【摘要】：隨著計(jì)算機(jī)以及互聯(lián)網(wǎng)技術(shù)的普及,信息安全越來(lái)越得到人們的重視,密碼學(xué)作為信息安全的基石,也越來(lái)越得到人們的廣泛關(guān)注。分組密碼的研究是當(dāng)今密碼學(xué)研究的一個(gè)重要領(lǐng)域,分組密碼一般采用迭代結(jié)構(gòu),運(yùn)行速度快且易于實(shí)現(xiàn),因此廣泛運(yùn)用于各種軟硬件安全系統(tǒng)。分組密碼有多種結(jié)構(gòu),例如SPN結(jié)構(gòu),Feitesl結(jié)構(gòu)等,Present算法,Lbock算法就是SPN結(jié)構(gòu)和Festiel結(jié)構(gòu)的代表算法,Present算法是A.Bogdanov等在CHES2007上提出的一種SPN(Substitution Permutation Network)的結(jié)構(gòu)的超輕量級(jí)加密算法,一共將會(huì)進(jìn)行31輪,明密文長(zhǎng)度都是64bit,密鑰有兩種選擇分別是80bit和128bit兩個(gè)版本,主要是適用于資源受限的環(huán)境。由于其簡(jiǎn)單且高效,在物聯(lián)網(wǎng)和射頻識(shí)別技術(shù)(RFID)中得到廣泛的應(yīng)用。Lblock密碼算法是在2011年應(yīng)用密碼學(xué)網(wǎng)絡(luò)安全會(huì)議上提出的輕量級(jí)分組密碼.Lblock是分組長(zhǎng)度為64bit的Feistel結(jié)構(gòu)的分組密碼算法,共32輪,密鑰長(zhǎng)度為80bit。MILP全稱是混合整數(shù)線性規(guī)劃(Mixed-Integer Linear Programming)是一類源于線性規(guī)劃的優(yōu)化,目標(biāo)是優(yōu)化在一定約束條件下的目標(biāo)函數(shù)。混合整數(shù)線性規(guī)劃在學(xué)術(shù)界和工業(yè)界都得到了廣泛的應(yīng)用。在分組密碼各個(gè)模塊,MILP的模型是不一樣的。孫思維教授在亞密會(huì)上提出了MILP模型在分組密碼中的應(yīng)用,以及Nicky Mouha,Qingju Wang等人對(duì)于MILP模型結(jié)合分組密碼的差分分析,以及最近由日本人Todo提出的Division Property,結(jié)合MILP方法去搜索輕量級(jí)分組密碼算法的積分區(qū)分器的平衡位置。本文的主要研究?jī)?nèi)容包括:(1)對(duì)SPN類的Present算法,結(jié)合該算法的不可能差分特征進(jìn)行研究,使用兩種方法,一種是活躍S盒擴(kuò)散的總數(shù)和輪數(shù),統(tǒng)計(jì)S盒擴(kuò)散之和最少的那一種情況,即為最優(yōu)的情況;另一種是借助于貪婪算法進(jìn)行研究,排出不可能出現(xiàn)的差分特征。(2)對(duì)Feitesl類的Lblock算法進(jìn)行積分攻擊,核心是構(gòu)造合適的積分區(qū)分器,然后根據(jù)自己總結(jié)的Lblock算法的密鑰擴(kuò)散規(guī)律,統(tǒng)計(jì)需要猜測(cè)的密鑰數(shù)量,并得出積分攻擊的時(shí)間復(fù)雜度和數(shù)據(jù)復(fù)雜度,并與Lblock算法其他分析方法的時(shí)間數(shù)據(jù)復(fù)雜度進(jìn)行對(duì)比,基于積分攻擊的Lblock算法的時(shí)間復(fù)雜度降低。(3)由Lblock算法的積分攻擊,結(jié)合最新的Todo提出的Division Property理論概念,在前人的基礎(chǔ)上對(duì)Lblock算法結(jié)合MILP模型進(jìn)行研究。
[Abstract]:With the popularization of computer and Internet technology, people pay more and more attention to information security. Cryptography, as the cornerstone of information security, has been paid more and more attention. The research of block cipher is an important field of cryptography research nowadays. Block cipher generally adopts iterative structure, it runs fast and is easy to implement, so it is widely used in various hardware and software security systems. Block cipher has many kinds of structures, such as SPN structure, Feitesl structure, Present algorithm and Lbock algorithm, which are the representative algorithms of SPN structure and Festiel structure. Present algorithm is a super-lightweight encryption algorithm of SPN (Substitution Permutation Network) structure proposed by A.Bogdanov and others on CHES2007. There will be 31 rounds of ciphertext, the length of ciphertext is 64 bits, and the key has two versions: 80bit and 128bit. It is mainly suitable for resource-constrained environment. Because of its simplicity and efficiency, Lblock cryptosystem is a lightweight block cipher proposed at the 2011 Security