...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Designs, Codes and Crytography >MILP-aided cube-attack-like cryptanalysis on Keccak Keyed modes
【24h】

MILP-aided cube-attack-like cryptanalysis on Keccak Keyed modes

机译:在Keccak键控模式下进行MILP辅助的类似于立方体攻击的密码分析

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Cube-attack-like cryptanalysis was proposed by Dinur et al. at EUROCRYPT 2015, which recovers the key of Keccak keyed modes in a divide-and-conquer manner. In their attack, one selects cube variables manually, which leads to more key bits involved in the key-recovery attack, so the complexity is too high unnecessarily. In this paper, we introduce a new MILP model and make the cube attacks better on the Keccak keyed modes. Using this new MILP tool, we find the optimal cube variables for Keccak-MAC, Keyak and Ketje, which makes that a minimum number of key bits are involved in the key-recovery attack. For example, when the capacity is 256, we find a new 32-dimension cube for Keccak-MAC that involves only 18 key bits instead of Dinur et al.'s 64 bits and the complexity of the 6-round attack is reduced to 242 from 266. More impressively, using this new tool, we give the very first 7-round key-recovery attack on Keccak-MAC-512. We get the 8-round key-recovery attacks on Lake Keyak in nonce-respected setting. In addition, we get the best attacks on Ketje Major/Minor. For Ketje Major, when the length of nonce is 9 lanes, we could improve the best previous 6-round attack to 7-round. Our attacks do not threaten the full-round (12) Keyak/Ketje or the full-round (24) Keccak-MAC. When comparing with Huang et al.'s conditional cube attack, the MILP-aided cube-attack-like cryptanalysis has larger effective range and gets the best results on the Keccak keyed variants with relatively smaller number of degrees of freedom.
机译:Dinur等人提出了类似多维数据集攻击的密码分析方法。在EUROCRYPT 2015上,它以分而治之的方式恢复了Keccak键控模式的键。在攻击中,人们手动选择多维数据集变量,这导致密钥恢复攻击中涉及更多的密钥位,因此不必要地增加了复杂性。在本文中,我们介绍了一种新的MILP模型,并使Keccak键控模式下的多维数据集攻击更好。使用此新的MILP工具,我们找到了Keccak-MAC,Keyak和Ketje的最佳多维数据集变量,这使得密钥恢复攻击中涉及的密钥位数最少。例如,当容量为256时,我们为Keccak-MAC找到了一个新的32维多维数据集,它仅涉及18个密钥位,而不是Dinur等人的64位,并且6轮攻击的复杂性降低到242从266开始。更令人印象深刻的是,使用此新工具,我们对Keccak-MAC-512进行了第一个7轮密钥恢复攻击。我们在现时尊重的情况下对Keyak湖进行了8轮密钥恢复攻击。此外,我们对Ketje Major / Minor的攻击最佳。对于Ketje Major,当随机数长度为9车道时,我们可以将之前最好的6轮进攻提高到7轮。我们的攻击不会威胁到全轮(12)的Keyak / Ketje或全轮(24)的Keccak-MAC。与Huang等人的条件立方体攻击相比,MILP辅助的立方体攻击式密码分析具有更大的有效范围,并且在自由度相对较小的Keccak键控变体上获得了最佳结果。

著录项

  • 来源
    《Designs, Codes and Crytography》 |2019年第6期|1271-1296|共26页
  • 作者

    Bi Wenquan; Dong Xiaoyang; Li Zheng; Zong Rui; Wang Xiaoyun;

  • 作者单位

    Shandong Univ, Minist Educ, Key Lab Cryptol Technol & Informat Secur, Jinan 250100, Shandong, Peoples R China;

    Tsinghua Univ, Inst Adv Study, Beijing 100084, Peoples R China;

    Shandong Univ, Minist Educ, Key Lab Cryptol Technol & Informat Secur, Jinan 250100, Shandong, Peoples R China;

    Shandong Univ, Minist Educ, Key Lab Cryptol Technol & Informat Secur, Jinan 250100, Shandong, Peoples R China;

    Shandong Univ, Minist Educ, Key Lab Cryptol Technol & Informat Secur, Jinan 250100, Shandong, Peoples R China|Tsinghua Univ, Inst Adv Study, Beijing 100084, Peoples R China;

  • 收录信息 美国《科学引文索引》(SCI);美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    Keccak-MAC; Keyak; Ketje; MILP; Cube attack;

    机译:Kekkak-mac;keyah;cutche;milp;立方攻击;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号