共查询到17条相似文献,搜索用时 107 毫秒
1.
研究了FOX分组密码算法在中间相遇攻击下的安全性。首先,分别构造了FOX64和FOX128的3轮中间相遇区分器,实施了6轮中间相遇攻击,得到对6轮FOX64和FOX128较好的攻击结果。其次,将FOX128的中间相遇区分器扩展到4轮,并结合时间存储数据折衷的方法,攻击了7轮FOX128,与已有的攻击结果相比,攻击的时间复杂度和存储复杂度略大,而数据复杂度明显降低。 相似文献
2.
3.
4.
5.
孙莹 《中国电子科学研究院学报》2022,(12):1190-1196
2004年,Pascal Junod和Serge Vaudenay提出了一个新的分组密码算法FOX,该算法采用了Lai-Massey结构。本文通过分析FOX128的整体结构,给出了FOX128算法不依赖于F函数具体选取方式的4轮不可能差分区分器。 相似文献
6.
分析研究了CIKS-128分组密码算法在相关密钥-差分攻击下的安全性.利用DDP结构和非线性函数的差分信息泄漏规律构造了一条高概率相关密钥-差分特征,并给出攻击算法,恢复出了192bit密钥;在此基础上,对剩余64bit密钥进行穷举攻击,恢复出了算法的全部256bit密钥.攻击所需的计算复杂度为277次CIKS-128算法加密,数据复杂度为277个相关密钥-选择明文,存储复杂度为225.4字节存储空间.分析结果表明,CIKS-128算法在相关密钥-差分攻击条件下是不安全的. 相似文献
7.
该文研究了LBlock分组密码算法在相关密钥-不可能差分条件下的安全性.利用子密钥生成算法的差分信息泄漏规律,构造了多条低重量子密钥差分链,给出了15轮相关密钥-不可能差分区分器.通过扩展区分器,给出了23轮和24轮LBlock算法的相关密钥-不可能差分攻击方法.攻击所需的数据复杂度分别为265.2和265.6个选择明文,计算复杂度分别为266.2次23轮LBlock算法加密和266.6次24轮LBlock算法加密,存储复杂度分别为261.2和277.2字节存储空间.与已有结果相比,首次将针对LBlock算法的攻击扩展到了23轮和24轮. 相似文献
8.
基于密钥编排故障的SMS4算法的差分故障分析 总被引:4,自引:1,他引:4
提出并讨论了一种针对SMS4密钥编排方案的差分故障攻击方法.该方法采用面向字节的随机故障模型,通过在SMS4算法的密钥编排方案中导入故障,仅需要8个错误密文即可恢复SMS4算法的128bit原始密钥.数学分析和实验结果表明,该方法不仅扩展了故障诱导的攻击范围,而且提高了故障诱导的攻击成功率,减少了错误密文数,为故障攻击其他分组密码提供了一种通用的分析手段. 相似文献
9.
10.
11.
This paper presents a method for differential collision attack of reduced FOX block cipher based on 4-round distinguishing property. It can be used to attack 5, 6 and 7-round FOX64 and 5-round FOX128. Our attack has a precomputation phase, but it can be obtained before attack and computed once for all. This attack on the reduced to 4-round FOX64 requires only 7 chosen plaintexts, and performs 242 .84-round FOX64 encryptions. It could be extended to 5 (6, 7)-round FOX64 by a key exhaustive search behind the fourth round. The time complexities of 5, 6 and 7-round FOX64 are approximate to 2106 .8, 2170 .8and 2234 .8, respectively. The attack on reduced FOX128 demands 11 chosen plain-texts, requires 2192one round encryptions in precomputation, performs approximately 276 .5 one round encryptions on 4-round FOX128, and is 2204 .5against 5-round FOX128. 相似文献
12.
GIFT,a lightweight block cipher proposed at CHES2017,has been widely cryptanalyzed this years.This paper studies the differential diffusion characteristics of round function of GIFT at first,and proposes a random nibble-based differential fault attack.The key recovery scheme is developed on the statistical properties we found for the differential distribution table of the S-box.A lot of experiments had been done and experimental results show that one round key can be retrieved with an average of 20.24 and 44.96 fault injections for GIFT-64 and GIFT-128 respectively.Further analysis shows that a certain number of fault injections recover most key bits.So we demonstrate an improved fault attack combined with the method of exhaustive search,which shows that the master key can be recovered by performing 216 and 217 computations and injecting 31 and 32 faults on an average for GIFT-64 and GIFT-128 respectively. 相似文献
13.
This paper presents a practical differential fault analysis method for the faulty Advanced Encryption Standard (AES) with a reduced round by means of a semi‐invasive fault injection. To verify our proposal, we implement the AES software on the ATmega128 microcontroller as recommended in the standard document FIPS 197. We reduce the number of rounds using a laser beam injection in the experiment. To deduce the initial round key, we perform an exhaustive search for possible key bytes associated with faulty ciphertexts. Based on the simulation result, our proposal extracts the AES 128‐bit secret key in less than 10 hours with 10 pairs of plaintext and faulty ciphertext. 相似文献
14.
A new method of differential fault attack was proposed,which was based on the nibble-group differential diffusion property of the lightweight block cipher TWINE.On the basis of the statistical regularity of the S-box differential distribution,the lower bound of the probability of recovering round key was calculated.Then expectation of number of fault injections when restoring seed key can be estimated.Theoretical proof and experimental results both show that an average of nine times of fault injections in 33,34 and 35 rounds bring about the seed key recovered completely.Finally,the improvement of the fault injection location was proposed,which enhances the feasibility of the genuine attack. 相似文献
15.
《电子学报:英文版》2016,(6):1019-1024
We present two fault injection attacks against the IC-Printing block cipher (PRINTcipher).The basic idea of our attack is to notice the property that by using some couples of input difference and output difference,the attacker can determine the permutation control key.To recover the permutation control key,one needs to inject at least 4 faults.It is needed at least 15 faults to reveal the whole key. 相似文献
16.
17.
FOX是最近推出的系列分组密码,它的设计思想基于可证安全的研究结果,且在各种平台上的性能优良.本文利用碰撞攻击和积分攻击相结合的技术分析FOX的安全性,结果显示碰撞-积分攻击比积分攻击有效,攻击对4轮FOX64的计算复杂度是245.4,对5轮FOX64的计算复杂度是2109.4,对6轮FOX64的计算复杂度是2173.4,对7轮FOX64的计算复杂度是2237.4,且攻击所需数据量均为29;也就是说4轮FOX64/64、5轮FOX64/128、6轮FOX64/192和7轮FOX64/256对本文攻击是不免疫的. 相似文献