共查询到20条相似文献,搜索用时 15 毫秒
1.
The related-key impossible boomerang cryptanalysis and the strength of the lightweight block cipher LBlock against this method were investigated.A new attack on 22-round LBlock was presented combining impossible boomerang attacks with related-key attacks.A 15-round related-key impossible boomerang distinguisher was constructed.Based on the new distinguisher,an attack on 22-round LBlock was mounted successfully by concatenating 3-round to the beginning and 4-round to the end.The attack on 22-round LBlock required data complexity of only 251.3plaintexts and computational complexity of about 2 71.5422-round encryptions.Compared with published cryptanalysis results on 22-round LBlock,proposed attack has great advantages on data and computational complexities. 相似文献
2.
In order to evaluate the security of the lightweight block cipher TWINE,the method of related-key impossible boomerang cryptanalysis was applied and a related-key impossible boomerang distinguisher consisting of 16-round and 17-round paths was constructed.Based on this new distinguisher,an attack on 23-round TWINE was mounted successfully by concatenating 4-round to the beginning and 2-round for the 17-round path and 3-round for the 16-round path to the end respectively.The attack on 23-round TWINE required data complexity of only 2 62.05plaintexts and computational complexity of about 2 70.4923-round encryptions.Compared with published cryptanalysis results,the proposed attack has obvious advantages. 相似文献
3.
I-PRESENT was a lightweight SPN block cipher for resource-constraint environments such as RFID tags and sensor networks.The biclique structures of I-PRESENT with sieve-in-the-middle technique was an constracted.The biclique cryptanalysis schemes on full-round I-PRESENT-80 and I-PRESENT-128 were proposed for the first time.The results show that the data complexity of the biclique cryptanalysis on I-PRESENT-80 and I-PRESENT-128 is 2 26 and 236 chosen ciphertexts respectively,and the time complexity on them is 2 79.48 and 2 127.33 encryptions respectively.The time and data complexity are better than that of the exhaustive attack.In addition,the time complexity on them can be reduced to 2 78.61 and 2126.48 encryptions by using related-key technology of I-PRESENT. 相似文献
4.
5.
6.
Hamid Mala Mohammad Dakhilalian Mohsen Shakiba 《International Journal of Communication Systems》2012,25(4):415-426
mCrypton is a 64‐bit lightweight block cipher designed for use in low‐cost and resource‐constrained applications such as RFID tags and sensors in wireless sensor networks. In this paper, we investigate the strength of this cipher against related‐key impossible differential cryptanalysis. First, we construct two 6‐round related‐key impossible differentials for mCrypton‐96 and mCrypton‐128. Then, using these distinguishers, we present 9‐round related‐key impossible differential attacks on these two versions. The attack on mCrypton‐96 requires 259.9 chosen plaintexts, and has a time complexity of about 274.9 encryptions. The data and time complexities for the attack on mCrypton‐128 are 259.7 chosen plaintexts and 266.7 encryptions, respectively. Copyright © 2011 John Wiley & Sons, Ltd. 相似文献
7.
Unified Impossible Differential (UID) cryptanalysis is a systematic method for finding impossible differentials for block ciphers. Regarding to the problem of automatically retrieving the impossible differential characteristics of block ciphers, with the use of particular intermediate difference state expression, UID gets the same or better results compared with other present cryptanalysis results. ARIA is a Korean block cipher expecting that there are no impossible differentials on four or more rounds. Based on a property of the Diffusion Layer (DL) of ARIA, a specific selection is used before conflict searching to optimize. UID is applied to ARIA, and 6 721 impossible differential chains are found. The length of those chains is four rounds, the same as existing results, but more varied in form. Moreover, ARIA is a Substitution-Permutation Network (SPN), not a Feistel structure or generalized Feistel structure as UID was applied to before. 相似文献
8.
