共查询到20条相似文献,搜索用时 187 毫秒
1.
一种基于分组密码的hash函数的安全性分析及构造 总被引:1,自引:0,他引:1
利用已有的分组密码构造hash函数是一种非常方便的构造方法.早在1993 年Preneel 等人就对使用分组密码构造的64种hash 函数进行了安全分类,这些hash函数统称为PGV体制,它们都是单倍分组长度的,即输出长度和分组长度相同.2002 年Black在他的论文中对这64 种hash函数的安全性进行了严格的证明,证明其中的20种是安全的,其他是不安全的.随着计算技术的发展,人们感到单倍分组长度的hash函数的安全性不足,于是一些双倍分组长度的基于分组密码的hash函数被提了出来.但是其中的很多是不安全的.在AsiaCrypt2006上,一种使用了5个分组密码的双倍分组长度的hash函数被提了出来.作者声明这种构造方式是安全的,但没有给出安全性证明.本文对该体制进行了分析,发现其安全性并不理想,并针对本文的攻击提出了一种新的基于分组密码的hash函数,同时和SHA-256等hash函数的性能进行了对比. 相似文献
2.
密码算法一般基于数学难题来保证安全性。目前已有的数学难题可以归结为求解一个或者一系列未知数。不同于已有的数学难题,文章提出一类新的数学难题,它求解的对象不是未知数,而是未知函数,这类难题并没有可行的求解方法。文章克服现实障碍,考虑穷举攻击的安全性,利用未知函数求解难题和未知数求解难题相结合的方法提出了构造分组密码的方案。加密和解密的函数为未知函数,未知函数由密钥确定,而密码分析者不知道密钥,所以无法确定密码函数。由于密码函数未知,所以大多数的密码分析方法需要的前提条件未知,从而无法进行分析。在文中方案下形成了一种新的单向性,关于密码函数的单向性,加密和解密者很容易确定加解密的函数,而密码分析者不能确定。文中方案针对现有的密码分析具有很好的安全性,文章还对可能的攻击方法进行了设想,提出了几种攻击思路,并且针对这些攻击对未知函数的各种具体形式的设计提出了一些原则性建议,以避免密码分析者通过各种线索确定函数的具体形式,或者经过转化将未知函数统一为一个已知函数。 相似文献
3.
密码协议的设计和安全性分析是困难的,在密码协议中总是以所使用的密码算法是安全的为前提,但是人们却忽略了密码算法的加密模式对密码协议安全性的影响。论文针对一个改进的Needham-Schroeder协议,假设其使用了分组密码的CBC加密模式,我们通过使用一条旧信息的明密文对来修改当前会话中的信息,从而成功地欺骗用户双方,并分别与他们建立了一个会话密钥,对该协议进行了成功的攻击。结果说明密码算法的加密模式对密码协议的安全性有着巨大的影响。Schroederauthenticationprotocol125 相似文献
4.
邵祖华 《计算机工程与应用》1987,(1)
本文介绍了一种利用对称密码进行数字签字的方法。使用两套对称密码,互相耦合,将传送的信息编成密码后传送。利用这两套密码的关系来表明信息传送人的身份,并且也提高了密码的安全性。最后讨论了该方法的一些变化,并比较了各种优缺点。 相似文献
5.
提出了一种新的分组密码通用的基于碰撞模型的分组密码代数旁路分析方法—代数功耗碰撞攻击,将代数攻击与功耗碰撞攻击结合,首先利用代数分析方法建立密码算法等效布尔代数方程组;然后通过功耗攻击手段获取密码加密过程运行时泄露的功耗信息,经分析转化为加密过程碰撞信息,并表示为关于加密中间状态变元的代数方程组;最后使用CryptoMiniSAT解析器求解方程组恢复密钥。应用该方法对在8位微控制器上实现的PRESENT密码进行了实际攻击,实验结果表明,代数攻击基础上引入额外的代数方程组,可有效降低方程组求解的复杂度;PRESENT易遭受此类代数功耗攻击的威胁,明密文已知,以4个样本全轮碰撞或8个样本部分轮碰撞信息成功获取PRESENT 80bit完整密钥。此外,文中分析方法也可为其它分组密码功耗碰撞分析提供一定思路。 相似文献
6.
7.
8.
Ajtai和Dwork构造了一种概率公用密钥体系.这种密码系统的安全性建立在一种格问题复杂性的最坏情形上.该文的结果证明这种密码系统是很容易被误用的.如果这种系统被用于广泛使用的key-escrow体系中(特别是美国的一些体系中),密码系统的终端用户就可以利用这种误用来传送一些非法信息,而不必担心安全机构通过构造用户的密钥来破译这些非法信息.同样地,这种密码系统的终端用户也必须相信密码系统的制造商,因为非法制造商制造的加密或解密系统在用户一无所知的情况下,可利用这种误用把用户的密钥泄漏出去. 相似文献
9.
怎样综合利用分组密码和序列密码两种密码体制来得到较高的安全性,如何保证密码分组链接(CBC)方式中IV的安全性,一直是密码学界很关心的问题。提出了一种混合密码体制方案能够较好地解决这些问题,并结合开发实践对整个解决方案进行了详细的阐述。 相似文献
10.
11.
HUI Lucas C.K. 《中国科学:信息科学(英文版)》2010,(3):546-556
Differential cryptanalysis is a general cryptanalytic tool that makes use of diFFerentials over some rounds of a cipher, combined with some key bit guesses of one or two rounds. This paper introduces a new cryptanalysis strategy of block ciphers named differential-algebraic cryptanalysis. The idea of differential-algebraic cryptanalysis is to find a differential with high probability and build the multivariable system equations for the last few rounds. The subkey values of the last few rounds can be obtaine... 相似文献
12.
