《计算机应用研究》|Application Research of Computers

改进的10轮Kalyna-128/256中间相遇攻击

Improved meet-in-the-middle attacks on 10-round Kalyna-128/256

免费全文下载 (已被下载 次)  
获取PDF全文
作者 刘亚,占婷婷,姒宏明,李玮,刘志强
机构 1.上海理工大学 a.光电信息与计算机工程学院;b.上海市现代化光学重点实验室,上海 200093;2.上海交通大学 计算机科学与工程系,上海 200240;3.东华大学 计算机科学与技术学院,上海 201620;4.上海市信息安全综合管理技术研究重点实验室,上海 200240
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2020)07-039-2112-05
DOI 10.19734/j.issn.1001-3695.2018.12.0942
摘要 分组密码Kalyna在2015年6月被确立为乌克兰的加密标准,它的分组长度为128 bit、256 bit和512 bit,密钥长度与分组长度相等或者是分组长度的2倍,记为Kalyna-b/2b。为了保证该算法在实际环境中能安全使用,必须对其抵抗当下流行的攻击方法中的中间相遇攻击的能力进行评估。通过研究Kalyna-128/256轮密钥之间的线性关系,再结合多重集、差分枚举和相关密钥筛选等技巧构造了四条6轮中间相遇区分器链,在此区分器前端接1轮后端接3轮,再利用时空折中实现了对10轮Kalyna-128/256的中间相遇攻击,攻击所需的数据、时间和存储复杂度分别为2<sup>111</sup>个选择明文、2<sup>238.63</sup>次10轮加密和2<sup>222</sup>个128 bit块。将之前10轮Kalyna-128/256中间相遇攻击最优结果的数据、时间和存储复杂度分别降低了2<sup>4</sup>倍、2<sup>14.67</sup>倍和2<sup>26.8</sup>倍。
关键词 Kalyna; 多重集; 中间相遇攻击
基金项目 国家“十三五”密码发展基金理论课题资助项目(MMJJ20180202)
信息保障技术重点实验室开放基金资助项目(KJ-17-008)
本文URL http://www.arocmag.com/article/01-2020-07-039.html
英文标题 Improved meet-in-the-middle attacks on 10-round Kalyna-128/256
作者英文名 Liu Ya, Zhan Tingting, Si Hongming, Li Wei, Liu Zhiqiang
机构英文名 1.a.College of Optical-Electronic & Computer Engineering,b.Shanghai Key Laboratory of Modern Optical System,University of Shanghai for Science & Technology,Shanghai 200093,China;2.Dept. of Computer Science & Engineering,Shanghai Jiao Tong University,Shanghai 200240,China;3.School of Computer Science & Technology,Donghua University,Shanghai 201620,China;4.Shanghai Key Laboratory of Integrate Administration Security,Shanghai 200240,China
英文摘要 The Kalyna block cipher has recently been selected as the Ukranian encryption standard in June, 2015. It supports block sizes of 128 bit, 256 bit, and 512 bit, and key sizes of 128 bit, 256 bit, and 512 bit. Among them, the key size can be equal to or twice as the block length, denoted by Kalyna-b/2b. In order to apply it safely in the real systems, the researchers should evaluate the security of Kalyna against the meet-in-the-middle attack which is one of the currently popular attacks. This paper researched the key schedule of Kalyna-128/256 to obtain some linear relationships among round keys. Based on them, it constructed four 6-round distinguishers by using multisets, differential enumerations and key-dependent sieve techniques. Through appending one round at its top and three rounds at its bottom, it mounted a meet-in-the-middle attack on 10-round Kalyna-128/256. In order to reduce the time complexity of online phase, it applied the time-memory tradeoff technique. Finally, the data, time and memory complexities of attack are 2<sup>111</sup> chosen plaintexts, 2<sup>238.63</sup> 8-round encryptions and 2<sup>222</sup> 128 bit blocks, respectively. The results show that compared with the previously best known meet-in-the-middle attack on 10-round Kalyna-128/256, the data, time and memory complexities are reduced by 2<sup>4 </sup> times, 2<sup>14.67</sup> times and 2<sup>26.8</sup> times, respectively.
英文关键词 Kalyna; multiset; meet-in-the-middle attacks
参考文献 查看稿件参考文献
 
收稿日期 2018/12/18
修回日期 2019/2/21
页码 2112-2116,2122
中图分类号 TP309.2
文献标志码 A