欢迎访问中国科学院大学学报,今天是

中国科学院大学学报 ›› 2011, Vol. 28 ›› Issue (2): 266-273.DOI: 10.7523/j.issn.2095-6134.2011.2.020

• 论文 • 上一篇    

6轮ARIA的最优不可能差分分析

张磊, 郭建胜   

  1. 解放军信息工程大学电子技术学院, 郑州 450004
  • 收稿日期:2010-03-23 修回日期:2010-05-28 发布日期:2011-03-15

Best impossible differential cryptanalysis of 6-round ARIA

ZHANG Lei, GUO Jian-Sheng   

  1. Institute of Electronic Technology, PLA Information Engineering University, Zhengzhou 450004, China
  • Received:2010-03-23 Revised:2010-05-28 Published:2011-03-15

摘要:

研究了ARIA在不可能差分分析下的安全性.通过对算法扩散层的分析,给出了ARIA中间状态在加密过程的差分传递性质.在此基础上证明了6轮ARIA不存在使得输入输出差分重量小于10的不可能差分路径,同时证明了在输入输出差分重量为10的情况下6轮ARIA只存在2类形式的不可能差分路径.利用构造出的这2类不可能差分路径,从理论上证明了6轮ARIA不可能差分攻击的最优结果为:2120个选择明文和294.5次6轮加密.

关键词: 分组密码, 不可能差分分析, ARIA, 数据复杂性, 时间复杂性

Abstract:

The security of the block cipher ARIA against impossible differential cryptanalysis is studied. First, we analyze the diffusion layer of ARIA and indicate some differential characters of the intermediate state through the encryption transformation. On the basis of these, we show that there is no 6-round impossible differential with the input-and-output differential weight less than ten and that there are only two kinds of 6-round impossible differential with the input-and-output differential weight of ten. Both kinds of the best impossible differentials can be found and can be used to attack the 6-round ARIA with the best results: the data complexity being 2120 chosen plaintexts and the time complexity being 294.5 encryptions of 6-round ARIA.

Key words: block cipher, impossible differential cryptanalysis, ARIA, data complexity, time complexity

中图分类号: