2?RK3?????????
?????????????
K=(k1,k2,??,k16)fori=1to11doK=K<<<3 k1=S(k1∧0x3f)k
15=S(k15∧0x3f)k16=k16⊕i
RKti?1=M(k13k14k15k16)tend
?Ё?S?F??Ё???S????M??????
3 ??▊Ё???????
??▊Ё??????Ё????????
??????????????▊??????????????????????Ё?????????????2?????????▊??????▊Ё?????????????3????▊??
??1????l??????K=k0k1??kl?1????????НK1={ki|????1,α?????▊?}?K2= {ki:????R?β+1,R?????▊
?}?A0=K1∩K2???????1?α??R?β+1,R?????▊???A1=K1\K1∩K2?A2=K2\K1∩K2?????1,α??R?β+1,RЁ???
??▊????K=K1∪K2?
g182g ? ? ? ? ?35?
内容需要下载文档才能查看?В???????????????????(P,C)??Ё??????v’?u’????????b?????????b????????????????????????┨2b??????????2l?m?b??????????????????????????
?????????
2l?m+2l?m?b+2l?m?2b+??
?1 ??▊Ё?????
?R?β+1=α????▊Ё????????Ё??????
??▊Ё??????????2??????????▊Ё???????????????????????????????????????????????
??????▊Ё??????
?(P,C)?????????A0???????
1) ??A1Ё???????????v=?1?α(P)?
?????????▊Ё???????????????
2|A0|(2|A1|+2|A2|)+(2l?m+2l?m?b+2l?m?2b+??) ?????▊????Ё???|A1|+|A2|>2?
???????В????????? ???????????????l/b????????????????????????????????????????????l?????b??DC=??l/b???
2) ??A2Ё???????????
?1
u=?R?β+1?R(C)?
3) ????Ё????????v?u??????????????????????????v’?????u’?m(1?m?b)??????m??????????m??????????????????????????????2?m???????????????2l?m?
?????????
4 TWIS???▊Ё?????
TWIS?????????????128 bit???????????Щ??????????????3 bit????????24 bit??????????????????????????┉??????62 bit???Щ?????????????????????????
???????????????????????Щ????????10?TWIS???
2|A0|(2|A1|+2|A2|)
???????????????????
?1
?? ???? i=1 i=2 i=3 i=4 i=5 i=6 i=7 i=8 i=9 i=10 ????
TWIS?????
RKi?1
{k0,k1,k2,k99,k100,??,k127} {k0,k1,k2,k99,k100,??,k127} {k0,k1,??,k5,k102,k103,??,k127} {k0,k1,??,k8,k105,k106,??,k127} {k0,k1,??,k11,k108,k109,??,k127} {k0,k1,??,k14,k111,k112,??,k127} {k0,k1,??,k17,k114,k115,??,k127} {k0,k1,??,k20,k117,k118,??,k127} {k0,k1,??,k23,k120,k121,??,k127} {k0,k1,??,k26,k123,k124,??,k127}
{k0,k1,??,k29,k126,k127} {k0,k1,??,k8,k105,k106,??,k127}
RKi
{k0,k1,??,k5,k102,k103,??,k127} {k0,k1,??,k5,k102,k103,??,k127} {k0,k1,??,k8,k105,k106,??,k127} {k0,k1,??,k11,k108,k109,??,k127} {k0,k1,??,k14,k111,k112,??,k127} {k0,k1,??,k17,k114,k115,??,k127} {k0,k1,??,k20,k117,k118,??,k127} {k0,k1,??,k23,k120,k121,??,k127} {k0,k1,??,k26,k123,k124,??,k127}
{k0,k1,??,k29,k126,k127}
{k1,k2,??,k32}
{k0,k1,??,k11,k108,k109,??,k127}
?6? ?▉???????TWIS???▊Ё????? g183g
?▊Ё?????? 4.1 ?????
??▊Ё???????TWIS????????????????Ё??????????????TWIS???▊Ё???????????????????????TWIS?????Щ???????????????1???
???????????????????TWIS???????????128 bit???┉?????????62 bit??????????Ё??????????{k0,k1,??,k32,k99,k100,??,k127}?62 bit????66 bit???????TWIS??В??????2128┑?262???┉?????K′={k0,k1,??,k32,k99,k100,??,k127}? 4.2 10?TWIS???▊Ё?????
?TWIS?┉????l=62????????▊Ё??????????????┑??
??????????Щ?????????????????????
??0???4????????????▊??{k0,k1,??,k14,k99,k100,??,k127}?????┉???18???▊??{k15,k16,??,k31,k32}?
??7???10????????????
