修改Trivium流密码算法的滑动攻击

上海交通大学学报（自然版） ›› 2012, Vol. 46 ›› Issue (06): 926-930.

• 无线电电子学、电信技术 • 上一篇下一篇

修改Trivium流密码算法的滑动攻击

关杰, 丁林

(信息工程大学电子技术学院, 郑州 450004)

收稿日期:2011-05-30 出版日期:2012-06-28 发布日期:2012-06-28
基金资助:
通信保密重点实验室基金资助项目（9140C110202110C1101）, 全军军事学研究生课题（2010JY0263149）

Slide Attack on Modified Trivium Stream Cipher

GUAN Jie, DING Lin

(Electronic Technology Institute, Information Engineering University, Zhengzhou 450004, China)

Received:2011-05-30 Online:2012-06-28 Published:2012-06-28

摘要/Abstract

摘要： 基于求解非线性方程组,对Sonmez等提出的修改Trivium算法进行了滑动攻击，找到了多于2⁸⁵的滑动对，远远大于原Trivium算法的滑动对数(2³⁹).在假设获得一个滑动对的基础上，攻击者可以恢复出修改Trivium算法的全部80 bit密钥，计算复杂度为O(2³⁵).

关键词: 密码分析, 滑动攻击, Trivium, 初始化算法

Abstract: A slide attack on modified Trivium stream cipher presented by Sonmez et.al.based on solving nonlinear equations was present. The result shows that there exist more than 2⁸⁵ slide pairs in the modified Trivium, which is much more than 2³⁹ slide pairs in the original Trivium. If a slide pair is obtained, the attacker can recover the 80-bit initial key of modified Trivium with a computational complexity of O(2³⁵)

Key words: cryptanalysis, slide attack, Trivium, initialization algorithm

中图分类号:

TN 918.1

关杰, 丁林. 修改Trivium流密码算法的滑动攻击[J]. 上海交通大学学报（自然版）, 2012, 46(06): 926-930.

GUAN Jie, DING Lin. Slide Attack on Modified Trivium Stream Cipher[J]. Journal of Shanghai Jiaotong University, 2012, 46(06): 926-930.

参考文献

［1］ECRYPT. Estream: ECRYPT stream cipher project, IST2002507932［EB/OL］. （20100116）［20120301］. http://www. ecrypt. eu.org/stream/.

［2］Canniere C D, Preneel B.TRIVIUM specifications, ECRYPT stream cipher project report ［EB/OL］. (20050301) ［20100116］. http://www.ecrypt.eu.org/stream/.

［3］〖JP2〗Sonmez M, Kara O.Linear approximations for 2round Trivium［C］//Proc First International Conference on Security of Information and Networks. Gazimagusa,North Cyprus: Trafford Publishing, 2007: 96105.

［4］Maximov A, Biryukov A.Two trivial attacks on Trivium ［C］//Carlisle M (Eds).Selected Areas in Cryptography 14th International Workshop. Ottawa, Canada: Springer, 2007: 3655.

［5］PriemuthSchmid D, Biryukov A. Slid pairs in salsa 20 and Trivium［C］ //Dipanwita Roy Chowdhury(Eds). INDOCRYPT, 2008. India: Springer, 2008:114.

［6］Dinur I, Shamir A. Cube attacks on tweakable black box polynomials［J］. LNCS, 2009, 5479: 278299.

［7］Pasalic E. Key differentiation attacks on stream ciphers［EBOL］. (20081205)［20100103］. http://eprint.iacr.org/〖HJ*5/8〗

［8］孙国平,胡予濮,白生江.基于选择差分的Trivium 猜测攻击［J］.计算机工程,2010,36(9):129133.

SUN Guoping, HU Yupu, BAI Shengjiang.Guess attack on Trivium based on chosen differential［J］. Computer Engineering,2010,36(9):129133.

［9］Biryukov A, Wagner D. Slide attacks［J］. LNCS, 1999, 1636:245259.

［10］Kucuk O.Slide resynchronization attack on the initialization of grain 1.0［EB/OL］.(20060201) ［20100103］. http://www.ecrypt.eu.org/stream/papersdir/2006/044.ps.

[1]	孙文龙1,2，关杰1. 针对Trivium型密码算法的代数攻击[J]. 上海交通大学学报（自然版）, 2014, 48(10): 1434-1439.
[2]	常亚勤, 金晨辉. 环Z/2n上仿射函数Walsh谱的快速算法[J]. 上海交通大学学报（自然版）, 2011, 45(03): 321-0326.

修改Trivium流密码算法的滑动攻击

Slide Attack on Modified Trivium Stream Cipher

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics

本文评价