基于混沌映射的分组密码算法

提出一种新的混沌分组密码算法。该算法基于扩展Feistel结构将128 bit明文加密为128 bit密文。轮函数中的S盒由Logistic混沌映射产生,算法密钥由128 bit的初始密钥通过Cubic映射迭代生成。采用硬件描述语言VerilogHDL设计实现该算法,并用Modelsim对加解密过程进行仿真,实验结果证明其具有高灵敏度的S盒,密钥空间大,混乱和扩散性能好。     

基于置换移位的单字节分组保密方法

为减少无线传感器网络编码的冗余字节,提高基于Feistel结构的无线传感器网络分组加密的安全性,提出了一种新的单字节分组密码保密方法.采用生成单位矩阵的幂次和密钥变换矩阵生成密钥,明文通过单字节的置换和循环移位得到加密密文.首先介绍无线传感器网络Feistel结构分组加密算法,然后给出了置换和移位操作编码原理,并给出了设计的加密解密算法,最后进行了分析和实验.提出的方法既可以实现加密,也可以实现解密.分析结果表明,密钥具有较高的安全性能,可以增强基于Feistel结构的无线传感器网络分组加密安全性.     

一类分组密码的S盒重组算法

S盒是许多分组密码唯一的非线性部件,它的密码强度决定了整个密码算法的安全强度.足够大的S盒是安全的,但为了便于实现,分组密码多采用若干小S盒拼凑.针对一类分组密码算法,通过将S盒与密钥相关联,给出了S盒重组算法,丰富了S盒的应用模式,有效提高了分组密码的安全强度.     

一种基于Hénon映射和Feistel结构的分组密码算法研究

混沌序列具有对初值和系统参数敏感等特点,因此非常适合应用于信息加密.本文在详细分析Hénon映射的混沌和密码学特性的基础上,提出一种基于Feistel结构和Hénon映射混沌分组密码算法,该算法最大的优点加密的轮次和子密钥的构造是基于混沌系统动态更新的,通过子密钥的动态生成,密码系统的随机性、复杂性得到了极大的提高.同时理论和实验表明,该算法具有较高的安全性,能够抵抗差分和线性密码分析.     

一种基于Henon映射和Feistel结构的分组密码算法研究

混沌序列具有对初值和系统参数敏感等特点,因此非常适合应用于信息加密。本文在详细分析Henon映射的混沌和密码学特性的基础上,提出一种基于Feistel结构和Henon映射混沌分组密码算法,该算法最大的优点加密的轮次和子密钥的构造是基于混沌系统动态更新的,通过子密钥的动态生成,密码系统的随机性、复杂性得到了极大的提高。同时理论和实验表明,该算法具有较高的安全性,能够抵抗差分和线性密码分析。     

SMS4算法S盒的密码学性质

S盒是分组密码的重要组成部分,在很大程度上决定了分组密码的安全性。该文研究了中国分组密码标准SMS4算法S盒的平衡性、差分性质、线性结构、非线性、Walsh谱等性质,通过与美国高级加密标准、欧洲分组加密标准Camellia的S盒作比较,说明了SMS4算法S盒一些较好的安全特性。     

基于一种DES算法改进体制的研究

本文用改进的S-盒替换原来的S-盒，用内部CBC三重加密模式以及相关密钥S-盒等方式构造出一种改进的DES加密体制。这种体制增强了线性密码分析攻击、差分密码分析攻击、穷举攻击和选择明文攻击的难度，而它加解密的速度并没有受到影响，相反通过使用相关密钥S-盒硬件芯片，其加解密的速度还将有所提高。     

基于抗退化混沌系统的动态S盒设计与分析

S盒是分组密码算法中的关键部件之一,其混淆和置乱作用决定着整个密码算法的安全强度。为使基于混沌系统生成的S盒具有更好的密码学性能,提出了一种基于抗退化混沌系统的动态S盒设计方案。首先,使用Lorenz混沌映射扰动Chebyshev混沌映射;然后,使用截取位数法和划分区间法生成两种初始S盒;最后,使用索引排序扰乱法得到最终S盒。所提抗退化混沌系统生成的混沌序列不存在短周期现象,具有遍历性、不可预测性等特点;运用于S盒的设计中能极大提升S盒的安全性能,消除混沌生成源的安全隐患;并且,通过对系统参数的调控可批量地生成动态S盒。对S盒的安全性能,即非线性度、差分均匀性、严格雪崩准则、输出比特间独立性和双射特性进行了测试和对比,实验结果表明,所提方案生成的S盒具有更好的密码学性能,可用于分组密码算法的设计中。     

