【摘要】：差分故障攻擊是一種間接攻擊方法,其對(duì)分組密碼和流密碼均有很好的攻擊效果。自1997年Biham提出差分故障攻擊的概念以來(lái),利用該方法可攻擊DES算法、橢圓曲線加密體制、3DES算法、SMS4算法、ARIA算法、CLEFIA算法、AES算法等諸多密碼算法。本文主要通過(guò)求解混合方程來(lái)研究SHACAL-2算法和MD5加密模式非線性部件的差分特性。并利用該差分特性對(duì)其進(jìn)行差分故障攻擊。主要結(jié)果如下:(1)證明了當(dāng)SHACAL-2算法選擇函數(shù)的第1個(gè)位置輸入差分非零或者擇多函數(shù)的前兩個(gè)位置中任意一個(gè)輸入差分非零時(shí)(其它位置差分均為零),差分方程解的個(gè)數(shù)只與輸入差分的重量有關(guān)。將這一結(jié)果運(yùn)用到SHACAL-2算法的差分故障攻擊中,從理論上解釋了有效的差分故障位置為E,并證明了至少需要160個(gè)隨機(jī)故障才能以超過(guò)60%的成功概率恢復(fù)512比特的種子密鑰,而至少需要240個(gè)隨機(jī)故障才能以超過(guò)98%的成功概率恢復(fù)512比特的種子密鑰。(2通過(guò)研究MD5加密模式中輪函數(shù)的差分特性,給出了一個(gè)逐比特求解差分方程的快速算法。利用該算法可以實(shí)現(xiàn)從倒數(shù)第三輪對(duì)MD5加密模式進(jìn)行差分故障攻擊。研究結(jié)果表明如果從倒數(shù)第三輪開始導(dǎo)入故障,平均只需56個(gè)故障,即可成功恢復(fù)512比特的種子密鑰,而如果從倒數(shù)第二輪開始導(dǎo)入故障,平均需要112個(gè)故障才能成功恢復(fù)512比特的種子密鑰。故與從倒數(shù)第二輪開始導(dǎo)入故障相比,從倒數(shù)第三輪導(dǎo)入故障不僅可以將故障攻擊的輪數(shù)提前而且恢復(fù)種子密鑰所需的故障數(shù)減少了一半。
[Abstract]:Differential fault attack is an indirect attack method, which has a good effect on block cipher and stream cipher. Since Biham put forward the concept of differential fault attack in 1997, this method can be used to attack many cryptographic algorithms such as DES algorithm, elliptic curve cryptosystem / 3DES algorithm, SMS4 algorithm and CLEFIA algorithm. In this paper, the differential characteristics of nonlinear components in SHACAL-2 algorithm and MD5 encryption mode are studied by solving mixed equations. The differential characteristic is used to attack the differential fault. The main results are as follows: (1) it is proved that the solution of the difference equation is obtained when the input difference of the first position of the SHACAL-2 algorithm is nonzero or the first two positions of the selection function are not 00:00 (all the other positions are zero). The number of the input difference is only related to the weight of the input difference. Applying this result to the differential fault attack of SHACAL-2 algorithm, the effective differential fault location is explained as E, and it is proved that at least 160 random faults are needed to recover the 512-bit seed key with more than 60% success probability. At least 240 random faults are needed to recover the 512-bit seed key with a success probability of more than 98%. (2) by studying the differential characteristics of the wheel function in the MD5 encryption mode, a fast algorithm for solving the difference equation bit by bit is presented. Using this algorithm, the differential fault attack on MD5 encryption mode can be realized from the reciprocal third round. The results show that if the fault is imported from the penultimate third round, only 56 faults on average, the 512-bit seed key can be successfully recovered, and if the fault is imported from the penultimate round, An average of 112 faults are required to successfully recover the 512 bit seed key. Therefore, compared with importing faults from the reciprocal second round, the imported faults from the reciprocal round can not only reduce the number of rounds of fault attack ahead of schedule, but also reduce the number of faults needed to restore the seed key by half.
【學(xué)位授予單位】：國(guó)防科學(xué)技術(shù)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TN918.1

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 朱賢軍;李敬兆;;無(wú)加密模式下對(duì)云數(shù)據(jù)的隱私保密[J];計(jì)算機(jī)技術(shù)與發(fā)展;2013年06期

2 張慧;郭翠芳;牛夏牧;吳春歡;;磁盤加密模式分析[J];計(jì)算機(jī)工程;2010年05期

3 翁哲;;基于密匙的數(shù)字電影加密模式的探討[J];黑龍江科技信息;2009年09期

4 ;無(wú)線網(wǎng)絡(luò)各類加密模式詳解[J];計(jì)算機(jī)與網(wǎng)絡(luò);2011年23期

5 李民政;一個(gè)改進(jìn)SSL加密模式的新方案[J];桂林電子工業(yè)學(xué)院學(xué)報(bào);2005年05期

6 彭建新;杜威;王曉雷;;TrueCrypt加密模式及對(duì)應(yīng)取證方法研究[J];廣東公安科技;2011年04期

7 zyj;;手把手教你如何安全分享無(wú)線網(wǎng)絡(luò)[J];網(wǎng)絡(luò)與信息;2010年06期

8 劉青;衛(wèi)宏儒;;對(duì)完整輪數(shù)ARIRANG加密模式的新的相關(guān)密鑰矩形攻擊[J];計(jì)算機(jī)科學(xué);2013年08期

9 張大軍;李運(yùn)發(fā);鄭周;;云計(jì)算中數(shù)據(jù)資源的安全共享機(jī)制[J];信息網(wǎng)絡(luò)安全;2012年08期

10 廖嘉;王立鵬;陳魯生;;對(duì)OCB模式的沖突攻擊[J];計(jì)算機(jī)工程與應(yīng)用;2006年04期

相關(guān)會(huì)議論文 前2條

1 李華;周志逵;;多級(jí)數(shù)據(jù)庫(kù)中的兩階段子密鑰加密模式[A];第二十二屆中國(guó)數(shù)據(jù)庫(kù)學(xué)術(shù)會(huì)議論文集（技術(shù)報(bào)告篇）[C];2005年

2 張大軍;李運(yùn)發(fā);鄭周;;云計(jì)算中數(shù)據(jù)資源的安全共享機(jī)制[A];第27次全國(guó)計(jì)算機(jī)安全學(xué)術(shù)交流會(huì)論文集[C];2012年

相關(guān)碩士學(xué)位論文 前1條

1 沈璇;對(duì)SHACAL-2算法和MD5加密模式的差分故障攻擊[D];國(guó)防科學(xué)技術(shù)大學(xué);2014年

，

本文編號(hào)：2141780