• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Designs, Codes and Crytography >Practical-time attacks against reduced variants of MISTY1
【24h】

Practical-time attacks against reduced variants of MISTY1

机译:针对MISTY1简化变体的实时攻击

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

MISTY1 is a block cipher designed by Matsui in 1997. It is widely deployed in Japan where it is an e-government candidate recommended cipher, and is recognized internationally as a NESSIE-recommended cipher as well as an ISO/IEC standard and an RFC. Moreover, MISTY1 was selected to be the blueprint on top of which KASUMI, the GSM/3G block cipher, was based. Since its introduction, and especially in recent years, MISTY1 was subjected to extensive cryptanalytic efforts, which resulted in numerous attacks on its reduced variants. Most of these attacks aimed at maximizing the number of attacked rounds, and as a result, their complexities are highly impractical. In this paper we pursue another direction, by focusing on attacks of practical time complexity. We present the first practical-time attack on 5-round MISTY1 which exploits only the linear functions, and thus, remains valid even if the non-linear functions are replaced. On the other extreme, we show the importance of the layers, by presenting a devastating (and experimentally verified) related-key attack that can break MISTY1 with no layers, requiring only data and time. While our attacks clearly do not compromise the security of the full MISTY1, they expose several weaknesses in the components used in MISTY1, and improve our understanding of its security. These insights are also applicable to future designs which rely on MISTY1 as their base, and should be taken into close consideration by designers.
机译:MISTY1是由Matsui于1997年设计的分组密码。它是在日本被电子政务候选人推荐的密码,在日本得到了广泛的部署,并被NESSIE推荐的密码,ISO / IEC标准和RFC享誉全球。此外,MISTY1被选为GSM / 3G分组密码KASUMI的蓝图。自从MISTY1推出以来,尤其是在最近几年,它进行了广泛的密码分析工作,从而对其简化的变体进行了多次攻击。这些攻击中的大多数旨在最大化被攻击的回合数,因此,其复杂性非常不切实际。在本文中,我们通过关注实际时间复杂度的攻击来寻求另一个方向。我们提出了对5轮MISTY1的第一次实际攻击,该攻击仅利用线性函数,因此即使替换了非线性函数也仍然有效。在另一个极端,我们通过提出具有破坏性的(并经过实验验证)相关密钥攻击来展示各层的重要性,这些攻击可以打破MISTY1而无需任何层,仅需要数据和时间即可。尽管我们的攻击显然不会损害整个MISTY1的安全性,但它们暴露了MISTY1中使用的组件中的一些弱点,并提高了我们对其安全性的了解。这些见解也适用于以MISTY1为基础的未来设计,设计者应予以认真考虑。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号