针对Trivium型密码算法的代数攻击

上海交通大学学报（自然版） ›› 2014, Vol. 48 ›› Issue (10): 1434-1439.

• 无线电电子学、电信技术 • 上一篇下一篇

针对Trivium型密码算法的代数攻击

孙文龙1,2，关杰1

(1.信息工程大学，郑州 450000；2. 北京卫星导航中心，北京 100094)

收稿日期:2013-12-04 出版日期:2014-10-28 发布日期:2014-10-28
基金资助:
：国家自然科学基金(No.61202491)，全军军事学研究生课题(2010JY0263149)资助项目

Algebraic Attacks on Trivium-Like Stream Ciphers

SUN Wenlong1,GUAN Jie1

(1. Information Engineering University, Zhengzhou 450000, China; 2. Beijing Satellite Navigation Center, Beijing 100094, China)

Received:2013-12-04 Online:2014-10-28 Published:2014-10-28

摘要/Abstract

摘要：

摘要：为了更好地研究Trivium算法的设计思想，选取了2个比较典型的修改Trivium算法，连同Trivium算法一起作为研究对象，把恢复算法的内部状态问题转化为可满足性问题，分析修改Trivium算法抵抗代数攻击的能力.比较了6种猜测策略，并且使用MiniSat2.0求解器求解.根据分析结果给出了Trivium型密码算法抵抗代数攻击的安全设计建议.

关键词: 密码分析, 代数攻击, 可满足性问题, 流密码

Abstract:

Trivium stream cipher is one of the finalists of European eSTREAM project. In order to have a better study of the design ideas of Trivium, two revised Trivium algorithms were typically chosen together with Trivium as the targets. The recovery of internal state was converted into the SAT problem to analyze the security of Trivium-like stream ciphers against algebraic attacks. Six guess strategies were tried, and then the equation systems were fed to MiniSat2.0. Finally, some suggestions for the security of Triviumlike stream ciphers against algebraic attack were given according to the results.

Key words: cryptanalysis, algebraic attacks, satisfiability problem, stream cipher

中图分类号:

TN 918.1

孙文龙1,2，关杰1. 针对Trivium型密码算法的代数攻击[J]. 上海交通大学学报（自然版）, 2014, 48(10): 1434-1439.

SUN Wenlong1,GUAN Jie1. Algebraic Attacks on Trivium-Like Stream Ciphers[J]. Journal of Shanghai Jiaotong University, 2014, 48(10): 1434-1439.

参考文献

［1］De Cannière C, Preneel B. TRIVIUM: A stream cipher construction inspired by block cipher design principles［C］∥Proceedings of ISC2006. Heidelberg: Springer, 2006: 171186.

［2］Knellwolf S, Meier W, NayaPlasencia M. Conditional differential cryptanalysis of Trivium and KATAN［C］∥Proceedings of SAC 2011. Heidelberg: Springer, 2011: 200212.

［3］孙文龙, 关杰, 刘建东. 针对简化版Trivium算法的线性分析［J］.计算机学报, 2012, 35(9):18901896.

SUN Wenlong, GUAN Jie, LIU Jiandong. Linear cryptanalysis of simplified Trivium［J］. Chinese Journal of Computers, 2012, 35(9):18901896.

［4］SUN Wenlong, GUAN Jie. A novel technique in linear cryptanalysis［EB/OL］. (20130530) ［20131101］.http:∥eprint.iacr.org/2013/336.

［5］PrimuthSchmid D, Biryukov A. Slide pairs in Salsa20 and Trivium［C］∥Proceedings of INDOCRYPT 2008. Heidelberg: Springer, 2008: 114.

［6］Raddum H. Cryptanalytic results on Trivium［EB/OL］. (20060327) ［20131101］. http:∥www.ecrypt.eu.org/stream/triviump3.html.

