RC4流密码算法的分析与改进

RC4流密码算法易受弱密钥攻击、区分攻击和错误引入攻击。针对上述攻击,提出了一种基于随机置换的改进算法,该算法采用动态的状态表进行非线性运算,扩展状态表中的元素的取值空间,密钥序列的输出由状态表的前一状态和后一状态共同决定,提高了算法的安全性。分析了改进算法的正确性、安全性以及抗攻击性。实验验证了改进算法的密钥流随机性和效率优于RC4算法。     

Proving empirical key-correlations in RC4

In view of the recent attacks on practical network protocols like WEP, WPA and TLS, there has been a renewed interest in the non-random behavior of RC4, the stream cipher that constitutes the core of all these protocols. While most of the non-random events in the cipher, more commonly known as ‘biases’, are initially reported as experimental observations, it is equally important to present theoretical proofs of such biases to justify the attacks based on these. In this paper, we provide theoretical proofs of all significant empirical correlations between the initial bytes of the RC4 keystream and its secret key, as experimentally observed by Sepehrdad, Vaudenay and Vuagnoux in SAC 2010.     

Cryptanalysis of Vigenere cipher using Cuckoo Search

Evolutionary techniques such as Genetic Algorithm (GA), Particle Swarm Optimization (PSO) and Cuckoo Search (CS) are promising nature-inspired meta-heuristic optimization algorithms. Cuckoo Search combined with Lévy flights behavior and Markov chain random walk can search global optimal solution very quickly. The aim of this paper is to investigate the applicability of Cuckoo Search algorithm in cryptanalysis of Vigenere cipher. It is shown that optimal solutions obtained by CS are better than the best solutions obtained by GA or PSO for the analysis of the Vigenere cipher. The results show that a Cuckoo Search based attack is very effective on the Vigenere cryptosystem.     

PRGA的初始状态与RC4算法的安全性

PRGA初始状态的取值情况对RC4算法的安全性具有决定意义,分析了PRGA初始状态的取值情况与RC4算法安全性的关系。在猜测赋值分析方法的基础上,提出了新的复杂度计算方法,从而解决了PRGA初始状态取值情况对应的破译RC4算法的复杂度问题。在已知初始状态的部分取值的情况下,该方法能够非常有效地计算出破译RC4算法的复杂度。     

对流密码RC4的区分攻击

在流密码体制下,RC4算法经过密钥初始化部分后所得的内部状态不是均匀分布的。为此,证明了算法密钥流第1个输出字分布的不均匀性,其等于186的概率为0.003 892 5。利用该输出字分布的不均匀性,给出改进的RC4区分攻击,攻击所需的数据为224 Byte,区分优势为0.84。通过实验验证了该区分攻击的有效性。     

RC4流密码与微软Office文档安全分析

根据微软官方文档、OpenOffice文档及wvWare实现等完全公开的信息,对RC4流密码及其在微软Office系列中的实现进行分析,认为Office97-2003所默认使用的40bit加密方式较不安全,通过结合Rainbow预计算攻击方法,证实其脆弱性。通过研究,建议不使用默认的“Office97／2000兼容”40bit加密,而采用更安全的“Microsoft Enhanced Cryptographic Provider”128bit加密,或者使用压缩软件进行二次加密,从而进一步提高安全性。     

基于分布式计算的RC4加密算法的暴力破解

加密算法的安全性很大程度上取决于暴力破解的不可行性。暴力破解加密算法是密码学的研究方向之一。本文采用分布式计算方法,设计了暴力破解RCA加密算法的软件。在局域网内实现了对40位的RCA算法的暴力破解,并对软件的破解速度进行了测试。测试结果表明,40住的RCA抵抗暴力攻击的能力是很脆弱的。因此,用RCA算法加密也是很不安全的。     

High speed architectures for Leviathan: a binary tree based stream cipher

Connectionless routed networks, built atop high-speed communication medium, require cryptographic algorithms capable of out-of-order keystream generation and high throughput. Binary tree based stream ciphers, of which Leviathan is an example, are capable of meeting both of these requirements. We investigate high-speed architectures for the binary tree traversal and show that the traversal approaches discussed can be extended to m-ary tree of height h. Of the two architectures presented, the pipeline architecture computes keystream at uniform rate and the parallel architecture bounds the worst-case variance in the time period between computations of consecutive output key words, which form the keystream. The design and implementation of Leviathan keystream generator based on the pipeline architecture for binary tree traversal are presented. We show that it is possible to achieve keystream generation rates approaching 1 Gbps with the pipeline architecture. The design was implemented in two parts, the keysetup and the keystream pipeline, targeting commercially available Xilinx XC2V4000 and XC2V3000 FPGAs. The keystream pipeline implementation operated at frequency of 50 MHz and occupied 6864 slices. The results were verified performing the timing simulation.     

