本文選題：中間相遇攻擊 + 輕量級(jí)分組密碼�。� 參考：《東華大學(xué)》2014年碩士論文

【摘要】：隨著物聯(lián)網(wǎng)的發(fā)展,RFID芯片和無(wú)線傳感網(wǎng)絡(luò)等微型計(jì)算設(shè)備的應(yīng)用越來(lái)越廣泛,給人們的生活帶來(lái)了極大的便利。與此同時(shí),如何確保信息的安全性,越來(lái)越引起人們的重視。因?yàn)槲⑿陀?jì)算設(shè)備資源受限,所以既追求效率又要保證安全性的輕量級(jí)分組密碼算法應(yīng)運(yùn)而生。 KTANTAN[1]是由Christophe De Canniere, Orr Dunkelman和Miroslav Knezevic在2009年密碼硬件和嵌入式系統(tǒng)國(guó)際會(huì)議(CHES)上提出的一個(gè)輕量級(jí)分組密碼算法,具有硬件實(shí)現(xiàn)簡(jiǎn)單和低功耗等特點(diǎn)。它采用了基于非線性反饋移位寄存器(NLFSR)的輪函數(shù)結(jié)構(gòu)和線性密鑰編排,可以抵抗差分分析、線性分析和其他一些攻擊。KTANTAN是一族分組密碼算法,明文分組長(zhǎng)度可以是32、48和64位,相應(yīng)的算法分別稱(chēng)為KTANTAN32、KTANTAN48和KTANTAN64。密鑰長(zhǎng)度都是80位,進(jìn)行254輪加密。目前已知的對(duì)KTANTAN的分析方法有相關(guān)功耗分析、相關(guān)密鑰中間相遇代數(shù)攻擊、中間相遇攻擊等。 輕量級(jí)分組密碼算法在設(shè)計(jì)時(shí)力求尋找執(zhí)行效率與安全性的最佳平衡點(diǎn)。然而當(dāng)執(zhí)行效率提高時(shí),算法的安全性必然會(huì)受到影響,所以對(duì)算法安全性的分析顯得尤為重要。本文以KTANTAN為例,對(duì)輕量級(jí)分組密碼算法的安全性進(jìn)行評(píng)估。結(jié)合KTANTAN的加密結(jié)構(gòu)和特點(diǎn),嘗試運(yùn)用3維及以上的中間相遇攻擊方法對(duì)KTANTAN的安全性進(jìn)行分析,接著利用分段-連接、間接部分匹配、預(yù)計(jì)算等各種技術(shù)對(duì)攻擊方法進(jìn)行改進(jìn),取得以下成果： 1.依據(jù)KTANTAN的結(jié)構(gòu)特點(diǎn),猜測(cè)中間狀態(tài)X和Y,將整個(gè)加密算法分成三個(gè)連續(xù)的區(qū)間,利用3維中間相遇攻擊方法對(duì)KTANTAN進(jìn)行分析,給出了攻擊步驟,以及攻擊過(guò)程的時(shí)間復(fù)雜度和數(shù)據(jù)復(fù)雜度。 2.研究了結(jié)合分段-連接和間接部分匹配技術(shù)的3維中間相遇攻擊對(duì)KTANTAN32的攻擊過(guò)程,得到更優(yōu)的攻擊結(jié)果,數(shù)據(jù)復(fù)雜度為3個(gè)明密文對(duì),時(shí)間復(fù)雜度為267.63次加密運(yùn)算。 3.在上述攻擊的基礎(chǔ)上,繼續(xù)對(duì)3維中間相遇攻擊進(jìn)行改進(jìn)——猜測(cè)Y的一部分比特,通過(guò)調(diào)整X和Y的位置,取得更好的攻擊結(jié)果：時(shí)間復(fù)雜度為266.77次加密運(yùn)算,數(shù)據(jù)復(fù)雜度為3個(gè)明文對(duì)。 4.研究了結(jié)合數(shù)據(jù)預(yù)處理和緩存技術(shù)的3維中間相遇攻擊對(duì)KTANTAN進(jìn)行攻擊,減少了攻擊過(guò)程中重復(fù)計(jì)算的次數(shù),將時(shí)間復(fù)雜度進(jìn)一步降低至265.17次加密運(yùn)算。 5.簡(jiǎn)要分析3維中間相遇攻擊方法對(duì)KTANTAN64/128攻擊和4維及以上的中間相遇攻擊對(duì)KTANTAN32/64/128算法的攻擊。
[Abstract]:With the development of Internet of things, RFID chip and wireless sensor network and other micro-computing devices are more and more widely used, which brings great convenience to people's life. At the same time, how to ensure the security of information has attracted more and more attention. Because of the limited resources of microcomputing equipment, So the lightweight block cipher algorithm, which is both efficient and secure, comes into being. KTANTAN [1] is a lightweight algorithm proposed by Christophe de Canniere, Orr Dunkelman and Miroslav Knezevic at the 2009 International Conference on cryptography hardware and embedded Systems (CHESs), which was presented by Christophe de Canniere, Orr Dunkelman and Miroslav Knezevic. Stage block cipher algorithm, It has the characteristics of simple hardware implementation and low power consumption. It adopts round function structure based on nonlinear feedback shift register and linear key arrangement, which can resist differential analysis. Linear analysis and some other