Impossible Differential Cryptanalysis and Linear Cryptanalysis for Eight-Sided Fortress Algorithm
-
摘要: 该文对八阵图(ESF)算法抵抗不可能差分密码分析和线性密码分析的能力进行了研究。ESF算法是一种具有Feistel结构的轻量级分组密码算法,它的轮函数为代换置换(SP)结构。该文首先用新的不可能差分区分器分析了12轮ESF算法,随后用线性密码分析的方法分析了9轮ESF算法。计算得出12轮不可能差分分析的数据复杂度大约为O(267),时间复杂度约为O(2110.7),而9轮线性密码分析的数据复杂度仅为O(235),时间复杂度不大于O(215.6)。结果表明ESF算法足够抵抗不可能差分密码分析,而抵抗线性密码分析的能力相对较弱。Abstract: The ability of Eight-Sided Fortress (ESF) algorithm to resist impossible differential cryptanalysis and linear cryptanalysis is studied in this paper. The ESF algorithm is a lightweight block cipher algorithm with Feistel structure, and its round function is Substitution-Permutation(SP) structure. Firstly, 12 rounds of ESF algorithm is analyzed in this paper by a new impossible differential distinguisher, and then 9 rounds of ESF algorithm is analyzed by linear cryptanalysis. It is calculated that the data complexity of 12 rounds of impossible differential analysis is about O(267), and the time complexity is about O(2110.7), while the data complexity of 9 rounds of linear cryptanalysis is only O(235), and the time complexity is no more than O(215.6). The results show that ESF algorithm is able to resist impossible differential cryptanalysis, while its ability to resist linear cryptanalysis is relatively weak.
-
Key words:
- Block cipher /
- Lightweight /
- Linear cryptanalysis /
- Impossible differential /
- Eight-Sided Fortress(ESF)
-
表 1 ESF算法S盒剩余逼近优势分布统计
逼近优势 ${s_0}$ ${s_1}$ ${s_2}$ ${s_3}$ ${s_4}$ ${s_5}$ ${s_6}$ ${s_7}$ 0.250 36 36 36 32 32 32 36 32 0.125 96 96 96 112 112 112 96 112 -
[1] 袁庆军, 张勋成, 高杨, 等. 轻量级分组密码PUFFIN的差分故障攻击[J]. 电子与信息学报, 2020, 42(6): 1519–1525. doi: 10.11999/JEIT190506YUAN Qingjun, ZHANG Xuncheng, GAO Yang, et al. Differential fault attack on the lightweight block cipher PUFFIN[J]. Journal of Electronics &Information Technology, 2020, 42(6): 1519–1525. doi: 10.11999/JEIT190506 [2] SEHRAWAT D and GILL N S. Lightweight block ciphers for iot based applications: A review[J]. International Journal of Applied Engineering Research, 2018, 13(5): 2258–2270. [3] LIU Xuan, ZHANG Wenying, LIU Xiangzhong, et al. Eight-sided fortress: A lightweight block cipher[J]. The Journal of China Universities of Posts and Telecommunications, 2014, 21(1): 104–108,128. doi: 10.1016/S1005-8885(14)60275-2 [4] 杜小妮, 段娥娥, 王天心. 基于混沌的双模块Feistel结构高安全性高速分组密码算法安全性分析[J]. 电子与信息学报, 2021, 43(5): 1365–1371. doi: 10.11999/JEIT200057DU Xiaoni, DUAN E E, and WANG Tianxin. Security analysis of block cipher CFE[J]. Journal of Electronics &Information Technology, 2021, 43(5): 1365–1371. doi: 10.11999/JEIT200057 [5] 王念平. 一类分组密码变换簇抵抗线性密码分析的安全性评估[J]. 