一种基于Feistel网络的反馈式分组混沌密码的研究

近年采，将混沌理论应用到信息安全已成为研究的一个热点。本文基于Feistel网络，提出了一种新颖的反馈式分组混沌密码算法。在该算法中，当前加密分组输出将影响下一明文分组要运行的轮数，而每一轮使用的孓盒的序号与加密密钥有关，轮数及s盒的序号均由混沌映射动态生成。由于混沌的固有特性，使得加密系统变得更加复杂，更加难以分析和预测。实验结果表明，本算法具有优良的密码学特性，对明文和密钥以及混沌系统参数的细微变动都非常敏感。产生的密文随机性很好。对本算法的安全性进行了分析，结果表明它具有很高的抗穷举攻击的能力。     

无线传感器网络混沌分组密码研究

实现了一种具有多种加密算法优点的无线传感器网络单字节分组加密算法.采用改进的离散Logistic映射产生子密钥,构造了具有离散混沌运算的Feistel加密函数.算法加解密数据包是将单字节分组包经过一轮置换后,分成2个半字节,再进行4轮Feistel结构运算,最后再进行一次置换.通过增加调用Feistel结构的轮次,可以改变密钥数量.分析了子密钥的随机性和算法的安全性,在无线传感器网络节点上进行了该分组算法的数据加/解密通信实验.结果表明算法安全性高,单字节离散混沌分组密码系统在无线传感器网络节点上切实可行.     

Construction of a key-dependent message secure symmetric encryption scheme in the ideal cipher model

Key-dependent message （KDM） security is an important security issue that has attracted much research in recent years. In this paper, we present a new construction of the symmetric encryption scheme in the the ideal cipher model （ICM）; we prove that our scheme is KDM secure against active attacks with respect to arbitrary polynomialtime challenge functions. Our main idea is to introduce a universal hash function （UHF） h as a random value for each encrypfion, and then use s = h（sk） as the key of the ideal cipher F, where sk is the private key of our symmetric encryption scheme. Although many other schemes that are secure against KDM attacks have already been proposed, in both the ideal standard models, the much more significance of our paper is the simplicity in which we implement KDM security against active attacks.     

TRESC: Towards redesigning existing symmetric ciphers

Recently, the security of existing symmetric cryptographic algorithms and protocols has been threatened by new performance challenges and vulnerabilities. In this paper, we propose a dynamic key-dependent approach, ”TRESC”, to make existing symmetric ciphers more efficient and robust. This can be done by using dynamic substitution and permutation primitives to reduce the number of rounds while providing better resistance against cryptanalysis and implementation attacks. In this paper, the Key Setup Algorithm (KSA) of Rivest Cipher 4 (RC4) and its modified variants are applied for the construction of these dynamic key-dependent substitution and permutation primitives. The selection of the RC4-KSA is due to its lightweight implementation since it requires simple permutation operation with minimal overhead. The proposed dynamic cryptographic solution can be integrated in any existing symmetric cipher such as Advanced Encryption Standard (AES), SIMON and SPECK. The security and performance analysis show the robustness and effectiveness of the proposed solution, which strikes a good balance between the required security level and system performance.     

ORSCA-GPU: one round stream cipher algorithm for GPU implementation

Data confidentiality is one of the most critical security services. Many encryption algorithms are currently used to provide data confidentiality. That is why there are continuous research efforts on the design and implementation of efficient cipher schemes. For this purpose, different lightweight cipher algorithms have been presented and implemented on GPUs with different optimizations to reach high performance. Some examples of these ciphers are Speck, Simon which both require less latency compared to Advanced Encryption Standard (AES). However, these solutions require a higher number of rounds but with a more simple round function compared to AES. Therefore, in this paper, a new cipher scheme called “ORSCA” is defined which only requires one round with the dynamic key-dependent approach. The proposed cipher is designed according to the GPU characteristics. The proposed one-round stream cipher solution is suitable for the high data rate applications. According to the performance results, it can achieve high data throughput compared to existing ones, with throughput greater than 5 Terabits/s on a Tesla A100 GPU. Thus, this approach can be considered as a promising candidate for real-time applications. Finally, the security level is ensured by using the dynamic cryptographic primitives that can be changed for each new input message (or for a set of messages: sub-session key). Thus, the proposed solution is a promising candidate for high secure GPU cryptographic algorithms.

