一级黄色片免费播放|中国黄色视频播放片|日本三级a|可以直接考播黄片影视免费一级毛片

高級搜索

留言板

尊敬的讀者、作者、審稿人, 關(guān)于本刊的投稿、審稿、編輯和出版的任何問題, 您可以本頁添加留言。我們將盡快給您答復(fù)。謝謝您的支持!

姓名
郵箱
手機(jī)號碼
標(biāo)題
留言內(nèi)容
驗證碼

基于狀態(tài)位索引方法的小狀態(tài)流密碼算法Draco-F

張潤蓮 范欣 趙昊 武小年 韋永壯

張潤蓮, 范欣, 趙昊, 武小年, 韋永壯. 基于狀態(tài)位索引方法的小狀態(tài)流密碼算法Draco-F[J]. 電子與信息學(xué)報, 2025, 47(1): 271-278. doi: 10.11999/JEIT240524
引用本文: 張潤蓮, 范欣, 趙昊, 武小年, 韋永壯. 基于狀態(tài)位索引方法的小狀態(tài)流密碼算法Draco-F[J]. 電子與信息學(xué)報, 2025, 47(1): 271-278. doi: 10.11999/JEIT240524
ZHANG Runlian, FAN Xin, ZHAO Hao, WU Xiaonian, WEI Yongzhuang. The Small-state Stream Cipher Algorithm Draco-F Based on State-bit Indexing Method[J]. Journal of Electronics & Information Technology, 2025, 47(1): 271-278. doi: 10.11999/JEIT240524
Citation: ZHANG Runlian, FAN Xin, ZHAO Hao, WU Xiaonian, WEI Yongzhuang. The Small-state Stream Cipher Algorithm Draco-F Based on State-bit Indexing Method[J]. Journal of Electronics & Information Technology, 2025, 47(1): 271-278. doi: 10.11999/JEIT240524

基于狀態(tài)位索引方法的小狀態(tài)流密碼算法Draco-F

doi: 10.11999/JEIT240524

  • 桂林電子科技大學(xué)計算機(jī)與信息安全學(xué)院 桂林 541000

基金項目: 國家自然科學(xué)基金(62062026),廣西重點研發(fā)計劃(桂科AB23026131),廣西研究生教育創(chuàng)新計劃(YCSW2024347)
詳細(xì)信息
    作者簡介:

    張潤蓮:女,副教授,研究方向為信息安全與分布式計算

    范欣:男,碩士生,研究方向為信息安全

    趙昊:男,碩士生,研究方向為信息安全

    武小年:男,教授,研究方向為信息安全與分布式計算

    韋永壯:男,教授,研究方向為分組密碼算法設(shè)計與分析

    通訊作者:

    張潤蓮 zhangrl@guet.edu.cn

  • 中圖分類號: TN918.1

The Small-state Stream Cipher Algorithm Draco-F Based on State-bit Indexing Method

  • School of Computer Science and Information Security, Guilin University of Electronic Technology, Guilin 541000, China

