共查询到19条相似文献,搜索用时 62 毫秒
1.
2001年11月,NIST确定新的加密算法Rijndael为高级加密标准(AES),以取代安全性已经不能满足需要的的原数据加密标准(DES)。AES属于对称分组密码,可用128、192、256位密钥对128位的分组明文明文行加解密。本文在分析其算法结构和性能特点的基础上,作出了具体的设计实现。 相似文献
2.
一种优化可配置的AES密码算法硬件实现 总被引:2,自引:0,他引:2
AES加密算法是下一代的常规加密算法,其将被广泛应用在政府部门和商业领域。本文首先介绍了AES加密算法.然后分析了其硬件实现的要点和难点,最后在Xilinx的FPGA VirtexII XC2V3000-4上对AES密码算法进行了实现和验证。本方案采用一种优化的非流水线加密解密数据路径;同时提出了一种新的可配置的动态密钥调度结构,使得该设计支持128、192和256比特的密钥;而且该设计可以配置AES的四种工作模式。实验的结果表明该设计比其它的设计具有更高的性能。 相似文献
3.
(1)引 言分组加密算法Rijndael在2000年10月2日被确定为美国高级加密标准AES(Advanced Encryption Standard)。在经过严格的安全分析后,从2002年5月26日起作为官方标准(FIPS197)正式实施,取代DES在未来30年里保护美国联邦政府非机密敏感信息,同时在商业、金融和IT等领域获得广泛应用。Rijndael算法是一个分组长度为128比特、密钥可取128、192和256三种长度的分组密码。16字节的分组被组织成称为状态的4×4字节矩阵,其中的列可看成一个4字节的字。密码变换就在这样的字节、行和列上实施,以圈变换为单位连续迭代若干次(对应不同密钥长… 相似文献
4.
5.
AES密码算法的结构优化与实现 总被引:4,自引:0,他引:4
对AES密码算法的结构进行了优化,并应用0.6μmCMOS工艺实现了AES加密/解密芯片。使用Ver-ilogHDL进行算法建模,采用自动综合技术完成版图设计。芯片支持加密/解密模式及所有3种密钥长度。已完成流片,测试的最高时钟频率为20MHz,128位、192位和256位密钥时的数据吞吐率分别可达49.2Mbps、41.3Mbps和35.6Mbps。 相似文献
6.
一种新的对称分组密码算法-SEA 总被引:2,自引:0,他引:2
描述了一种新的对称分组密码算法——SEA(Smart Encryption Algorithin)。通过在加密过程中交替使用两种互不相容的群运算和一个构造简单但非线性强度较高的函数,本密码算法能达到的必要的混乱和扩散,且具有良好的明文雪崩效应和密钥雪崩效应。在本密码算法中,明文和密文分组长度均为128bit,密钥长度128bit,192bit和256bit三种可选。在性能上,本算法不仅逻辑结构严谨、构造简单,而且安全、易实现。 相似文献
7.
高级加密标准AES候选之一--Serpent 总被引:1,自引:0,他引:1
介绍了一个新的分组加密算法——Serpent,它是AES的一个候选算法,该算法使用256位的密钥对128位的块数据进行加解密;描述了Serpent的加解密过程及子密钥生成过程,同时对其性能作了部分阐述. 相似文献
8.
9.
基于AES和ECC的混合加密系统的设计与实现 总被引:2,自引:0,他引:2
基于AES的加密算法具有速度快、强度高、便于实现等优点和ECC加密算法具有密钥分配与管理简单、安全强度高等优点,采用AES加密算法加密大数据块,而用ECC加密算法管理AES密钥,通过集成AES加密算法和ECC加密算法的优点,实现了加密速度快和安全方便管理密钥的优点,有效地解决了密码体制中速度和安全性不能兼顾的问题。 相似文献
10.
11.
分析研究了CIKS-128分组密码算法在相关密钥-差分攻击下的安全性.利用DDP结构和非线性函数的差分信息泄漏规律构造了一条高概率相关密钥-差分特征,并给出攻击算法,恢复出了192bit密钥;在此基础上,对剩余64bit密钥进行穷举攻击,恢复出了算法的全部256bit密钥.攻击所需的计算复杂度为277次CIKS-128算法加密,数据复杂度为277个相关密钥-选择明文,存储复杂度为225.4字节存储空间.分析结果表明,CIKS-128算法在相关密钥-差分攻击条件下是不安全的. 相似文献
12.
Heys H.M. 《IEEE transactions on information theory / Professional Technical Group on Information Theory》2001,47(1):23-35
We examine the information leakage between sets of plaintext and ciphertext bits in symmetric-key block ciphers. The paper demonstrates the effectiveness of information leakage as a measure of cipher security by relating information leakage to linear cryptanalysis and by determining a lower bound on the amount of data required in an attack from an upper bound on information leakage. As well, a model is developed which is used to estimate the upper bound on the information leakage of a general Feistel (1975) block cipher. For a cipher that fits the model well, the results of the analysis can be used as a measure in determining the number of rounds required for security against attacks based on information leakage. It is conjectured that the CAST-128 cipher fits the model well and using the model it is predicted that information leaked from 20 or fewer plaintext bits is small enough to make an attack on CAST-128 infeasible 相似文献
13.