对不同种子密钥长度的RC4算法的明文恢复攻击

针对不同种子密钥长度的RC4算法的明文恢复问题,提出了对经过不同种子密钥长度（8字节、16字节、22字节）的RC4算法加密的明文的明文恢复攻击。首先利用统计算法在2³²个不同种子密钥的条件下统计了RC4算法每个密钥流输出字节的t值分布,发现了RC4算法密钥流输出序列存在偏差;然后,利用单字节偏差规律和双字节偏差规律给出了对经RC4算法加密的明文的前256字节的攻击算法。实验结果表明,在密文量为2³¹的条件下,除了第4字节外,攻击算法能够以100%的成功率恢复明文的前196字节。对于种子密钥长度为8字节的RC4算法,前256字节的恢复成功率都超过了91%;相应的,种子密钥长度为16字节的RC4算法,前256字节的恢复成功率都超过87%;种子密钥长度为22字节的RC4算法,前256字节的恢复成功率都超过了81%。所提攻击算法拓展了原有攻击密钥长度为16字节的RC4算法的范围,且在实际应用中能够更好地恢复经RC4算法加密的明文。     

流密码算法RC4的教学设计

针对流密码算法RC4教学过程中存在难以理解的问题,在分析RC4算法的基础上,本文提出了一种基于摸球模型的RC4算法教学模型和教学过程,在密码学课程教学方面取得了良好的效果。     

一种混沌流密码算法设计与实现

提出了一种基于Logistic混沌映射的流密码算法,该算法利用混沌本身所具有的随机特性,提出了一种新的对混沌系统扰动的方法。通过编码算法以及在混沌随机序列数字化的基础上引入一种新的非线性变换算法,以抵抗对混沌流密码系统的各种攻击。经统计测试和相关分析,密钥序列具有较高的线性复杂度和良好的密码学特性。整个加密系统的周期性大、灵活性好,加密模型还可以推广到其他混沌系统。     

Security analysis of a new stream cipher

From 1st February of 2004, Europe launches the ECRYPT project, which collects lots of stream ciphers from all over the world. These new stream ciphers are unlike the tradi- tional stream ciphers that use LFSRs as basic building blocks; instead they use mo…     

Finding hot query patterns over an XQuery stream

Caching query results is one efficient approach to improving the performance of XML management systems. This entails the discovery of frequent XML queries issued by users. In this paper, we model user queries as a stream of XML query pattern trees and mine the frequent query patterns over the query stream. To facilitate the one-pass mining process, we devise a novel data structure called DTS to summarize the pattern trees seen so far. By grouping the incoming pattern trees into batches, we can dynamically mark the active portion of the current batch in DTS and limit the enumeration of candidate trees to only the currently active pattern trees. We also design another summary data structure called ECTree that provides for the incremental computation of the frequent tree patterns over the query stream. Based on the above two constructs, we present two mining algorithms called XQSMinerI and XQSMinerII. XQSMinerI is fast, but it tends to overestimate, while XQSMinerII adopts a filter-and-refine approach to minimize the amount of overestimation. Experimental results show that the proposed methods are both efficient and scalable and require only small memory footprints.Received: 17 October 2003, Accepted: 16 April 2004, Published online: 14 September 2004Edited by: J. Gehrke and J. Hellerstein.     

基于流密码的无线传感器网络安全若干问题管窥

由设置在具体地点的大量微型传感器所组成的无线传感器网络一般是通过监控并采集特定数据,对数据进行处理,进而逐级传输到用户端的方式来实现网络通信的.鉴于无线传感器网络的自主性和独立性,其安全性能至关重要.通常情况下,无线传感器网络的储存空间以及计算能力较低,攻击漏洞明显.本文通过分析基于流密码的无线传感器网络的若干安全问题,提出一种有效的网络安全方案.     

RC4密码的改进方法及其性能分析

针对RC4密码技术在工程应用中存在的弱密钥和相关密钥攻击、不变性弱点、数据流偏向性弱点等安全问题,提出一种将ECC技术与RC4技术相结合的方法。对改进后的RC4的数据处理效率、密钥管理、安全性能进行研究和分析。改进后的RC4技术在保证与RC4数据处理效率相近的同时,对当前针对RC4流密码的密码分析方法具有一定的抗攻击性。该技术较好地解决了密钥的共享和更新问题,具有重要的工程应用意义。     

Tweakable enciphering schemes using only the encryption function of a block cipher

A new construction of block cipher based tweakable enciphering schemes (TES) is described. The major improvement over existing TESs is that the construction uses only the encryption function of the underlying block cipher. Consequently, this leads to substantial savings in the size of hardware implementation of TES applications such as disk encryption. This improvement is achieved without loss in efficiency of encryption and decryption compared to previously known schemes. We further show that the same idea can also be used with a stream cipher which supports an initialization vector (IV) leading to the first example of a TES from such a primitive.     

分组密码算法SMS4的暴力破解及模拟实现

加密算法的安全性在很大程度上取决于暴力破解的不可行性。暴力破解加密算法是密码学研究的一个重要方向。该文采用分布式计算方法,设计了暴力破解SMS4加密算法的软件。在局域网内对SMS4算法的暴力破解做了模拟实现,并对软件的性能进行了测试。最后对软件及SMS4算法的暴力破解结果进行了分析,并指明了下一步的工作方向。     

一种新的密钥流发生器设计算法

流密码的安全性主要取决于密钥流的随机程度,如何构造随机性良好的密钥序列成为流密码所要研究的首要问题。该文借鉴已有的一些分组密码,如DES﹑RC5等设计中的某些产生良好非线性的方法,提出了一种产生伪随机密钥的方法,并对它们的随机性进行了理论分析。分析结果表明,该算法具有良好的安全性。