Funds: The National Natural Science Foundation of China (62062026), The Key Research and Development Program of Guangxi (guike AB23026131), The Innovation Project of Guangxi Graduate Education (YCSW2024347)
  • 摘要: Draco算法是首次基于初始向量和密鑰前綴組合(CIVK)方案構(gòu)造的一個流密碼設(shè)計實例,其聲稱對于時空數(shù)據(jù)折中(TMDTO)攻擊具有完全可證明的安全性。但因Draco算法的選擇函數(shù)存在周期小的結(jié)構(gòu)缺陷,攻擊者給出了突破其安全界限的分析結(jié)果。針對Draco算法存在的安全缺陷等問題,該文提出一種基于狀態(tài)位索引和動態(tài)初始化的改進(jìn)算法Draco-F算法。首先,Draco-F算法通過使用狀態(tài)位索引的方法增加了選擇函數(shù)的周期并降低硬件成本;其次,在保障非線性反饋移位寄存器(NFSR)狀態(tài)位使用均勻性的前提下,Draco-F算法通過簡化輸出函數(shù)進(jìn)一步降低算法的硬件成本;最后,Draco-F算法引入動態(tài)初始化技術(shù)以防止密鑰回溯。對Draco-F算法的安全性分析和軟硬件測試結(jié)果表明:相對于Draco算法,Draco-F算法避免了Draco算法的安全漏洞,可以以128 bit的實際內(nèi)部狀態(tài)提供128 bit的安全級別;同時,Draco-F算法具有更高的密鑰流吞吐率和更小的電路面積。
    Abstract:   Objective   The Draco algorithm is a stream cipher based on the Consisting of the Initial Value and Key-prefix (CIVK) scheme. It claims to provide security against Time Memory Data TradeOff (TMDTO) attacks. However, its selection function has structural flaws that attackers can exploit. These weaknesses can compromise its security. To address these vulnerabilities and lower the hardware costs associated with the Draco algorithm, this paper proposes an improved version called Draco-F. This new algorithm utilizes state bit indexing and dynamic initialization.  Methods   Firstly, to address the small cycle problems of the selection function and the high hardware costs in the Draco algorithm, the Draco-F algorithm introduces a new selection function. This function employs state bit indexing to extend the selection function’s period and reduce hardware costs. Specifically, the algorithm generates three index values based on 17 status bits from two Nonlinear Feedback Shift Registers (NFSRs). These index values serve as subscripts to select three bit of data stored in non-volatile memory. The output bit of the selection function is produced through specified nonlinear operations on these three bit of data. Secondly, while ensuring uniform usage of NFSR state bits, the Draco-F algorithm further minimizes hardware costs by simplifying the output function. Finally, Draco-F incorporates dynamic initialization techniques to prevent key backtracking.  Results and Discussions   Security analysis of the Draco-F algorithm, including evaluations against universal TMDTO attacks, zero stream attacks, selective IV attacks, guessing and determining attacks, key recovery attacks, and randomness testing, demonstrates that Draco-F effectively avoids the security vulnerabilities encountered by the original Draco algorithm, thereby offering enhanced security. Software testing results indicate that the Draco-F algorithm achieves a 128-bit security level with an actual 128-bit internal state and higher key stream throughput compared to the Draco algorithm. Additionally, hardware testing results reveal that the circuit area of the Draco-F algorithm is smaller than that of the Draco algorithm.  Conclusions   In comparison to the Draco algorithm, the Draco-F algorithm significantly enhances security by addressing its vulnerabilities. It also offers higher key stream throughput and a reduced circuit area.
    • HTML全文

  • 圖  1  Draco算法結(jié)構(gòu)圖

    圖  2  Draco-F算法結(jié)構(gòu)圖

    表  1  Draco-F算法隨機(jī)性檢驗結(jié)果

    編號測試統(tǒng)計項P-value值通過率檢測結(jié)果
    1Frequency0.048 7160.99Pass
    2BlockFrequency0.851 3830.99Pass
    3CumulativeSums0.488 5090.99Pass
    4Runs0.383 8270.98Pass
    5LongestRun0.798 1391.00Pass
    6Rank0.955 8351.00Pass
    7FFT0.275 7091.00Pass
    8NonOverlapingTemplate0.543 2580.989Pass
    9OverlappinTemplate0.122 3251.00Pass
    10Universal0.419 0210.99Pass
    11ApproximteEntropy0.514 1241.00Pass
    12RandomExcursions0.531 5230.996Pass
    13RandomExcursionsVariant0.454 2310.996Pass
    14Serial0.498 6090.995Pass
    15LinearComplexity0.236 8101.00Pass
    下載: 導(dǎo)出CSV

    表  2  兩種算法的軟件實現(xiàn)性能

    算法 初始化輪數(shù) 非易失性內(nèi)部
    狀態(tài)長度(bit)    		 密鑰流吞吐率
    (kbit/s)
    Draco 512 129 308
    Draco-F 動態(tài)變化 128 320
    下載: 導(dǎo)出CSV

    表  3  不同算法的硬件指標(biāo)結(jié)果

    算法 面積 功耗
    (μm2) (GE) (mW)
    Grain-128a[1] 13214.51 2911.33 0.479
    Atom[10] 14070.26 3099.86 0.383
    Draco[11] 10127.22 2231.15 0.309
    Draco-F 10083.37 2221.49 0.315
    下載: 導(dǎo)出CSV
  • [1] ?GREN M, HELL M, JOHANSSON T, et al. Grain-128a: A new version of Grain-128 with optional authentication[J]. International Journal of Wireless and Mobile Computing, 2011, 5(1): 48–59. doi: 10.1504/IJWMC.2011.044106.
    [2] EKDAHL P, JOHANSSON T, MAXIMOV A, et al. A new SNOW stream cipher called SNOW-V[J]. IACR Transactions on Symmetric Cryptology, 2019, 2019(3): 1–42. doi: 10.13154/tosc.v2019.i3.1-42.
    [3] AMIN GHAFARI V and HU Honggang. Fruit-80: A secure ultra-lightweight stream cipher for constrained environments[J]. Entropy, 2018, 20(3): 180. doi: 10.3390/e20030180.
    [4] ZIDARI? N, MANDAL K, GONG G, et al. The welch-gong stream cipher-evolutionary path[J]. Cryptography and Communications, 2024, 16(1): 129–165. doi: 10.1007/s12095-023-00656-0.
    [5] 馮秀濤. 3GPP LTE國際加密標(biāo)準(zhǔn)ZUC算法[J]. 信息安全與通信保密, 2011, 9(12): 45–46. doi: 10.3969/j.issn.1009-8054.2011.12.033.