     

动态密码在保密信息系统中的应用

本文介绍了动态密码技术的基本原理和应用范围,提出动态密码认证系统的结构体系及其构建的方法,指出在系统开发与运行管理中需要注意的问题。     

基于动态变换技术的数据库加密方法研究

随着信息技术的发展,数据库在信息管理的应用已非常广泛。为了确保数据库的安全,提出基于内层加密函数对数据库表的动态变换加密技术,动态变换加密能使当前行、列数据的加密密钥做到互不干扰。由于经济类财务数据以数值型数据为主,把明文转化为密文后,密文还是数值,与原数据表述物品的数量、金额的方式无差别,因而从数据外观判断不了数据的真实性与合法性,该技术既对数据进行了加密,同时也扰乱了破解者的视线,做到更深层次地保护数据库的目的。     

一个基于混沌系统的动态换位加密方案

在对换位加密技术研究的基础上,提出了一个基于混沌系统的动态换位加密方案。该方案通过二进制数据转换、数据替换及动态换位等加密步骤,很好地实现了明文的混淆与扩散。与传统的换位加密相比,新方案不仅有较大的密钥空间,而且产生的换位序列具有很强的随机性。理论分析及实验结果表明,给出的新方案可以抵抗多种已知的密码攻击,克服了传统换位加密技术的弱点,具有较高的安全性。     

可重构密码处理结构中重构机制及对性能的影响

重构机制对可重构密码处理系统的性能有着重要的影响,该文从全局、局部、静态、动态几方面提出了流水化可重构密码处理结构中重构机制的分类,给出了各种机制的吞吐率和延迟公式,并分析了几种机制的性能和实现代价,最后给出了在采用局部动态重构机制的可重构密码处理结构中密码处理的性能。     

10轮Midori128的中间相遇攻击

轻量级分组密码由于软硬件实现代价小且功耗低,被广泛地运用资源受限的智能设备中保护数据的安全。Midori是在2015年亚密会议上发布的轻量级分组密码算法,分组长度分为64 bit和128 bit两种,分别记为Midori64和Midori128,目前仍没有Midori128抵抗中间相遇攻击的结果。通过研究Midori128算法基本结构和密钥编排计划特点,结合差分枚举和相关密钥筛选技巧构造了一条7轮中间相遇区分器。再在此区分器前端增加一轮,后端增加两轮,利用时空折中的方法,提出对10轮的Midori128算法的第一个中间相遇攻击,整个攻击需要的时间复杂度为2126.5次10轮Midori128加密,数据复杂度为2125选择明文,存储复杂度2105 128-bit块,这是首次对Midori128进行了中间相遇攻击。     

基于混沌映射的分块循环DNA图像加密算法

数字图像具有数据量大、冗余度高、像素间关联性强等特点,打破数据间关联性及提高敏感性是保护图像信息的关键。针对如何快速有效打破图像像素间强关联性、提高图像数据敏感性等问题,提出基于logistic混沌映射的分块循环DNA图像加密算法。算法采用二次置乱、一次扩散结构,首先通过zigzag变换置乱明文图像,打破明文像素间的强关联性;其次将伪随机序列生成器产生的密钥作为混沌参数进行混沌映射,生成动态DNA编/解码、运算规则,对置乱的明文图像进行DNA编码形成初始密文;然后利用DNA运算规则,对初始密文进行分块循环DNA运算,完成密文扩散,并对DNA碱基进行统计和归一化作为二次混沌密钥;最后采用二次混沌映射生成动态步长规则,对密文进行变步长约瑟夫置乱,利用DNA解码规则形成最终密文图像。实验结果表明,密文图像像素分布均匀、像素间关联性弱、密钥敏感性强、密钥空间足够大,能够有效抵御信息分析、暴力、噪声、剪切等常见攻击,具有较高的安全性。     

Evolutionary ciphers against differential power analysis and differential fault analysis

Side channel analysis(SCA) focuses on attacking cryptographic algorithm implementations by collecting leaked information and analyzing the correlation between the leaked and key information in the cryptographic system.Currently,SCA is the main threat to cryptographic implementations,with DPA(differential power analysis) and DFA(differential fault analysis) being two of the most threatening types of SCA.However,the existing countermeasures against DPA and DFA have shortcomings and can hardly protect cipher designs perfectly.Based on a comprehensive analysis of DPA and DFA,this paper proposes a new idea of using an evolutionary cipher(EVOC) against DPAs based on the model proposed by Kocher,and several different new types of DFAs.In fact,an EVOC is a kind of dynamic cipher designing method.Moreover,combined with intelligent searching algorithms and cryptography design policies,EVOCs utilize the dynamic and unpredictable properties of TRNG(a truly random number generator) to ensure cipher design at a high level of security.Therefore,with an EVOC we could design cryptography algorithms with high security to resist mathematical analysis as well as DPAs and DFAs.This paper analyzes and proves the security,efficiency,cost,and original features of EVOCs against DPA and DFA both theoretically and experimentally.Compared with existing countermeasures against SCAs,EVOCs use dynamic non-linear operations to destroy the bases of DPA and DFA.At the algorithm level,EVOCs are more efficient than other resistance methods.Based on the theory and experiments,this paper proposes certain modifications to the EVOC in the AES(advanced encryption standard) algorithm,which can be referenced by other dynamic designs of cryptographic algorithms.