▊??{k0,k1,??,k32,k117,k118,??,k127}?????┉???18??▊??{k99,k100,??,k115,k116}? ??TWIS??????2????????
?3?Ё???▊Ё????????????????α=4?β=7?????┉???????3??▊?A0?A1?A2???????
Kÿ={k0,k1,??,k32,k99,k100,??,k127} Kÿ
1=K\{k15,k16,??,k31,k32}
={k 0,k1,??,k14,k99,k100,??,k127}Kÿ
2=K\{k99,k100,??,k115,k116}
={k
0,k1,??,k32,k117,k118,??,k127}A0=K1∩K2={k0,k1,??,k14,k117,k118,??,k127}
A1=K1\A0={k99,k100,??,k116} A2=K2\A0={k15,k16,??,k32} |A1|=|A2|=18,|A0|=26
??????????10?TWIS???▊Ё????????????????????????
????????(P,C)??A260?2????? 1) ??A181Ё?????2???????
v=?1,4(P)?
2) ??A2Ё?????218???????
u=??1
7,10(C)?
3) ???5??Ё??????
???5???v’?u’?????????2????Ё???????????A1?A2???????????????v’?u’??????????32??????????32????????????????????????2?32?
??????????226(218+218)=245?
内容需要下载文档才能查看 内容需要下载文档才能查看 内容需要下载文档才能查看
?2 Ё?????
?????В????2l?m=230?????????????(P,C)????v’?u’??????128 bit???????128 bit????????????????????????2?128?????????????v’=u’????????
?????????
2l?m+2l?m?b+2l?m?2b+??
=230+2?98+??
≈230
?????????TWIS????????
g184g ? ? ? ? ?35?
?????????????????????? 4.3 ?????
???3?Ё???▊Ё????????????????10?TWIS?┉??62 bit???????????
2|A0|(2|A1|+2|A2|)+2l?m+2l?m?b+??
=226(218+218)+230+2?98
+??
≈245
??????DC=??l??62?
?b??=??128??
=1?
5 ???
??2?????TWIS???????ЩЁ????┻???????Щ??????10?TWIS?????▊Ё?????????┉?????62 bit?????????????????????????245
????????Щ??????10?TWIS???????▊Ё??????????????[4]ЁOnur Kocak??????10?TWIS??????
?2
TWIS???????
?? ?? ????? ?????? ???
?? ???? ?? 10 62 245 1
??▊MITM
??[4]
10
12
2
21
2
21
????
?????
[1] OJHA S K, KUMAR N, JAIN K. TWIS–a lightweight block cipher[A].
Information Systems Security[C]. Berlin: Springer Heidelberg, 2009.280-291.
[2] SHIRAI T, SHIBUTANI K, AKISHITA T, et al. The 128 bit block
cipher CLEFIA[A]. Fast Software Encryption[C]. Berlin: Springer Heidelberg, 2007.181-195.
[3] SU B Z, WU W L, ZHANG L, et al. Full-round differential attack on
TWIS block cipher[A]. Information Security Applications[C]. Berlin: Springer Heidelberg, 2011.234-242.
[4] KOCAK O, OZTOP N. Cryptanalysis of TWIS block cipher[A]. Re-search in Cryptology[C]. Berlin: Springer Heidelberg, 2012.109-121.
[5] DIFFIE W, HELLMAN M E. Special feature exhaustive cryptanalysis
of the NBS data encryption standard[J]. Computer, 1977, 10(6): 74-84. [6] CHAUM D, EVERTSE J H. Cryptanalysis of DES with a reduced
number of rounds[A]. Cryptology-CRYPTO’85 Proceedings[C]. Ber-lin: Springer Heidelberg, 1986.192-211.
[7] DEMIRCI H, SELCUK A A. A meet-in-the-middle attack on 8-round
AES[A]. Fast Software Encryption[C]. Berlin: Springer Heidelberg, 2008.116-126.
[8] DEMIRCI H, TASKM ?, COBAN M, et al. Improved meet-in-the-
middle attacks on AES[A]. Progress in Cryptology- INDOCRYPT 2009[C]. Berlin: Springer Heidelberg, 2009.144-156.
[9] DUNKELMAN O, SEKAR G, PRENEEL B. Improved meet-in-the-
middle attacks on reduced-round DES[A]. Progress in Cryptology– INDOCRYPT 2007[C]. Berlin: Springer Heidelberg, 2007.86-100. [10] INDESTEEGE S, KELLER N, DUNKELMAN O, et al. A practical
attack on keeloq[A]. Cryptology-EUROCRYPT 2008[C]. Berlin: Springer Heidelberg, 2008.1-18.
