高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

RAIN-128算法的中间相遇攻击

杜小妮 郑亚楠 梁丽芳 李锴彬

杜小妮, 郑亚楠, 梁丽芳, 李锴彬. RAIN-128算法的中间相遇攻击[J]. 电子与信息学报, 2024, 46(1): 327-334. doi: 10.11999/JEIT221593
引用本文: 杜小妮, 郑亚楠, 梁丽芳, 李锴彬. RAIN-128算法的中间相遇攻击[J]. 电子与信息学报, 2024, 46(1): 327-334. doi: 10.11999/JEIT221593
DU Xiaoni, ZHENG Yanan, LIANG Lifang, LI Kaibin. Meet-in-the-middle Attack on RAIN-128[J]. Journal of Electronics & Information Technology, 2024, 46(1): 327-334. doi: 10.11999/JEIT221593
Citation: DU Xiaoni, ZHENG Yanan, LIANG Lifang, LI Kaibin. Meet-in-the-middle Attack on RAIN-128[J]. Journal of Electronics & Information Technology, 2024, 46(1): 327-334. doi: 10.11999/JEIT221593

RAIN-128算法的中间相遇攻击

doi: 10.11999/JEIT221593
基金项目: 国家自然科学基金(62172337)
详细信息
    作者简介:

    杜小妮:女,博士后,教授,研究方向为应用密码学

    郑亚楠:女,硕士生,研究方向为应用密码学

    梁丽芳:女,硕士生,研究方向为应用密码学

    李锴彬:男,硕士生,研究方向为分组密码

    通讯作者:

    杜小妮 ymldxn@126.com

  • 中图分类号: TN918.2; TP309.7

Meet-in-the-middle Attack on RAIN-128

Funds: The National Natural Science Foundation of China (62172337)
  • 摘要: RAIN是一族SPN结构的轻量级分组密码算法,该算法具有软硬件实现效率高、安全性强等特点。中间相遇攻击被广泛应用于分组密码算法的安全性分析中。该文通过分析RAIN-128的结构特性和截断差分特征,利用差分枚举技术分别构造了4轮和6轮中间相遇区分器,给出了8轮及10轮的中间相遇攻击。当攻击轮数为8轮时,预计算阶段的时间复杂度为$ {2^{68}} $次8轮RAIN-128加密,存储复杂度为$ {2^{75}} $ bit,在线攻击阶段的时间复杂度为$ {2^{109}} $次8轮加密,数据复杂度是$ {2^{72}} $个选择明文;当攻击轮数为10轮时,预计算阶段的时间复杂度为$ {2^{214}} $次10轮加密,存储复杂度为$ {2^{219}} $ bit,在线攻击阶段的时间复杂度为$ {2^{109}} $次10轮加密,数据复杂度是$ {2^{72}} $个选择明文,分析结果显示,RAIN-128可以抵抗中间相遇攻击,并具有较高的安全冗余。
  • 图  1  RAIN算法的整体结构

    图  2  RAIN算法的轮函数结构

    图  3  DS-MITM模型

    图  4  4轮RAIN-128算法的中间相遇区分器

    图  5  8轮RAIN-128算法的中间相遇攻击

    图  6  6轮RAIN-128算法的中间相遇区分器

    表  1  RAIN算法的8/10轮中间相遇攻击复杂度

    轮数(r)时间(预计算)时间(在线)数据存储(bit)
    8$ {2^{68}} $$ {2^{109}} $$ {2^{72}} $$ {2^{75}} $
    10$ {2^{214}} $$ {2^{109}} $$ {2^{72}} $$ {2^{219}} $
    下载: 导出CSV
  • [1] DIFFIE W and HELLMAN M E. Special feature exhaustive cryptanalysis of the NBS data encryption standard[J]. Computer, 1977, 10(6): 74–84. doi: 10.1109/C-M.1977.217750
    [2] National Institute of Standards and Technology. FIPS 46–3 Data encryption standard (DES)[S]. National Institute of Standards and Technology, 1999.
    [3] DEMIRCI H and SELÇUK A A. A meet-in-the-middle attack on 8-round AES[C]. Proceedings of the 15th International Workshop on Fast Software Encryption, Lausanne, Switzerland, 2008: 116–126.
    [4] DAEMEN J and RIJMEN V. The Design of Rijndael: AES -The Advanced Encryption Standard[M]. Berlin: Springer, 2002: 137–139.
    [5] DUNKELMAN O, KELLER N, and SHAMIR A. Improved single-key attacks on 8-round AES-192 and AES-256[J]. Journal of Cryptology, 2015, 28(3): 397–422. doi: 10.1007/s00145-013-9159-4
    [6] DERBEZ P and FOUQUE P A. Exhausting Demirci-Selçuk meet-in-the-middle attacks against reduced-round AES[C]. Proceedings of the 20th International Workshop on Fast Software Encryption, Singapore, 2013: 541–560.
    [7] SHI Danping, SUN Siwei, DERBEZ P, et al. Programming the Demirci-Selçuk meet-in-the-middle attack with constraints[C]. Proceedings of the 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, Australia, 2018: 3–34.
    [8] BEIERLE C, JEAN J, KÖLBL S, et al. The SKINNY family of block ciphers and its low-latency variant MANTIS[C]. Proceedings of the 36th Annual International Cryptology Conference, Santa Barbara, USA, 2016: 123–153.
    [9] CHEN Qiu, SHI Danping, SUN Siwei, et al. Automatic Demirci-Selçuk meet-in-the-middle attack on SKINNY with key-bridging[C]. Proceedings of the 21st International Conference on Information and Communications Security, Beijing, China, 2020: 233–247.
    [10] 肖钰汾, 田甜. 减轮SKINNY-128-384算法的中间相遇攻击[J]. 密码学报, 2021, 8(2): 338–351. doi: 10.13868/j.cnki.jcr.000442

