对CRYPTON V1.0算法的积分攻击

CRYPTONV1.0密码是一个具有128比特分组长度、128比特密钥的分组密码。CRYP-TONV1.0密码的线性层是基于比特设计的,因而传统的积分攻击无法对其进行分析。本文对CRYP-TONV1.0密码进行分析,从比特的层面上寻找平衡性,得到了一个3轮积分区分器,区分器的可靠性在PC机上进行了验证,该区分器需要1024个明文将3轮CRYPTONV1.0与随机置换区分开来,并且所得密文的每一比特都是平衡的。基于该区分器,对低轮CRYPTONV1.0密码进行了攻击,结果表明,攻击4轮CRYPTONV1.0密码的数据复杂度为211,时间复杂度为223,攻击5轮的数据复杂度为212.4,时间复杂度为253。

New Integral Attack on CRYPTON V1.0

CRYPTON V1.0 is a block cipher with a 128-bit block size and a 128-bit key size.The linear layer of CRYPTON V1.0 is designed based on bits,therefore integral attacks in a traditional way are of no value.In this paper,CRYPTON V1.0 is analyzed.We trace the propagation of the plaintext structure at the bit-level to obtain the property,present a 3-round distinguisher and test it on the PC.In the distinguisher,1024 chosen plaintexts are encrypted by a 3-round cipher,and each bit of the cipher text is balanced.Based on this distinguisher,the reduced-round CRYPTON V1.0 is attacked.The result shows a 4-round attack needs 211 chosen plaintexts and 223 encryptions,a 5-round attack needs 212.4 chosen plaintexts and 253 encryptions.