轻量级分组密码算法ESF的相关密钥不可能差分分析

八阵图算法(ESF)是一种具有广义Feistel结构的轻量级分组密码算法，可用在物联网环境下保护射频识别(RFID)标签等资源受限的环境中，目前对该算法的安全性研究主要为不可能差分分析。该文通过深入研究S盒的特点并结合ESF密钥扩展算法的性质，研究了ESF抵抗相关密钥不可能差分攻击的能力。通过构造11轮相关密钥不可能差分区分器，在此基础上前后各扩展2轮，成功攻击15轮ESF算法。该攻击的时间复杂度为240.5次15轮加密，数据复杂度为261.5个选择明文，恢复密钥比特数为40 bit。与现有结果相比，攻击轮数提高的情况下，时间复杂度降低，数据复杂度也较为理想。

Related-key Impossible Differential Cryptanalysis on Lightweight Block Cipher ESF

Eight-Sided Fortress (ESF) is a lightweight block cipher with a generalized Feistel structure, which can be used in resource-constrained environments such as protecting Radio Frequency IDentification (RFID) tags in the internet of things. At present, the research on the security of ESF mainly adopts the impossible differential cryptanalysis. The ability of ESF to resist the related-key impossible differential cryptanalysis is studied based on the characteristics of its S-boxes and key schedule. By constructing an 11-round related-key impossible differential distinguisher, an attack on 15-round ESF is proposed by adding 2-round at the top and 2-round at the bottom. This attack has a time complexity of 240.5 15-round encryptions and a data complexity of 261.5 chosen plaintexts with 40 recovered key-bit. Compared with published results, the time complexity is decreased and the data complexity is ideal with the number of attack rounds increased.