    XIAO Yufen and TIAN Tian. Meet-in-the-Middle attack on round-reduced SKINNY-128-384[J]. Journal of Cryptologic Research, 2021, 8(2): 338–351. doi: 10.13868/j.cnki.jcr.000442
    [11] SUGITA M, KOBARA K, and IMAI H. Security of reduced version of the block cipher Camellia against truncated and impossible differential cryptanalysis[C]. Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, Australia, 2001: 193–207.
    [12] BIHAM E. Cryptanalysis of Patarin’s 2-round public key system with S boxes (2R)[C]. Proceedings of 2000 International Conference on the Theory and Applications of Cryptographic Techniques, Bruges, Belgium, 2000: 408–416.
    [13] 曹梅春, 张文英, 陈彦琴, 等. RAIN: 一种面向软硬件和门限实现的轻量分组密码算法[J]. 计算机研究与发展, 2021, 58(5): 1045–1055. doi: 10.7544/issn1000-1239.2021.20200933

    CAO Meichun, ZHANG Wenying, CHEN Yanqin, et al. RAIN: A lightweight block cipher towards software, hardware and threshold implementations[J]. Journal of Computer Research and Development, 2021, 58(5): 1045–1055. doi: 10.7544/issn1000-1239.2021.20200933
    [14] AVANZI R. The QARMA block cipher family. Almost MDS matrices over rings with Zero Divisors, Nearly Symmetric Even-mansour constructions with Non-involutory central rounds, and search heuristics for low-latency S-Boxes[J]. IACR Transactions on Symmetric Cryptology, 2017, 2017(1): 4–44. doi: 10.13154/tosc.v2017.i1.4-44
    [15] BEIERLE C, LEANDER G, MORADI A, et al. CRAFT: Lightweight tweakable block cipher with efficient protection against DFA attacks[J]. IACR Transactions on Symmetric Cryptology, 2019, 2019(1): 5–45. doi: 10.13154/tosc.v2019.i1.5-45
    [16] 蒋梓龙, 金晨辉. Saturnin算法的不可能差分分析[J]. 通信学报, 2022, 43(3): 53–62. doi: 10.11959/j.issn.1000-436x.2022045

    JIANG Zilong and JIN Chenhui. Impossible differential cryptanalysis of Saturnin algorithm[J]. Journal on Communications, 2022, 43(3): 53–62. doi: 10.11959/j.issn.1000-436x.2022045
    [17] 叶涛, 韦永壮, 李灵琛. ACE密码算法的积分分析[J]. 电子与信息学报, 2021, 43(4): 908–914. doi: 10.11999/JEIT200234

    YE Tao, WEI Yongzhuang, and LI Lingchen. Integral cryptanalysis of ACE encryption algorithm[J]. Journal of Electronics &Information Technology, 2021, 43(4): 908–914. doi: 10.11999/JEIT200234
    [18] LEANDER G, ABDELRAHEEM M A, ALKHZAIMI H, et al. A cryptanalysis of PRINTCIPHER: The invariant subspace attack[C]. Proceedings of the 31st Annual Cryptology Conference, Santa Barbara, USA, 2011: 206–221.
  • 加载中
图(6) / 表(1)
计量
  • 文章访问数:  306
  • HTML全文浏览量:  255
  • PDF下载量:  91
  • 被引次数: 0
出版历程
  • 收稿日期:  2023-01-04
  • 修回日期:  2023-04-12
  • 网络出版日期:  2023-04-17
  • 刊出日期:  2024-01-17

目录

    /

    返回文章
    返回