[11] DE C C, DUNKELMAN O, KNEZEVIC M. KATAN and KTAN-TAN—a family of small and efficient hardware-oriented block ci-phers[A]. Cryptographic Hardware and Embedded Systems-CHES 2009[C]. Berlin: Springer Heidelberg, 2009.272-288.
[12] BOGDANOV A, RECHBERGER C. A 3-subset meet-in-the-middle
attack: cryptanalysis of the lightweight block cipher KTANTAN[A]. Selected Areas in Cryptography[C]. Berlin: Springer Heidelberg, 2011.229-240.
[13] SEKAR G, MOUHA N, VELICHKOV V, et al. Meet-in-the-middle
attacks on reduced-round XTEA[A]. Topics in Cryptology–CT-RSA 2011[C]. Berlin: Springer Heidelberg, 2011.250-267.
?????
内容需要下载文档才能查看
?▉??1988-???????????????????????????????
内容需要下载文档才能查看
????1963-????┙???????????????????????????????????????????
下载文档
热门试卷
- 2016年四川省内江市中考化学试卷
- 广西钦州市高新区2017届高三11月月考政治试卷
- 浙江省湖州市2016-2017学年高一上学期期中考试政治试卷
- 浙江省湖州市2016-2017学年高二上学期期中考试政治试卷
- 辽宁省铁岭市协作体2017届高三上学期第三次联考政治试卷
- 广西钦州市钦州港区2016-2017学年高二11月月考政治试卷
- 广西钦州市钦州港区2017届高三11月月考政治试卷
- 广西钦州市钦州港区2016-2017学年高一11月月考政治试卷
- 广西钦州市高新区2016-2017学年高二11月月考政治试卷
- 广西钦州市高新区2016-2017学年高一11月月考政治试卷
- 山东省滨州市三校2017届第一学期阶段测试初三英语试题
- 四川省成都七中2017届高三一诊模拟考试文科综合试卷
- 2017届普通高等学校招生全国统一考试模拟试题(附答案)
- 重庆市永川中学高2017级上期12月月考语文试题
- 江西宜春三中2017届高三第一学期第二次月考文科综合试题
- 内蒙古赤峰二中2017届高三上学期第三次月考英语试题
- 2017年六年级(上)数学期末考试卷
- 2017人教版小学英语三年级上期末笔试题
- 江苏省常州西藏民族中学2016-2017学年九年级思想品德第一学期第二次阶段测试试卷
- 重庆市九龙坡区七校2016-2017学年上期八年级素质测查(二)语文学科试题卷
- 江苏省无锡市钱桥中学2016年12月八年级语文阶段性测试卷
- 江苏省无锡市钱桥中学2016-2017学年七年级英语12月阶段检测试卷
- 山东省邹城市第八中学2016-2017学年八年级12月物理第4章试题(无答案)
- 【人教版】河北省2015-2016学年度九年级上期末语文试题卷(附答案)
- 四川省简阳市阳安中学2016年12月高二月考英语试卷
- 四川省成都龙泉中学高三上学期2016年12月月考试题文科综合能力测试
- 安徽省滁州中学2016—2017学年度第一学期12月月考高三英语试卷
- 山东省武城县第二中学2016.12高一年级上学期第二次月考历史试题(必修一第四、五单元)
- 福建省四地六校联考2016-2017学年上学期第三次月考高三化学试卷
- 甘肃省武威第二十三中学2016—2017学年度八年级第一学期12月月考生物试卷
网友关注
- 中药制剂技术课程整体设计介绍
- 妇产科 宫颈刮片脱落细胞检查结果分析
- 中医养生五大误区
- 拨针微创术术后注意事项
- 中华核医学杂志投稿须知
- 免疫学在妇产科领域中的应用:(十)免疫不育与免疫避孕和精子抗原的关系
- 理工学院妇产科护理学重难点解析与期末复习BBS讨论小结
- [指南]临床监查员(CRA)角色总结
- 下载- 杭州卓昌贸易有限公司--从事临床心理学、康复理疗针灸医疗设备
- 【特种医学】核医学七年制
- 中医养生馆模式为何受保健品行业青睐
- 法医学
- 妇产科护理学教学方法思路
