MORUS算法的抗碰撞性分析

關(guān)杰; 施泰榮; 李俊志; 張沛

doi:10.11999/JEIT161185

MORUS算法的抗碰撞性分析

doi: 10.11999/JEIT161185

基金項(xiàng)目:

國家自然科學(xué)基金(61572516, 61272041, 61272488)

計(jì)量
- 文章訪問數(shù): 1165
- HTML全文瀏覽量: 190
- PDF下載量: 284
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2016-11-03
- 修回日期: 2017-03-06
- 刊出日期: 2017-07-19

Analysis of MORUS Against Collision Attack

Funds:

The National Natural Science Foundation of China (61572516, 61272041, 61272488)

摘要

摘要: MORUS算法是CAESAR競賽第3輪的候選認(rèn)證加密算法之一，該文評估了MORUS-640-128算法對碰撞攻擊的安全性。由碰撞關(guān)系確定一系列非線性方程，采用分塊分析的方法，從非線性方程中找到消息字差分間的信息泄漏規(guī)律，首次給出了算法在兩步后發(fā)生碰撞的必要條件集，確定了輸入差分的字分布情況。在此基礎(chǔ)上，將碰撞的必要條件轉(zhuǎn)化成偽布爾函數(shù)最優(yōu)化問題，利用混合整數(shù)規(guī)劃模型進(jìn)行求解。實(shí)驗(yàn)結(jié)果顯示算法發(fā)生碰撞時，輸入差的漢明重量至少為28，其碰撞概率小于2-140 ，得到了比文獻(xiàn)[7]更緊致的概率上界(原為2-130)。結(jié)果表明MORUS-640-128算法具備良好的抗碰撞攻擊能力。
- CAESAR競賽 /
- MORUS算法 /
- 碰撞攻擊 /
- 差分重量下界
Abstract: MORUS is an authenticated stream cipher, which is selected is third-round candidate of the ongoing CAESAR competition. In this work, the security of MORUS-640-128 against collision attack is evaluated. The partition method is utilized to find the information leakage between the word differences of message in the nonlinear function determined by the collision. The necessary conditions of collision after two steps are proposed for the first time. The distribution of input difference is determined. Furthermore, necessary conditions are turned into Pseudo-Boolean optimization problems. With the usage of mixed integer programming, it is found that the weight of message difference must be higher than 28 with the collision probability less than 2-140 , which is a better upper bound than ref. [7] 2-130. The result shows that MORUS-640-128 has a good performance on resistance against collision attack.
- CAESAR competition /
- MORUS /
- Collision attack /
- Lower bound of difference weight

HTML全文

參考文獻(xiàn)(13)

BELLARE M and NAMPREMPRE C. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm[J]. Journal of Cryptology, 2008, 21(4): 469-491. doi: 10.1007/s00145-008-9026-x.

DOBRAUNING C, EICHLSEDER M, and MENDEL F. Heuristic tool for linear cryptanalysis with applications to CAESAR candidates[C]. Advances in Cryptology ASIACRYPT 2015, Auckland, New Zealand, 2015: 490-509. doi: 10.1007/978-3-662-48800-3_20.

DEY P, ROHIT S R, SARKAR S, et al. Differential fault analysis on Tiaoxin and AEGIS family of ciphers[C]. Security in Computing and Communications 2016, Jaipur, India, 2016: 74-86. doi: 10.1007/978-981-10-2738-3_7.

PEYRIN T, SIM S, WANG L, et al. Cryptanalysis of JAMBU[C]. Fast Software Encryption 2015, Istanbul, Turkey, 2015: 264-281. doi: 10.1007/978-3-662-48116-5_13.

SALAM M, BARTLETT H, PIEPRZYK J, et al. Investigating cube attack on the authenticated encryption stream cipher ACORN[C]. Applications and Techniques in Information Security 2016, Cairns, QLD, Australia, 2016: 15-26. doi: 10.1007/978-981-10-2741-3_2.

MILEVA A, DIMITROVA V, and VELICHKOV V. Analysis of the authenticated cipher MORUS (v1)[C]. Cryptography and Information Security in the Balkans 2015, Koper, Slovenia, 2015: 45-59. doi: 10.1007/978-3-319-29172-7_4.

張沛, 關(guān)杰, 李俊志, 等. MORUS算法初始化過程的混亂與擴(kuò)散性質(zhì)研究[J]. 密碼學(xué)報(bào), 2015, 2(6): 536-548. doi: 10.13868/j.cnki.jcr.000100.

ZHANG Pei, GUAN Jie, LI Junzhi, et al. Research on the confusion and diffusion properties of the initialization of MORUS[J]. Journal Cryptologic Research, 2015, 2(6): 536-548. doi: 10.13868/j.cnki.jcr.000100.

WANG Xiaoyun and YU Hongbo. How to break MD5 and other hash functions[C]. Advances in Cryptology EUROCRYPT 2005, Aarhus, Denmark, 2005: 19-35. doi: 10.1007/11426639_2.

FUHR T, LEURENT G, and SUDER V. Collision attacks against CAESAR candidatesForgery and key-recovery against AEZ and Marble[C]. Advances in Cryptology ASIACRYPT 2015, Auckland, New Zealand, 2015: 510-532. doi: 10.1007/978-3-662-48800-3_21.

PEYRIN T. Collision attack on Grindahl[J]. Journal of Cryptology, 2015, 28(4): 879-898. doi: 10.1007/s00145- 014-9186-9.

BERTSIMAS D and WEISMANTEL R. Optimization over Integers[M]. Massachusetts, USA, Dynamic Ideas, 2005: 73-82.

ACHTERBERG T. SCIP: Solving Constraint Integer Programs[J]. Mathematical Programming Computation, 2009, 1(1): 1-41. doi: 10.1007/s12532-008-0001-1.

相關(guān)文章

施引文獻(xiàn)

資源附件(0)

訪問統(tǒng)計(jì)