Substitution-permutation networks resistant to differential and linear cryptanalysis 总被引:2,自引:0,他引:2
In this paper we examine a class of product ciphers referred to as substitution-permutation networks. We investigate the resistance of these cryptographic networks to two important attacks: differential cryptanalysis and linear cryptanalysis. In particular, we develop upper bounds on the differential characteristic probability and on the probability of a linear approximation as a function of the number of rounds of substitutions. Further, it is shown that using large S-boxes with good diffusion characteristics and replacing the permutation between rounds by an appropriate linear transformation is effective in improving the cipher security in relation to these two attacks.This work was supported by the Natural Sciences and Engineering Research Council of Canada and the Telecommunications Research Institute of Ontario, and was presented at the rump session of CRYPTO '93. Howard Heys is now with Electrical Engineering, Faculty of Engineering and Applied Science, Memorial University of Newfoundland, St. John's, Newfoundland, Canada A1B 3X5. 相似文献
9.
10.
该文研究了LBlock分组密码算法在相关密钥-不可能差分条件下的安全性.利用子密钥生成算法的差分信息泄漏规律,构造了多条低重量子密钥差分链,给出了15轮相关密钥-不可能差分区分器.通过扩展区分器,给出了23轮和24轮LBlock算法的相关密钥-不可能差分攻击方法.攻击所需的数据复杂度分别为265.2和265.6个选择明文,计算复杂度分别为266.2次23轮LBlock算法加密和266.6次24轮LBlock算法加密,存储复杂度分别为261.2和277.2字节存储空间.与已有结果相比,首次将针对LBlock算法的攻击扩展到了23轮和24轮. 相似文献
11.
介绍了AES的一个候选算法——Twofish,它是一个128位分组加密算法.该密码由一个16圈的Feistel网络构成.描述了Twofish的加解密过程及子密钥生成过程,同时对其性能和抗攻击能力作了分析. 相似文献
12.
13.
Mohsen Shakiba Mohammad Dakhilalian Hamid Mala 《International Journal of Communication Systems》2015,28(8):1401-1418
In recent years, because of the security requirements of resource‐constrained devices, design and analysis of lightweight block ciphers has received more attention. mCrypton is a lightweight block cipher that has been specifically designed for using in resource‐constrained devices, such as low‐cost radio‐frequency identification tags and sensors. In this paper, we consider cryptanalysis of full‐round mCrypton‐64 using a new extension of biclique attack called non‐isomorphic biclique cryptanalysis. As it is known, effectiveness of the biclique attack is highly dependent to the weakness of key schedule, and it does not seem to be appropriate for block ciphers with strong key scheduling. The non‐isomorphic biclique attack, using an asymmetric key partitioning technique, provides more degrees of freedom to the attacker and makes it possible to use the diffusion layer properties of a block cipher for constructing longer bicliques. Results show that the attack on full‐round mCrypton requires 233.9 chosen plaintexts and a time complexity of 262.67 encryptions. The computational complexity reduces to 262.3, 261.4, and 259.75 encryptions for 10, 8, and 6 rounds of mCrypton‐64, respectively. We also have a discussion on the general form of the computational complexity for non‐isomorphic biclique cryptanalysis. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
14.
15.
16.
17.
18.
LiCi是由Patil等人(2017)提出的轻量级分组密码算法。由于采用新型的设计理念,该算法具有结构紧凑、能耗低、占用芯片面积小等优点,特别适用于资源受限的环境。目前该算法的安全性备受关注,Patil等人声称:16轮简化算法足以抵抗经典的差分攻击及线性攻击。该文基于S盒的差分特征,结合中间相遇思想,构造了一个10轮的不可能差分区分器。基于此区分器,向前后各扩展3轮,并利用密钥编排方案,给出了LiCi的一个16轮的不可能差分分析方法。该攻击需要时间复杂度约为283.08次16轮加密,数据复杂度约为259.76选择明文,存储复杂度约为276.76数据块,这说明16轮简化的LiCi算法无法抵抗不可能差分攻击。 相似文献
19.