共查询到20条相似文献,搜索用时 78 毫秒
1.
2.
在传统的积分密码分析中,积分区分器都是以概率1成立的.虽然Knudsen等学者提到过:“就像差分一样,积分也可以是概率的”,但是,没有文献报道过进一步的研究.文中对此问题进行了探讨,提出了概率积分密码分析方法,并从理论和实验两方面验证了概率积分分析方法的有效性.对于采用S盒设计的分组密码,文中证明了如果S盒的差分均匀性越接近随机概率,则分组密码抵抗概率积分密码分析的能力就越强.同时,文中指出高阶积分分析的某些技巧对于概率积分分析是行不通的,主要原因是随着求和变量个数的增加,积分特征概率趋近于随机概率.最后,文中通过对AES和LBlock这两个算法的概率积分分析实例,说明目前广泛使用的分组密码算法对于概率积分密码分析方法都是免疫的. 相似文献
3.
4.
5.
演化密码是我国学者提出的一种新型密码.文中对演化密码对抗多重线性密码分析的能力进行研究,研究表明演化密码对抗多重线性攻击方面的能力高于普通固定算法密码.文中介绍了基于对数似然比(LLR)统计方法的两种多重线性密码分析方法,这两种方法利用多个线性逼近式分别扩展了Matsui最初提出的线性攻击算法1和算法2.在考察这两种算法的数据复杂度N、比特优势a,以及预期成功率PS三者关系的基础上,证明了在比特优势和预期成功率相同的条件下,攻击演化密码的数据复杂度大于攻击固定算法密码的数据复杂度,并论述了在数据复杂度N相同的情况下,攻击演化密码的时间复杂度和空间复杂度都明显高于攻击固定算法密码的情形.这表明演化密码在对抗多重线性攻击方面的安全性高于固定算法密码. 相似文献
6.
对15个AE候选算法之一的MAGENTA算法进行了差分密码分析,利用的是MAGENTA算法的结构缺陷,结果显示:利用算法1和算法2攻击MAGENT算法,所需的选择明密文对分别为2^70和2^64。 相似文献
7.
8.
9.
到目前为止,还没有利用构造多个逼近方程来实现B.S.Kaliski和M.J.B.Robshaw的多重线性逼近的例子。利用Mastui构造的线性组合传递链是周期为8的线性组合传递链这个特点,选取该线性组合传递链的8个不同起点,就可由该线性组合传递链构造出8条新的线性组合传递链,再加上其对偶的线性组合传递链,共可构造出16条线性组合传递链,利用它们可实现对DES的密钥比特进行攻击。 相似文献
10.
由标准哈希算法SHA-2演变面来的SHACAL-2是新当选的3个欧洲分组密码标准算法中分组长度和密钥长度最长的算法,其安全强度被认为最高。提案沿袭单向哈希函数的形式来描述算法,文章以分组密码传统的规范形式刻画SHACAL-2算法的完整加密过程,指出算法扩散特性较差的缺点,给出分组密码算法加密过程与哈希算法压缩过程的对应关系,并提供了算法的详细解密过程和相应的加解密数据,为算法实现提供参照:补充了相应的轮常数;进一步研究了长分组长度和密钥长度的必要性。指出算法加解密结构不具有相似性。最后,对欧美4个分组密码标准进行了比较分析。 相似文献
11.
In 1999, Liaw proposed a new broadcasting cryptosystem, which requires smaller bandwidth as compared to the previously proposed broadcasting cryptosystems. However, this article will show that the proposed system is insecure enough by presenting a conspiracy attack on it. We will also point out some ambiguous problems in Liaw's paper. Moreover, we propose an improved broadcasting cryptosystem, which is a slight modification of the proposed system to overcome the conspiracy attack. 相似文献
12.
13.
In 1998, Chung and Chang proposed a new method to encrypt binary images. When compared to its predecessors, their method can actually obtain better compression ratio by putting different scan patterns at the same level in the scan tree structure and using the two-dimensional run-encoding technique. However, their scheme seems to be quite vulnerable to attacks if it uses the same key to encrypt different images. In this paper, we show that their scheme can be broken with some pairs of plain image and cipher image. 相似文献
14.
Cryptanalysis of an EPC Class-1 Generation-2 standard compliant authentication protocol 总被引:1,自引:0,他引:1
Pedro Peris-Lopez Julio C. Hernandez-Castro 《Engineering Applications of Artificial Intelligence》2011,24(6):1061-1069
Recently, Chen and Deng (2009) proposed an interesting new mutual authentication protocol. Their scheme is based on a cyclic redundancy code (CRC) and a pseudo-random number generator in accordance with the EPC Class-1 Generation-2 specification. The authors claimed that the proposed protocol is secure against all classical attacks against RFID systems, and that it has better security and performance than its predecessors. However, in this paper we show that the protocol fails short of its security objectives, and in fact offers the same security level than the EPC standard it tried to correct. An attacker, following our suggested approach, will be able to impersonate readers and tags. Untraceability is also not guaranteed, since it is easy to link a tag to its future broadcast responses with a very high probability. Furthermore, readers are vulnerable to denial of service attacks (DoS), by obtaining an incorrect EPC identifier after a successful authentication of the tag. Moreover, from the implementation point of view, the length of the variables is not compatible with those proposed in the standard, thus further discouraging the wide deployment of the analyzed protocol. Finally, we propose a new EPC-friendly protocol, named Azumi, which may be considered a significant step toward the security of Gen-2 compliant tags. 相似文献
15.
16.
An attack on a recently proposed authentication scheme of Shpilrain and Ushakov is presented. The public information allows the derivation of a system of polynomial equations for the secret key bits. Our attack uses simple elimination techniques to distill linear equations. For the proposed parameter choice, the attack often finds secret keys or alternative secret keys within minutes with moderate resources. 相似文献
17.
18.
Santanu Sarkar 《Information Processing Letters》2010,110(5):178-340
In this paper, we consider RSA with N=pq, where p,q are of same bit size, i.e., q<p<2q. We study the weaknesses of RSA when multiple encryption and decryption exponents are considered with same RSA modulus N. A decade back, Howgrave-Graham and Seifert (CQRE 1999) studied this problem in detail and presented the bounds on the decryption exponents for which RSA is weak. For the case of two decryption exponents, the bound was N0.357. We have exploited a different lattice based technique to show that RSA is weak beyond this bound. Our analysis provides improved results and it shows that for two exponents, RSA is weak when the RSA decryption exponents are less than N0.416. Moreover, we get further improvement in the bound when some of the most significant bits (MSBs) of the decryption exponents are same (but unknown). 相似文献
19.
20.
Cryptanalysis of simple three-party key exchange protocol 总被引:1,自引:0,他引:1
Recently, Lu and Cao published a novel protocol for password-based authenticated key exchanges (PAKE) in a three-party setting in Journal of Computers and Security, where two clients, each shares a human-memorable password with a trusted server, can construct a secure session key. They argued that their simple three-party PAKE (3-PAKE) protocol can resist against various known attacks. In this paper, we show that this protocol is vulnerable to a kind of man-in-the-middle attack that exploits an authentication flaw in their protocol and is subject to the undetectable on-line dictionary attack. We also conduct a detailed analysis on the flaws in the protocol and provide an improved protocol. 相似文献