本文研究了Cobra-H64/128分组密码算法在相关密钥-差分攻击下的安全性.针对Cobra-H64算法,利用新构造的相关密钥-差分路径和CP逆变换存在的信息泄露规律给出攻击算法1,恢复出了全部128bit密钥,相应的计算复杂度为2^40.5次Cobra-H64算法加密,数据复杂度为2^40.5个选择明文,存储复杂度为2^22bit,成功率约为1;针对Cobra-H128算法,利用新构造的相关密钥-差分路径给出攻击算法2,恢复出了全部256bit密钥,相应的计算复杂度为2^76次Cobra-H128算法加密,数据复杂度为2^76个选择明文,存储复杂度为2^16.2bit.分析结果表明,Cobra-H64/128算法在相关密钥-差分攻击条件下是不安全的. 相似文献
14.
Tsunoo Y. Saito T. Shigeri M. Kubo H. Minematsu K. 《IEEE transactions on information theory / Professional Technical Group on Information Theory》2005,51(12):4312-4319
LILI-128 is the stream cipher proposed as a candidate cipher for the New European Schemes for Signatures, Integrity, and Encryption (NESSIE) Project. Some methods of breaking it more efficiently than an exhaustive search for its secret key have been found already. The authors propose a new method, which uses shorter bit sequence to break LILI-128 successfully. An attack that can be made with less data can be a more practical threat. With only 2/sup 7/ bits of keystream, this method can break LILI-128 successfully. The efficiency of our attack depends on the memory size. For example, with 2/sup 99.1/ computations, our attack breaks LILI-128, if 2/sup 28.6/-bit memory is available. 相似文献
15.
Jong Hyuk Park 《International Journal of Communication Systems》2009,22(8):959-969
mCrypton, which is a mini‐version of Crypton, is a 64‐bit block cipher with three key size options (64 bits, 96 bits, 128 bits). It was designed for use in low‐cost ubiquitous wireless devices and resource‐constrained tiny devices such as low‐cost Radio‐Frequency Identification tags and sensors in Ubiquitous Sensor Network. In this paper we show that 8‐round mCrypton with 128‐bit key is vulnerable to related‐key rectangle attack. We first describe how to construct two related‐key truncated differentials on which 7‐round related‐key rectangle distinguisher is based and then we exploit it to attack 8‐round mCrypton. This attack requires 246 dada and 246 time complexities, which is faster than exhaustive search. This is the first known cryptanalytic result on mCrypton. Copyright © 2009 John Wiley & Sons, Ltd. 相似文献
16.
为满足密码学安全领域对安全性和加密速度的需求,设计了一种高效流密码。本算法基于流密码体制进行设计,最小数据处理长度为128位,每次分组密钥长为560位。在数据加密过程中向明文混入无效信息,扩充密文数据量并能有效避免特殊数据带来的不安全隐患。算法的加、解密结构具有很大的相似性,易于进行并行计算以及在硬件上实现。针对真随机数发生器和伪随机数发生器两种方式产生的密钥给出不同的优化算法,降低存储代价。 相似文献
17.
《电子学报:英文版》2016,(4):608-613
By constructing three types of related-key differential characteristics, we present three corresponding related-key differential attacks on the cipher. As the inde-pendence of the characteristics, we could recover 64 bits of the cipher’s m aster key with 258.6 chosen plain-texts, 258.8 full-round DDP-64 encryptions and 212.8 bits of storage re-sources. To break the cipher, we only need to implement an exhaustive search for the rest 64 bits of the m aster key. 相似文献
18.
19.
Xiao Yang Chen Hsiao-Hwa Du Xiaojiang Guizani Mohsen 《Wireless Communications, IEEE Transactions on》2009,8(2):622-626
Block ciphers encrypt a fixed size block of plaintext at a time to produce a block of ciphertext. Stream ciphers encrypt stream data, such as voice or Telnet traffic, one bit or more bits at a time. The cipher feedback mode is a stream cipher implemented by a block cipher via multiple stages, and in each stage one bit or a number of bits of plaintext are encrypted at a time. In this paper, we study error performance of the stream-based cipher feedback mode in an unreliable wireless channel in terms of throughput. We model performance of the cipher feedback mode in terms of the probability that part of or the whole ciphertext can not be successfully decrypted, and the throughput by adopting the cipher feedback mode. We explicitly derive the optimal number of stages in the cipher feedback mode to achieve the optimal throughput, given an error rate in a wireless network. We also prove that for the cipher feedback mode, the whole ciphertext is successfully decrypted if and only if the whole ciphertext is successfully transmitted. 相似文献