|
|||||
|
|
| Piccolo算法的差分故障分析 | |
| 引用本文: | 赵光耀,李瑞林,孙兵,李超.Piccolo算法的差分故障分析[J].计算机学报,2012,35(9):1918-1926. |
| 作者姓名: | 赵光耀 李瑞林 孙兵 李超 |
| 作者单位: | 1. 国防科学技术大学计算机学院网络技术与信息安全研究所 长沙410073 2. 国防科学技术大学电子科学与工程学院 长沙410073 3. 国防科学技术大学理学院数学与系统科学系 长沙410073;中国科学院软件研究所信息安全国家重点实验室 北京100190 4. 国防科学技术大学计算机学院网络技术与信息安全研究所 长沙410073;国防科学技术大学理学院数学与系统科学系 长沙410073 |
| 基金项目: | 国家自然科学基金,信息安全国家重点实验室开放基金 |
| 摘 要: | Piccolo算法是CHES 2011上提出的一个轻量级分组密码算法,它的分组长度为64- bit,密钥长度为80/128-bit,对应迭代轮数为25/31轮.Piccolo算法采用一种广义Feistel结构的变种,轮变换包括轮函数S-P-S和轮置换RP,能够较好地抵抗差分分析、线性分析等传统密码攻击方法.该文将Piccolo算法的S-P-S函数视为超级S盒(Super Sbox),采用面向半字节的随机故障模型,提出了一种针对Piccolo-80算法的差分故障分析方法.理论分析和实验结果表明:通过在算法第24轮输入的第1个和第3个寄存器各诱导1次随机半字节故障,能够将Piccolo-80算法的密钥空间缩小至约22-bit.因此,为安全使用Piccolo算法,在其实现时必须做一定的防护措施. |
| 关 键 词: | 差分故障分析 超级S盒 轻量级分组密码 Piccolo算法 |
Differential Fault Analysis on Piccolo |
|
| ZHAO Guang-Yao , LI Rui-Lin , SUN Bing , LI Chao.Differential Fault Analysis on Piccolo[J].Chinese Journal of Computers,2012,35(9):1918-1926. | |
| Authors: | ZHAO Guang-Yao LI Rui-Lin SUN Bing LI Chao |
| Affiliation: | 1),3) 1)(Institute of Network Technology and Information Security,School of Computer,National University of Defense Technology,Changsha 410073)2)(School of Electronic Science and Engineering,National University of Defense Technology,Changsha 410073)3)(Department of Mathematics and System Science,Science College,National University of Defense Technology,Changsha 410073)4)(State Key Laboratory of Information Security,Institute of Software,Chinese Academy of Sciences,Beijing 100190) |
| Abstract: | Piccolo was proposed at CHES 2011 as a lightweight block cipher with block size 64-bit.The key size of Piccolo is 80-bit/128-bit,and the corresponding round number is 25/31.Piccolo adopts a variant of generalized Feistel structure,and its round transformation consists of the round function S-P-S and the round permutation PR.The designers show that Piccolo is resistant against most classical attacks,such as differential and linear cryptanalysis.This paper presents a first differential fault analysis on Piccolo-80 based on the random nibble-oriented fault model by treating the S-P-S function as a Super Sbox.Both the theoretical analysis and the experimental result demonstrate that the key space can be reduced from 80-bit to about 22-bit by injecting a fault at the first and third register in the 24th input respectively.This indicates that cryptographic devices supporting Piccolo should be carefully protected. |
| Keywords: | differential fault analysis Super Sbox lightweight block cipher Piccolo |
| 本文献已被 CNKI 万方数据 等数据库收录! | |