［7］Simonetti I, Faugère J C, Perret L. Algebraic attack against Trivium［C］∥Proceedings of First International Conference on Symbolic Computation and Cryptography. Beijing: Beihang University Press, 2008: 95102.

［8］Wong K.K.H, Bard G. Improved algebraic cryptanalysis of QUAD, Bivium and Trivium via graph partitioning on equation systems［C］∥Proceedings of ACISP 2010. Heidelberg: Springer, 2010: 1936.

［9］Borghoff J, Knudsen L R, Matusiewicz K. Hill climbing algorithms and Trivium［C］∥Proceedings of SAC 2010. Heidelberg: Springer, 2010: 5773.

［10］Borghoff J. Mixedinteger linear programming in the analysis of Trivium and KTANTAN［EB/OL］. (2012/11/29) ［2013/11/01］. http:∥eprint.iacr.org/2012/676.

［11］Huang Z, Lin D. Attacking Bivium and Trivium with the characteristic set method［C］∥Proceedings of AFCRICACRYPT 2011. Heidelberg: Springer, 2011: 7791.

［12］McDonald C, Charnes C, Pieprzyk J. Attacking Bivium with MiniSat［EB/OL］. (20070424) ［20131101］. http:∥www.ecrypt.eu.org/stream/triviump3.html.

［13］Eibach T, Pilz E, Vlkel G. Attacking Bivium using SAT solvers［C］∥Theory and Applications Theory and Applications of Satisfiability TestingSAT 2008. Heidelberg: Springer, 2008: 6376.

［14］McDonald C, Charnes C, Pieprzyk J. An algebraic analysis of Trivium ciphers based on the Boolean satisfiability problem［EB/OL］. (20071217) ［20131101］. http:∥eprint.iacr.org/2007/129.

［15］Dinur I, Shamir A. Cube attacks on tweakable black box polynomials［C］∥Proceedings of EUROCRYPT 2009. Heidelberg: Springer, 2009: 278299.

［16］Afzal M, Masood A. Modifications in the design of Trivium to increase its security level［J］. Proceedings of Pakistan Academy of Sciences, 2010, 47(1):5163.

［17］Raj A S, Srinivasan C. Analysis of algebraic attack on Trivium and minute modification to Trivium［C］∥Proceedings of CNSA2011. Heidelberg: Springer, 2011: 3542.

［18］Bard G, Courtois N, Jefferson C. Efficient methods for conversion and solution of sparse systems of lowdegree multivariate polynomials over GF(2) via SATsolvers［EB/OL］. (20070126) ［20131101］. http:∥eprint.iacr.org/2007/024.

［19］Eén N, Srensson N. An extensible SATsolver ［C］∥Proceedings of SAT 2003. Heidelberg: Springer, 2004:502508.

[1]	张中亚1,2，关杰1. 对流密码算法Phelix的差分故障攻击[J]. 上海交通大学学报（自然版）, 2013, 47(07): 1131-1136.
[2]	张中亚, 关杰. 对流密码算法LEX的差分故障攻击[J]. 上海交通大学学报（自然版）, 2012, 46(06): 865-869.
[3]	关杰, 丁林. 修改Trivium流密码算法的滑动攻击[J]. 上海交通大学学报（自然版）, 2012, 46(06): 926-930.
[4]	王晶晶, 陈克非. 序列快速傅里叶攻击的改进 [J]. 上海交通大学学报（自然版）, 2012, 46(02): 285-288.
[5]	常亚勤, 金晨辉. 环Z/2n上仿射函数Walsh谱的快速算法[J]. 上海交通大学学报（自然版）, 2011, 45(03): 321-0326.
[6]	张民，戚正伟，董笑菊. 活性细胞膜计算的可执行性描述与实现[J]. 上海交通大学学报（自然版）, 2008, 42(10): 1635-1639.

针对Trivium型密码算法的代数攻击

Algebraic Attacks on Trivium-Like Stream Ciphers

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 6

编辑推荐

Metrics

本文评价