    FENG Xiutao. ZUC algorithm: 3GPP LTE international encryption standard[J]. Information Security and Communications Privacy, 2011, 9(12): 45–46. doi: 10.3969/j.issn.1009-8054.2011.12.033.
    [6] KUMAR S and SARKAR S. Conditional TMDTO as a MILP instance[J]. IEEE Transactions on Information Theory, 2023, 69(5): 3330–3346. doi: 10.1109/TIT.2022.3230910.
    [7] ARMKNECHT F and MIKHALEV V. On lightweight stream ciphers with shorter internal states[C]. The 22nd International Workshop on Fast Software Encryption, Istanbul, Turkey, 2015: 451–470. doi: 10.1007/978-3-662-48116-5_22.
    [8] HAMANN M, KRAUSE M, and MEIER W. LIZARD-A lightweight stream cipher for power-constrained devices[J]. IACR Transactions on Symmetric Cryptology, 2017, 2017(1): 45–79. doi: 10.13154/tosc.v2017.i1.45-79.
    [9] MIKHALEV V, ARMKNECHT F, and MüLLER C. On ciphers that continuously access the non-volatile key[J]. IACR Transactions on Symmetric Cryptology, 2017, 2017(2): 52–79. doi: 10.13154/tosc.v2016.i2.52-79.
    [10] BANIK S, CAFORIO A, ISOBE T, et al. Atom: A stream cipher with double key filter[J]. IACR Transactions on Symmetric Cryptology, 2021, 2021(1): 5–36. doi: 10.46586/tosc.v2021.i1.5-36.
    [11] HAMANN M, MOCH A, KRAUSE M, et al. The DRACO stream cipher: A power-efficient small-state stream cipher with full provable security against TMDTO attacks[J]. IACR Transactions on Symmetric Cryptology, 2022, 2022(2): 1–42. doi: 10.46586/tosc.v2022.i2.1-42.
    [12] HAMANN M and KRAUSE M. On stream ciphers with provable beyond-the-birthday-bound security against time-memory-data tradeoff attacks[J]. Cryptography and Communications, 2018, 10(5): 959–1012. doi: 10.1007/s12095-018-0294-5.
    [13] HAMANN M, KRAUSE M, MEIER W, et al. Design and analysis of small-state grain-like stream ciphers[J]. Cryptography and Communications, 2018, 10(5): 803–834. doi: 10.1007/s12095-017-0261-6.
    [14] HAMANN M, KRAUSE M, and MOCH A. Tight security bounds for generic stream cipher constructions[C]. The Selected Areas in Cryptography–SAC 2019: 26th International Conference, Waterloo, Canada, 2020: 335–364. doi: 10.1007/978-3-030-38471-5_14.
    [15] GüL ? and KARA O. A new construction method for keystream generators[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 3735–3744. doi: 10.1109/TIFS.2023.3287412.
    [16] BANIK S. Cryptanalysis of Draco[J]. IACR Transactions on Symmetric Cryptology, 2022, 2022(4): 92–104. doi: 10.46586/tosc.v2022.i4.92-104.
    [17] GAMMEL B, G?TTFERT R, and KNIFFLER O. Achterbahn-128/80: Design and analysis[C]. ECRYPT Network of Excellence-SASC Workshop Record, Bochum, Germany, 2007: 152–165.
  • 加載中
圖(2) / 表(3)
計量
  • 文章訪問數(shù):  168
  • HTML全文瀏覽量:  49
  • PDF下載量:  32
  • 被引次數(shù): 0
出版歷程
  • 收稿日期:  2024-06-25
  • 修回日期:  2024-09-12
  • 網(wǎng)絡(luò)出版日期:  2024-09-19
  • 刊出日期:  2025-01-31

目錄

    /

    返回文章
    返回