Conference on Applied Cryptography. Lblock is a block cipher algorithm based on Feistel structure with 64bit packet length, which is widely used in the Internet of things and Radio Frequency Identification (RFID). There are 32 rounds in which the length of the key is 80bit.MILP, which is a mixed integer linear programming (Mixed-Integer Linear Programming) is a class of optimization derived from linear programming. The objective is to optimize the objective function under certain constraints. Mixed integer linear programming has been widely used in academia and industry. In each module of block cipher, the model of MILP is different. Professor Sun thought presented the application of MILP model in block cipher, the differential analysis of MILP model combined with block cipher by Nicky Mouha,Qingju Wang et al., and the recent Division Property, proposed by Japanese Todo. The MILP method is combined to search the balanced position of the product partition divider of the lightweight block cipher algorithm. The main contents of this paper are as follows: (1) the Present algorithm of SPN class is studied in combination with the impossible differential features of the algorithm. One is the total number of active S-box diffusion and the number of wheels, and the other is the number of active S-box diffusions. The case in which the sum of S-box diffusion is least is the best case; The other is that the greedy algorithm is used to remove the difference features that are impossible to appear. (2) the integral attack on the Lblock algorithm of the Feitesl class, the core of which is to construct a suitable integral partition divider. Then according to the law of key diffusion of Lblock algorithm, the number of keys that need to be guessed is counted, and the time complexity and data complexity of integral attack are obtained, and compared with the time data complexity of other analysis methods of Lblock algorithm. The time complexity of Lblock algorithm based on integral attack is reduced. (3) based on the integration attack of Lblock algorithm and the latest concept of Division Property proposed by Todo, the Lblock algorithm combined with MILP model is studied on the basis of predecessors.
【學(xué)位授予單位】：山東師范大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類號(hào)】：TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前6條

1 于曉麗;吳文玲;李艷俊;;低輪MIBS分組密碼的積分分析[J];計(jì)算機(jī)研究與發(fā)展;2013年10期

2 潘志舒;郭建勝;;LBlock算法的基于比特積分攻擊[J];信息工程大學(xué)學(xué)報(bào);2013年01期

3 詹英杰;關(guān)杰;丁林;張中亞;;對(duì)簡(jiǎn)化版LBLock算法的相關(guān)密鑰不可能差分攻擊[J];電子與信息學(xué)報(bào);2012年09期

4 董樂(lè);吳文玲;吳雙;鄒劍;;高階差分視角下的積分攻擊[J];計(jì)算機(jī)學(xué)報(bào);2012年09期

5 王高麗;王少輝;;對(duì)MIBS算法的Integral攻擊[J];小型微型計(jì)算機(jī)系統(tǒng);2012年04期

6 ;SQUARE attack on block ciphers with low algebraic degree[J];Science China(Information Sciences);2010年10期

，

本文編號(hào)：2430551