| 流密码算法Grain 的立方攻击 |
| |
| 引用本文: | 宋海欣,范修斌,武传坤,冯登国. 流密码算法Grain 的立方攻击[J]. 软件学报, 2012, 23(1): 171-176 |
| |
| 作者姓名: | 宋海欣 范修斌 武传坤 冯登国 |
| |
| 作者单位: | 1. 中国科学院软件研究所信息安全国家重点实验室,北京 100190;中国科学院研究生院,北京 100049
2. 中国科学院软件研究所信息安全国家重点实验室,北京,100190 |
| |
| 摘 要: | Dinur和Shamir在2009年欧洲密码年会上提出了立方攻击的密码分析方法.Grain算法是欧洲序列密码工程eSTREAM最终入选的3个面向硬件实现的流密码算法之一,该算法密钥长度为80比特,初始向量(initial vector,简称IV)长度为64比特,算法分为初始化过程和密钥流产生过程,初始化过程空跑160拍.利用立方攻击方法对Grain算法进行了分析,在选择Ⅳ攻击条件下,若算法初始化过程空跑70拍,则可恢复15比特密钥,并找到了关于另外23比特密钥的4个线性表达式;若算法初始化过程空跑75拍,则可恢复1比特密钥.
|
| 关 键 词: | eSTREAM工程 流密码算法 Grain 立方攻击 密钥恢复 |
| 收稿时间: | 2010-10-26 |
| 修稿时间: | 2010-12-31 |
Cube Attack on Grain |
| |
| SONG Hai-Xin,FAN Xiu-Bin,WU Chuan-Kun and FENG Deng-Guo. Cube Attack on Grain[J]. Journal of Software, 2012, 23(1): 171-176 |
| |
| Authors: | SONG Hai-Xin FAN Xiu-Bin WU Chuan-Kun FENG Deng-Guo |
| |
| Affiliation: | 1(State Key Laboratory of Information Security,Institute of Software,The Chinese Academy of Sciences,Beijing 100190,China) 2(Graduate University,The Chinese Academy of Sciences,Beijing 100049,China) |
| |
| Abstract: | At EUROCRYPT 2009,Dinur and Shamir proposed a new type of algebraic attacks named cube attack.Grain is one of the 3 final hardware-oriented stream ciphers in the eSTREAM portfolio,which takes an 80-bit secret key and a 64-bit initial vector as input and produces its keystream after 160 rounds of initialization.Applying cube attack on Grain with 70 initialization rounds,the study finds that 15-bit secret key can be recovered and can find 4 linear equations on another 23 bits of the secret key.Moreover,1-bit secret key can be recovered by applying cube attack on Grain with 75 initialization rounds. |
| |
| Keywords: | eSTREAM project stream cipher Grain cube attack key recovery |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
