• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International Conference on Cryptology in India >Security Analysis of GFN: 8-Round Distinguisher for 4-Branch Type-2 GFN
【24h】

Security Analysis of GFN: 8-Round Distinguisher for 4-Branch Type-2 GFN

机译:GFN的安全性分析:4分支机构2 GFN的8轮聊区

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Generalized Feistel network (GFN) is a widely used design for encryption algorithm such as DES, IDEA and others. Generally, block ciphers are used not only for symmetric encryption but also as building blocks of cryptographic hash functions in modes such as Matyas-Meyer-Oseas (MMO) and Miyaguchi-Preneel. For these compression function modes, block ciphers are used with a key that is known to the attacker. Therefore a known-key distinguisher on the internal block cipher can be directly converted into a distinguisher on the compression function. In other words, the security of a compression mode relies on the security of the internal block cipher used. The security of the cipher in known-key setting is only due to the round function. Block ciphers popularly use sub-key XOR-ing followed by one or more SP-functions as the building block of a round function. The general understanding is that increasing the number of active S-boxes will cause more confusion and guarantee more secure ciphers against differential and linear cryptanalysis. In Indocrypt 2012, Sasaki compared the security of single-SP function with double-SP function and successfully mounted a distinguisher up to 7-round for 4-branch type-2 GFN with double-SP functions and up to 11-rounds of 2-branch single-SP functions by using the rebound attack technique. Based on the total number of S-boxes used and the number of rounds attacked, he argued that double-SP is in fact weaker than single-SP. The basis of this result is the number of rounds that the author could attack. In this work, we successfully increase the number of rounds attacked from 7 to 8 for 4-branch type-2 double-SP. The presented distinguisher is the first known distinguisher for 8 round 4-branch type-2 GFN with double SP-function. In our attack, we use an improved matching technique which is simpler than the byte-by-byte matching. This simple matching technique results in better complexity than the previously known 7 round distinguisher for most of the practical cases, allowing us to attack one extra round.
机译:广义Feistel网络(GFN)是一种广泛使用的加密算法设计,如des,Idea和其他。通常,块密码不仅用于对称加密,而且作为Matyas-Meyer-Oseas(MMO)和Miyaguchi-Preneel等模式中的加密散列函数的构建块。对于这些压缩功能模式,块密码与攻击者已知的密钥一起使用。因此,内部块密码上的已知关键区段器可以直接转换为压缩功能的频置。换句话说,压缩模式的安全性依赖于所用内部块密码的安全性。已知密钥设置中的密码的安全性仅是由于圆形功能。块密码流行地使用子密钥XOR-ING,然后使用一个或多个SP函数作为圆形功能的构建块。一般性的理解是增加有源S箱的数量会导致更加混乱,并保证更安全的差异和线性密码分析的密码。在Indocrypt 2012中,Sasaki将单SP功能的安全性与双SP功能相比,并成功安装了最多7轮的区分器,可使用双SP功能和高达11轮的2个GFN。使用反弹攻击技术分支单SP功能。根据所使用的S箱总数和攻击的轮次数量,他认为双重SP实际上比单级弱。这一结果的基础是作者可以攻击的轮次。在这项工作中,我们成功地增加了4分支类型2 Double-SP的7到8攻击的轮数。呈现的区分器是具有双SP功能的8轮4分支型GFN的第一个已知的频区。在我们的攻击中,我们使用改进的匹配技术,该技术比Byte-Byte匹配更简单。这种简单的匹配技术导致比先前已知的7个圆形遗料更好,因为大多数实际情况,允许我们恢复一轮。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号