- 第二章常见心理障碍的识别080102
- 《妇产科学》教学大纲(临床医学专业:本科)
- 健康饮食、运动与体检
- 【特种医学】骨骼系统
- 药事管理8第八章中药管理
- 罕见的癫痫相关低级别脑肿瘤的病理学诊断
- 赵向超-针刀医学讲座
- 解决老年兽医老有所养问题实施方案
- 《法医学》习题B
- 5款药膳贫血患者必吃
- 斑釉的概述及护理方法
- 大学生心理卫生常识和心理咨询基础知识
- 女性健康与营养
- 什么是巴布贴
- 【doc】2009-2011年玉林妇幼分娩新生儿出生低体重儿状况
- 温针灸联合拔罐治疗原发性痛经的治疗
- 法医学
网友关注视频
- 小学英语单词
- 沪教版八年级下册数学练习册一次函数复习题B组(P11)
- 【部编】人教版语文七年级下册《老山界》优质课教学视频+PPT课件+教案,安徽省
- 沪教版牛津小学英语(深圳用) 四年级下册 Unit 3
- 第19课 我喜欢的鸟_第一课时(二等奖)(人美杨永善版二年级下册)_T644386
- 化学九年级下册全册同步 人教版 第22集 酸和碱的中和反应(一)
- 七年级英语下册 上海牛津版 Unit3
- 沪教版牛津小学英语(深圳用) 六年级下册 Unit 7
- 8.对剪花样_第一课时(二等奖)(冀美版二年级上册)_T515402
- 二年级下册数学第一课
- 冀教版小学数学二年级下册第二周第2课时《我们的测量》宝丰街小学庞志荣
- 外研版英语三起6年级下册(14版)Module3 Unit2
- 北师大版数学四年级下册3.4包装
- 沪教版八年级下册数学练习册21.4(1)无理方程P18
- 七年级下册外研版英语M8U2reading
- 【部编】人教版语文七年级下册《过松源晨炊漆公店(其五)》优质课教学视频+PPT课件+教案,辽宁省
- 沪教版八年级下次数学练习册21.4(2)无理方程P19
- 二次函数求实际问题中的最值_第一课时(特等奖)(冀教版九年级下册)_T144339
- 人教版历史八年级下册第一课《中华人民共和国成立》
- 【部编】人教版语文七年级下册《泊秦淮》优质课教学视频+PPT课件+教案,天津市
- 每天日常投篮练习第一天森哥打卡上脚 Nike PG 2 如何调整运球跳投手感?
- 沪教版牛津小学英语(深圳用) 五年级下册 Unit 10
- 沪教版八年级下册数学练习册21.3(3)分式方程P17
- 冀教版小学英语四年级下册Lesson2授课视频
- 【部编】人教版语文七年级下册《老山界》优质课教学视频+PPT课件+教案,安徽省
- 外研版英语七年级下册module3 unit2第二课时
- 北师大版数学 四年级下册 第三单元 第二节 小数点搬家
- 8 随形想象_第一课时(二等奖)(沪教版二年级上册)_T3786594
- 外研版英语三起5年级下册(14版)Module3 Unit2
- 冀教版小学数学二年级下册1
精品推荐
- 2016-2017学年高一语文人教版必修一+模块学业水平检测试题(含答案)
- 广西钦州市高新区2017届高三11月月考政治试卷
- 浙江省湖州市2016-2017学年高一上学期期中考试政治试卷
- 浙江省湖州市2016-2017学年高二上学期期中考试政治试卷
- 辽宁省铁岭市协作体2017届高三上学期第三次联考政治试卷
- 广西钦州市钦州港区2016-2017学年高二11月月考政治试卷
- 广西钦州市钦州港区2017届高三11月月考政治试卷
- 广西钦州市钦州港区2016-2017学年高一11月月考政治试卷
- 广西钦州市高新区2016-2017学年高二11月月考政治试卷
- 广西钦州市高新区2016-2017学年高一11月月考政治试卷
分类导航
- 互联网
- 电脑基础知识
- 计算机软件及应用
- 计算机硬件及网络
- 计算机应用/办公自动化
- .NET
- 数据结构与算法
- Java
- SEO
- C/C++资料
- linux/Unix相关
- 手机开发
- UML理论/建模
- 并行计算/云计算
- 嵌入式开发
- windows相关
- 软件工程
- 管理信息系统
- 开发文档
- 图形图像
- 网络与通信
- 网络信息安全
- 电子支付
- Labview
- matlab
- 网络资源
- Python
- Delphi/Perl
- 评测
- Flash/Flex
- CSS/Script
- 计算机原理
- PHP资料
- 数据挖掘与模式识别
- Web服务
- 数据库
- Visual Basic
- 电子商务
- 服务器
- 搜索引擎优化
- 存储
- 架构
- 行业软件
- 人工智能
- 计算机辅助设计
- 多媒体
- 软件测试
- 计算机硬件与维护
- 网站策划/UE
- 网页设计/UI
- 网吧管理