电子学报 ›› 2017, Vol. 45 ›› Issue (6): 1367-1374.DOI: 10.3969/j.issn.0372-2112.2017.06.013

• 学术论文 • 上一篇    下一篇

嵌套SP网络的New-Structure系列结构的零相关线性逼近与不可能差分性质研究

付立仕, 崔霆, 金晨辉   

  1. 解放军信息工程大学, 河南郑州 450001
  • 收稿日期:2015-10-22 修回日期:2016-01-27 出版日期:2017-06-25
    • 作者简介:
    • 付立仕 女,1989年生于河南南阳.现为解放军信息工程大学密码工程学院博士研究生.主要研究方向为分组密码的设计与分析.E-mail:15036018167@163.com;崔霆 男,1985年生于安徽铜陵.现为解放军信息工程大学讲师.主要研究方向为分组密码.E-mail:cuiting_1209@126.com;金晨辉 男,1965年生于河南周口.现为解放军信息工程大学教授、博士生导师.主要研究方向为密码学.E-mail:jinchenhui@126.com
    • 基金资助:
    • 国家自然科学基金 (No.61272488,No.61402523)

Zero Correlation Linear Approximations and Impossible Differentials of New-Structure Series with SP Networks

FU Li-shi, CUI Ting, JIN Chen-hui   

  1. PLA Information Engineering University, Zhengzhou, Henan 450001, China
  • Received:2015-10-22 Revised:2016-01-27 Online:2017-06-25 Published:2017-06-25
    • Supported by:
    • National Natural Science Foundation of China (No.61272488, No.61402523)

摘要:

分组密码的安全性分析是密码学的重要研究内容,其中不可能差分分析和零相关线性分析是密码算法安全性分析的重要方法.本文利用中间相错方法,通过对扩散层进行限制,给出了嵌套SP网络的New-Structure 系列结构的零相关线性逼近.给出了New-Structure I和New-Structure IV结构中概率非零的差分传递链和相关优势非零的线性逼近传递链在结构上的一致性.此外也给出了嵌套SP网络New-Structure I、III的16/22轮不可能差分特征.最后给出在分组规模和密钥规模均为128比特时,对New-Structure I,III,IV进行21/28/22轮的不可能差分攻击和19/28/22轮的多维零相关线性逼近攻击所需要的时间复杂度和数据复杂度.本文的结果对基于New-Structure结构设计的密码算法的安全性分析提供了理论依据.

关键词: 信息安全, 不可能差分分析, 零相关线性分析, New-Structure系列

Abstract:

The security analysis of block cipher is an important respect in cryptology.Impossible differential analysis and zero-correlation linear cryptanalysis are important methods to evaluate the security of cryptographic algorithms.Based on miss-in-the-middle method and the restrictions on the diffusion layer,this paper gives the zero correlation linear approximations for New-Structure series with SP networks.This paper also presents the consistency between the structures of the differential characteristic with nonzero probability and linear approximation with nonzero correlation coefficient in New-Structure I and New-Structure IV.Moreover,this paper gives the 16/22-round impossible differentials for New-Structure I and III with SP networks respectively.Finally,when the block size and key size are both 128-bit,this paper gives the time complexities and data complexities of the 21/28/22-round impossible differential attack (resp.19/28/22-round multidimensional zero-correlation linear approximation attack) on New-Structure I,III,IV.The results provide theoretical foundations for one cryptographic algorithm based on New-Structure series.

Key words: information security, impossible differential cryptanalysis, zero-correlation linear cryptanalysis, New-Structure series

中图分类号: