Lai-Massey結(jié)構(gòu)平均差分概率和平均線性鏈概率的上界估計

凡如亞; 金晨輝; 崔霆

doi:10.11999/JEIT180196

Lai-Massey結(jié)構(gòu)平均差分概率和平均線性鏈概率的上界估計

doi: 10.11999/JEIT180196

解放軍戰(zhàn)略支援部隊信息工程大學(xué) ??鄭州 ??450001

基金項目: 國家自然科學(xué)基金(61402523, 61572516, 61502532)

詳細(xì)信息

作者簡介:
凡如亞：男，1989年生，博士生，研究方向為分組密碼算法的設(shè)計與分析

金晨輝：男，1965年生，教授，博士生導(dǎo)師，主要研究方向為密碼算法的設(shè)計與分析

崔霆：男，1985年生，副教授，主要研究方向為密碼算法的設(shè)計與分析

通訊作者:
凡如亞　 fanruya@126.com

中圖分類號: TN918
計量
- 文章訪問數(shù): 2255
- HTML全文瀏覽量: 992
- PDF下載量: 117
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2018-02-28
- 修回日期: 2018-07-20
- 網(wǎng)絡(luò)出版日期: 2018-08-06
- 刊出日期: 2018-12-01

Upper Bound Estimation of Average Differential Probability and Average Linear Chains Probability of Lai-Massey Structure

The Information Engineering University of PLA, Zhengzhou 450001, China

Funds: The National Natural Science Foundation of China (61402523, 61572516, 61502532)

摘要

摘要: Lai-Massey結(jié)構(gòu)是由IDEA算法發(fā)展而來的一個分組密碼結(jié)構(gòu)，F(xiàn)OX系列密碼算法是該密碼結(jié)構(gòu)的代表。該文從差分概率關(guān)于獨立等概輪密鑰的平均概率上界和給定起點和終點的線性鏈的平均概率上界兩個角度出發(fā)，研究Lai-Massey 結(jié)構(gòu)的差分和線性可證明安全性。該文證明了2輪Lai-Massey結(jié)構(gòu)的非平凡差分對應(yīng)關(guān)于獨立等概的輪密鑰的平均概率 $ \le p{}_{\max }$ ；證明了當(dāng)Lai-Massey 結(jié)構(gòu)的F函數(shù)是正型置換時，輪數(shù) $r \ge 3$ 的非平凡差分對應(yīng)關(guān)于獨立等概的輪密鑰的平均概率 $ \le p_{\max }^2$ 。針對給定起點和終點的線性鏈的平均概率上界，該文也獲得了類似的結(jié)論。
- 密碼學(xué) /
- Lai-Massey 結(jié)構(gòu) /
- 差分分析 /
- 線性分析 /
- 可證明安全 /
- 正型置換
Abstract: Lai-Massey structure is a block cipher structure developed from IDEA algorithm. FOX is the representative of this cipher structure. In this paper, the keys are assumed to be generated independently and uniform randomly, and then the provable security against differential and linear cryptanalysis of Lai-Massey structure is studied from two aspects: the upper bound of the average differential probability and the upper bound of the average linear chains probability with the given starting and ending points. This paper proves that when $r{\rm{ = }}2$ , the average differential probability $ \le p{}_{\max }$ . With the F function of the Lai-Massey structure is orthomorphism, this paper proves that when $r \ge 3$ , the average differential probability $ \le p_{\max }^2$ . A similar conclusion is obtained for the linear chains with a given starting and ending point.
- Cryptography /
- Lai-Massey structure /
- Differentially cryptanalysis /
- Linearly cryptanalysis /
- Provable security /
- Orthomorphism

HTML全文

參考文獻(17)

LAI Xuejia and MASSEY J. A proposal for a new block encryption standard. In: Advances in Cryptology[J]. LNCS, 1990, 473: 389–404 doi: 10.1007/3-540-46877-3_35

VAUDENAY S. On the Lai-Massey scheme[J]. LNCS, 1999, 1716: 8–19 doi: 10.1007/978-3-540-48000-6_2

JUNOD P and VAUDENAY S. FOX: A new family of block ciphers[C]. LNCS, 2004, 259: 131–146. doi: 10.1007/978-3-540-30564-4_8.

WU Wenling, ZHANG Wentao, and FENG Dengguo. Improved integral cryptanalysis of reduced FOX block cipher[C]. LNCS, 2005, 3935: 229–241.

WU Zhongming, LAI Xuejia, ZHU Bo, et al. Impossible differential cryptanalysis of FOX[J]. LNCS, 2010, 6163: 236–249 doi: 10.1007/978-3-642-14597-1_15

魏悅川, 孫兵, 李超. FOX 密碼的不可能差分分析[J]. 通信學(xué)報, 2010, 31(9): 24–29

WEI Yuechuan, SUN Bing, and LI Chao. Impossible differential attacks on FOX[J].Journal on Communications, 2010, 31(9): 24–29

吳文玲, 衛(wèi)宏儒. 低輪 FOX 分組密碼的碰撞-積分攻擊[J]. 電子學(xué)報, 2005, 33(7): 1307–1310

WU Wenling and WEI Hongru. Collision-integral attack of reduced-round FOX[J]. Acta Electronica Sinica, 2005, 33(7): 1307–1310

郭瑞, 金晨輝. 低輪FOX64算法的零相關(guān)-積分分析[J]. 電子與信息學(xué)報, 2015, 37(2): 418–422 doi: 10.11999/JEIT140373

GUO Rui and JIN Chenhui. Zero correlation-Integral attack of reduced-round FOX[J]. Journal of Electronics&Information Technology, 2015, 37(2): 418–422 doi: 10.11999/JEIT140373

LI Ruilin, YOU Jianxiong, SUN Bing, et al. Fault analysis study of the block cipher FOX64[J]. Multimedia Tools and Applications, 2013, 63(3): 691–708 doi: 10.1007/s11042-011-0895-x

LUO Yiyuan, LAI Xuejia, and GONG Zheng. Pseudorandomness analysis of the (extended) Lai-Massey scheme[J]. Information Processing Letters, 2010, 111(2): 90–96 doi: 10.1016/j.ipl.2010.10.012

YUN A, PARK J H, and LEE J. On Lai-Massey and quasi-Feistel ciphers[J]. Design Codes and Cryptography, 2011, 58: 45–72 doi: 10.1007/s10623-010-9386-8

郭瑞, 金晨輝. Lai-Massey結(jié)構(gòu)偽隨機特性研究[J]. 電子與信息學(xué)報, 2014, 36(4): 828–833 doi: 10.3724/SP.J.1146.2013.00870

GUO Rui and JIN Chenhui. On the pseudorandomness of the Lai-Massey scheme[J]. Journal of Electronics&Information Technology, 2014, 36(4): 828–833 doi: 10.3724/SP.J.1146.2013.00870

AOKI K and OHTA K. Strict evaluation of the maximum average of differential probability and the maximum average of linear probability[J]. IEICE Transactions Fundamentals, 1997, E80-A(1): 2–8.

NYBERG L and KNUDSEN L R. Provable security against a differential attack[J].Journal of Cryptology, 1995, 8: 27–37 doi: 10.1007/BF00204800

付立仕, 金晨輝. 基于仿射非正型s變換的Lai-Massey模型的密碼學(xué)缺陷[J]. 電子與信息學(xué)報, 2013, 35(10): 2536–2540 doi: 10.3724/SP.J.1146.2012.01574

FU Lishi and JIN Chenhui. The cryptographic weakness of Lai-Massey scheme with an affine but not orthomorphic bijection s[J]. Journal of Electronics&Information Technology, 2013, 35(10): 2536–2540 doi: 10.3724/SP.J.1146.2012.01574

付立仕, 金晨輝. Lai-Massey 模型的差分和線性可證明安全性[J]. 軟件學(xué)報, 2013, 24(Suppl.2): 207–215

FU Lishi and JIN Chenhui. Differential and linear provable security of Lai-Massey scheme[J]. Journal of Software, 2013, 24(Suppl.2): 207–215

金晨輝, 鄭浩然, 張少武, 等. 密碼學(xué)[M]. 北京: 高等教育出版社, 2009: 175–198.

JIN Chenhui, ZHENG Haoran, ZHANG Shaowu, et al. Cryptology[M]. Beijing: Higher Education Press, 2009: 175–198.

相關(guān)文章

施引文獻

資源附件(0)

訪問統(tǒng)計