Computational aspects of the expected differential probability of 4-round AES and AES-like ciphers 总被引:1,自引:0,他引:1
Joan Daemen Mario Lamberger Norbert Pramstaller Vincent Rijmen Frederik Vercauteren 《Computing》2009,85(1-2):85-104
In this paper we study the security of the Advanced Encryption Standard (AES) and AES-like block ciphers against differential cryptanalysis. Differential cryptanalysis is one of the most powerful methods for analyzing the security of block ciphers. Even though no formal proofs for the security of AES against differential cryptanalysis have been provided to date, some attempts to compute the maximum expected differential probability (MEDP) for two and four rounds of AES have been presented recently. In this paper, we will improve upon existing approaches in order to derive better bounds on the EDP for two and four rounds of AES based on a slightly simplified S-box. More precisely, we are able to provide the complete distribution of the EDP for two rounds of this AES variant with five active S-boxes and methods to improve the estimates for the EDP in the case of six active S-boxes. 相似文献
13.
Recent years have witnessed a significantly increased interest in computer security. Efforts in the area of design of ciphers and their attacks have progressed at almost competing rates. Though brute force attack is successful for simple ciphers, cryptanalysis of complex ciphers warrants specialised techniques and powerful computing systems. Several heuristic techniques have assumed significance over the past few years, in the context of attacks of simple stages of certain ciphers. This paper presents a systematic study of efficient heuristics in the successful attacks of some block ciphers which though simple are representative ones in computer security parlance. 相似文献
14.
Raphael Chung-Wei Phan 《Cryptologia》2013,37(2):129-137
To every aspiring cryptanalyst, especially those just starting to study cryptanalysis, there is no standard textbook to refer. A year ago, the existing literature on block-cipher cryptanalysis was organized in a self-study course in a way that could help students learn cryptanalysis step by step. [5] Since then, various new cryptanalytic methods have sprung up and have been added to the cryptanalytic literature. This paper attempts to acquaint the student with the new cryptanalytic methods and serve as further notes to the course in block-cipher cryptanalysis. 相似文献
15.
This paper studies the security of the block ciphers ARIA and Camellia against impossible differential cryptanalysis. Our work improves the best impossible differential cryptanalysis of ARIA and Camellia known so far. The designers of ARIA expected no impossible differentials exist for 4-round ARIA. However, we found some nontrivial 4-round impossible differentials, which may lead to a possible attack on 6-round ARIA. Moreover, we found some nontrivial 8-round impossible differentials for Camellia, whereas only 7-round impossible differentials were previously known. By using the 8-round impossible differentials, we presented an attack on 12-round Camellia without FL/FL^-1 layers. 相似文献
16.
Changhoon Lee 《The Journal of supercomputing》2014,70(1):95-103
In this paper, we evaluate the security of lightweight block ciphers PRESENT-80 and PRESENT-128 applicable to hybrid information systems against biclique cryptanalysis. To recover the secret key of PRESENT-80/128, our attacks require \(2^{79.76}\) full PRESENT-80 encryptions and \(2^{127.91}\) full PRESENT-128 encryptions, respectively. These results are superior to known biclique cryptanalytic results on them. 相似文献
17.
在传统的积分密码分析中,积分区分器都是以概率1成立的.虽然Knudsen等学者提到过:“就像差分一样,积分也可以是概率的”,但是,没有文献报道过进一步的研究.文中对此问题进行了探讨,提出了概率积分密码分析方法,并从理论和实验两方面验证了概率积分分析方法的有效性.对于采用S盒设计的分组密码,文中证明了如果S盒的差分均匀性越接近随机概率,则分组密码抵抗概率积分密码分析的能力就越强.同时,文中指出高阶积分分析的某些技巧对于概率积分分析是行不通的,主要原因是随着求和变量个数的增加,积分特征概率趋近于随机概率.最后,文中通过对AES和LBlock这两个算法的概率积分分析实例,说明目前广泛使用的分组密码算法对于概率积分密码分析方法都是免疫的. 相似文献
18.
对于分组密码,不可能差分和零相关线性分析都是很重要的分析手段.通过研究非线性组件与(AND)的性质,首先得到用于刻画SIMON轮函数差分及线性传播特性的约束式,再基于布尔可满足约束问题(SAT),提出一种普适性不可能差分和零相关路径自动化搜索算法,并利用该算法搜索得到SIMON更多的不可能差分及零相关路径.除用于自动化搜索外,该算法还可判断特定的差分对(掩码对)是否能构成一条有效不可能差分和零相关路径.此外,基于该算法,从抵抗不可能差分攻击的角度出发,给出SIMON轮函数设计中循环移位常数的选取依据. 相似文献
19.
Recently, a quick and simple way of creating very efficient distinguishers for cryptographic primitives such as block ciphers or hash functions, was presented and proved useful by the authors. In this paper, this cryptanalytic attack (named genetic cryptanalysis after its use of genetic algorithms) is shown to be successful when applied over reduced-round versions of the block cipher XTEA. Efficient distinguishers for XTEA are proposed for up to 4 cycles (8 rounds). Additionally, a variant of this genetic attack is also introduced, and their results over the block cipher TEA presented, which are the most powerful published to date. 相似文献
20.
Bruce Schneier 《Cryptologia》2013,37(1):18-33
Studying cryptanalysis is difficult because there is no standard textbook, and no way of knowing which cryptanalytic problems are suitable for different levels of students. This paper attempts to organize the existing literature of block-cipher cryptanalysis in a way that students can use to learn cryptanalytic techniques and ways to break new algorithms. 相似文献