attacks. KTANTAN is a family of block cipher algorithms. The corresponding algorithms are called KTAN32 KTANTAN48 and KTANTAN64. respectively. Key length is 80 bits, 254 rounds of encryption. The known analysis methods for KTANTAN include correlation power analysis, key intermediate encounter algebraic attack, middle encounter attack and so on. The lightweight block cipher algorithm is designed to find the best balance between execution efficiency and security. However, when the execution efficiency is improved, the security of the algorithm is bound to be affected, so it is particularly important to analyze the security of the algorithm. This paper takes KTANTAN as an example to evaluate the security of lightweight block cipher algorithm. Combined with the encryption structure and characteristics of KTANTAN, this paper attempts to analyze the security of KTANTAN by using three dimensional and more middle encounter attack methods, and then improves the attack method by using piecewise connection, indirect partial matching, prediction and other techniques. The following results have been achieved: 1. According to the structural characteristics of KTANTAN, the intermediate states X and Y are conjectured, and the whole encryption algorithm is divided into three consecutive intervals. And attack process time complexity and data complexity. 2. In this paper, the attack process of 3-dimensional intermediate encounter attack against KTANTAN32 with piecewise connection and indirect partial matching techniques is studied. The result is better. The data complexity is 3 ciphertext pairs and the time complexity is 267.63 encryption operations. On the basis of the above attacks, we continue to improve the three dimensional intermediate encounter attack-guess some bits of Y, and get better result by adjusting the position of X and Y: the time complexity is 266.77 encryption operations. The data complexity is 3 plaintext pairs. 4. This paper studies the attack of KTANTAN with data preprocessing and buffer technology, which reduces the number of repeated computations and further reduces the time complexity to 265.17 encryption operations. 5. This paper briefly analyzes the attack on KTANTAN64 / 128 and 4-dimensional intermediate encounter attack on KTANTAN32 / 64 / 128 algorithm.
【學(xué)位授予單位】：東華大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TN918.4

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 張文英;劉祥忠;;對(duì)基于NLFSR分組密碼KTANTAN32的相關(guān)密鑰中間相遇代數(shù)攻擊[J];電子學(xué)報(bào);2012年10期

2 張雷;谷大武;郭箏;趙建杰;;KATAN32相關(guān)功耗分析及其實(shí)現(xiàn)[J];計(jì)算機(jī)應(yīng)用;2011年02期

3 楊林;王美琴;;約減輪的MIBS算法的差分分析[J];山東大學(xué)學(xué)報(bào)(理學(xué)版);2010年04期

4 杜承航;陳佳哲;;輕量級(jí)分組密碼算法MIBS不可能差分分析[J];山東大學(xué)學(xué)報(bào)(理學(xué)版);2012年07期

5 范偉杰;吳文玲;張蕾;;HIGHT算法的差分故障攻擊[J];中國(guó)科學(xué)院研究生院學(xué)報(bào);2012年02期

，

本文編號(hào)：2017361