电子学报, 2020, 48(1): 137–142. doi: 10.3969/j.issn.0372-2112.2020.01.017WANG Nianping. Security evaluation against linear cryptanalysis for a class of block cipher transform cluster[J]. Acta Electronica Sinica, 2020, 48(1): 137–142. doi: 10.3969/j.issn.0372-2112.2020.01.017 [6] 吴文玲, 冯登国, 张文涛. 分组密码的设计与分析[M]. 2版. 北京: 清华大学出版社, 2009: 120–125.WU Wenling, FENG Dengguo, ZHANG Wentao. Design and Analysis of Block Cipher[M]. 2nd ed. Beijing: Tsinghua University Press, 2009: 120–125. [7] 吴文玲, 张蕾. 不可能差分密码分析研究进展[J]. 系统科学与数学, 2008, 28(8): 971–983.WU Wenling and ZHANG Lei. The state-of-the-art of research on impossible differential cryptanalysis[J]. Journal of Systems Science and Mathematical Sciences, 2008, 28(8): 971–983. [8] 贾艳艳, 胡予濮, 杨文峰, 等. 2轮Trivium的多线性密码分析[J]. 电子与信息学报, 2011, 33(1): 223–227. doi: 10.3724/SP.J.1146.2010.00334JIA Yanyan, HU Yupu, YANG Wenfeng, et al. Linear cryptanalysis of 2-round trivium with multiple approximations[J]. Journal of Electronics &Information Technology, 2011, 33(1): 223–227. doi: 10.3724/SP.J.1146.2010.00334 [9] 陈玉磊, 卫宏儒. ESF算法的不可能差分密码分析[J]. 计算机科学, 2016, 43(8): 89–91,99. doi: 10.11896/j.issn.1002-137X.2016.8.018CHEN Yulei and WEI Hongru. Impossible differential cryptanalysis of ESF[J]. Computer Science, 2016, 43(8): 89–91,99. doi: 10.11896/j.issn.1002-137X.2016.8.018 [10] 刘宣, 刘枫, 孟帅. 轻量级分组密码算法ESF的不可能差分分析[J]. 计算机工程与科学, 2013, 35(9): 89–95. doi: 10.3969/j.issn.1007-130X.2013.09.014LIU Xuan, LIU Feng, and MENG Shuai. Impossible differential cryptanalysis of lightweight block cipher ESF[J]. Computer Engineering &Science, 2013, 35(9): 89–95. doi: 10.3969/j.issn.1007-130X.2013.09.014 [11] 高红杰, 卫宏儒. 用不可能差分法分析12轮ESF算法[J]. 计算机科学, 2017, 44(10): 147–149,181. doi: 10.11896/j.issn.1002-137X.2017.010.028GAO Hongjie and WEI Hongru. Impossible differential attack on 12-round block cipher ESF[J]. Computer Science, 2017, 44(10): 147–149,181. doi: 10.11896/j.issn.1002-137X.2017.010.028 [12] 尹军, 马楚焱, 宋健, 等. 轻量级分组密码算法ESF的安全性分析[J]. 计算机研究与发展, 2017, 54(10): 2224–2231. doi: 10.7544/issn1000-1239.2017.20170455YIN Jun, MA Chuyan, SONG Jian, et al. Security analysis of lightweight block cipher ESF[J]. Journal of Computer Research and Development, 2017, 54(10): 2224–2231. doi: 10.7544/issn1000-1239.2017.20170455 [13] CUI Tingting, CHEN Shiyao, FU Kai, et al. New automatic tool for finding impossible differentials and zero-correlation linear approximations[J]. Science China Information Sciences, 2021, 64(2): 129103. doi: 10.1007/s11432-018-1506-4 [14] 吴文玲. Q的线性密码分析[J]. 计算机学报, 2003, 26(1): 55–59. doi: 10.3321/j.issn:0254-4164.2003.01.009WU Wenling. Linear cryptanalysis of Q block cipher[J]. Chinese Journal of Computers, 2003, 26(1): 55–59. doi: 10.3321/j.issn:0254-4164.2003.01.009