序列密码立方攻击研究进展综述
A Survey on Cube Attacks Against Stream Ciphers
田甜 1戚文峰1
作者信息
摘要
立方攻击由Dinur和Shamir在2009年欧密会上首次提出,是一种高阶差分攻击和代数攻击.经过近十余年的研究,传统立方攻击不断发展,动态立方攻击、基于可分性的立方攻击、相关立方攻击相继提出,攻击思想不断丰富,攻击技术不断改进,逐渐成为针对基于非线性反馈移位寄存器的序列密码算法的重要攻击方法.特别地,立方攻击自2009年提出以来一直是国际轻量级序列密码标准Trivium最有效的密钥恢复攻击,动态立方攻击攻破了全轮Grain-128算法,Kreyvium、Grain-128AEAD、ACORN这些基于非线性反馈移位寄存器的序列密码算法都可以用立方攻击进行有效分析.本文介绍了立方攻击的基本原理和攻击方法,综述了实验立方攻击、基于可分性立方攻击、立方集构造、动态立方攻击、相关立方攻击等方面的研究进展.
Abstract
Cube attacks were first proposed by Dinur and Shamir at EUROCRYPT 2009,which is a kind of higher differential attacks as well as a kind of algebraic attacks.For the past decade,dynamic cube attacks,division property based cube attacks,and correlation cube attacks have been proposed,which improved traditional cube attacks to a large extent in terms of ideas and techniques.So far the cube attack has become an important cryptanalysis method on nonlinear feedback shift register based stream ciphers.In particular,the cube attack has been the most powerful key recovery attack on Trivium which is an international standard under ISO/IEC 29192-3:2012,the dynamic cube attack broke full Grain-128,and the cube attack has also been shown to be very useful in analyzing Kreyvium,Grain-128AEAD,and ACORN.In this paper,the basic principle of cube attacks is introduced and a survey on the recent progress of experimental cube attacks,division property based cube attacks,cube construction methods,dynamic cube attacks,and correlation cube attacks is presented.
关键词
立方攻击/可分性/MILP/序列密码/TriviumKey words
cube attacks/division property/MILP/stream ciphers/Trivium引用本文复制引用
出版年
2024
国家科技期刊平台
NSTL
万方数据