PEAK分组密码

提出了一个对称分组密码算法——PEA K。其分组长度为128bit,密钥长度为128bit到512bit可变,但要64bit对齐。该算法整体结构为变种的非平衡Feistel网络,具有天然的加解密相似性。同时在设计中采用了宽轨迹策略,确保算法对差分密码分析和线性密码分析的安全性。该文的目的是寻求公众对PEAK分组密码的测试、分析和评估。     

Chaos block cipher for wireless sensor network

New block cipher algorithm in single byte for wireless sensor network with excellence of many cipher algorithms is studied. The child keys are generated through the developed discrete Logistic mapping, and the Feistel encrypting function with discrete chaos operation is constructed. The single byte block is encrypted and decrypted through one turn permutation, being divided into two semi-byte, quadri- Feistel structural operation, and one turn permutation again. The amount of keys may be variable with the turns of Feistel structural operation. The random and security of the child key was proven, and the experiment for the block cipher in wireless sensor network was completed. The result indicates that the algorithm is more secure and the chaos block cipher in single byte is feasible for wireless sensor network.     

基于MILP搜索的ANU算法积分分析

ANU算法是由Bansod等人发表在SCN 2016上的一种超轻量级的Feistel结构的分组密码算法。截至目前,没有人提出针对该算法的积分攻击。为了研究ANU算法抗积分攻击的安全性,根据ANU算法的结构建立起基于比特可分性的MILP模型。对该模型进行求解,首次得到ANU算法的9轮积分区分器;利用搜索到的9轮区分器以及轮密钥之间的相关性,对128 bit密钥长度的ANU算法进行12轮密钥恢复攻击,能够恢复43 bit轮密钥。该攻击的数据复杂度为2^63.58个选择明文,时间复杂度为2^88.42次12轮算法加密,存储复杂度为2³³个存储单元。     

基于双伪随机变换和Feistel结构的轻量级分组密码VHF

针对资源受限的移动终端对轻量级密码的需求,提出了一种 基于双伪随机变换和Feistel结构的新的轻量级分组密码算法VHF。类似于许多其他轻量级分组密码,VHF的分组长度为128bit,密钥长度为80bit和128bit。VHF的安全评估结果表明,其可以对已知的攻击实现足够的安全性,如差分分析、线性分析和不可能差分分析等。在安全的基础上测试软件效率及硬件实现,与现有的轻量级分组密码进行的对比表明,VHF的软硬件效率都高于同为面向8位平台的国际标准CLEFIA算法。     

DBST: a lightweight block cipher based on dynamic S-box

IoT devices have been widely used with the advent of 5G. These devices contain a large amount of private data during transmission. It is primely important for ensuring their security. Therefore, we proposed a lightweight block cipher based on dynamic S-box named DBST. It is introduced for devices with limited hardware resources and high throughput requirements. DBST is a 128-bit block cipher supporting 64-bit key, which is based on a new generalized Feistel variant structure. It retains the consistency and significantly boosts the diffusion of the traditional Feistel structure. The SubColumns of round function is implemented by combining bit-slice technology with subkeys. The S-box is dynamically associated with the key. It has been demonstrated that DBST has a good avalanche effect, low hardware area, and high throughput. Our S-box has been proven to have fewer differential features than RECTANGLE S-box. The security analysis of DBST reveals that it can against impossible differential attack, differential attack, linear attack, and other types of attacks.     

MIBS-64算法的三子集中间相遇攻击

MIBS算法于2009年在CANS会议上提出,是一个32轮Feistel结构、64比特分组长度以及包含64比特、80比特两种主密钥长度的轻量级分组密码.针对该算法密钥编排中第1轮到第11轮子密钥之间存在部分重复和等价关系,本文首次完成了MIBS-64的11轮三子集中间相遇攻击,数据复杂度为2^[47],存储复杂度为2^[47]64-bit,时间复杂度为2^[62.25]次11轮加密.与目前已有的对MIBS-64算法的中间相遇攻击相比,将攻击轮数由10轮扩展至11轮,刷新了该算法在中间相遇攻击下的安全性评估结果.     

Piccolo算法的差分故障分析

Piccolo算法是CHES 2011上提出的一个轻量级分组密码算法,它的分组长度为64- bit,密钥长度为80/128-bit,对应迭代轮数为25/31轮.Piccolo算法采用一种广义Feistel结构的变种,轮变换包括轮函数S-P-S和轮置换RP,能够较好地抵抗差分分析、线性分析等传统密码攻击方法.该文将Piccolo算法的S-P-S函数视为超级S盒(Super Sbox),采用面向半字节的随机故障模型,提出了一种针对Piccolo-80算法的差分故障分析方法.理论分析和实验结果表明:通过在算法第24轮输入的第1个和第3个寄存器各诱导1次随机半字节故障,能够将Piccolo-80算法的密钥空间缩小至约22-bit.因此,为安全使用Piccolo算法,在其实现时必须做一定的防护措施.     

简化轮LBlock的密钥中比特检测及分析

LBlock密码算法是近来提出的一类轻量级分组加密算法。利用LBlock算法的结构特点,结合立方检测的基本思想,设计2个密钥中比特捕获算法,对LBlock算法输出所涉及的密钥比特个数情况进行分析。9轮简化LBlock的每个输出比特全部卷入所有的主密钥比特信息,在18维立方变元下,11轮简化LBlock的输出累加中每个比特全部卷入所有的主密钥比特信息。上述2轮简化LBlock均不存在密钥中比特。研究结果表明,全轮LBlock密码算法具有稳固的密钥信息扩散及混淆性,足以抵抗经典立方攻击。     

A note on quantum related-key attacks

In a basic related-key attack against a block cipher, the adversary has access to encryptions under keys that differ from the target key by bit-flips. In this short note we show that for a quantum adversary such attacks are quite powerful: if the secret key is (i) uniquely determined by a small number of plaintext–ciphertext pairs, (ii) the block cipher can be evaluated efficiently, and (iii) a superposition of related keys can be queried, then the key can be extracted efficiently.     

ZF-02分组密码算法的设计与分析

提出了一种以换位变换为核心的分组密码算法(ZF-02算法)．该算法的分组长度为128bits，密钥长度可变．其加解密算法的基本结构可归结为：密钥控制下的入口状态复合换位变换、非线性性能良好的可逆置换和密钥控制下的出口状态复合换位变换．该算法逻辑结构简洁规范，而且易于在软、硬件及多种环境下实现．文中给出了算法的加解密流程和必要的数据参数表，并对其安全性做了基本分析，结果表明它拥有相当好的安全性．