韦永壮^{1, 2},
史佳利^{2, 3,,},
李灵琛^{4, 5}
1.桂林电子科技大学广西密码学与信息安全重点实验室? ?桂林? ?541004
2.桂林电子科技大学广西无线宽带通信与信号处理重点实验室? ?桂林? ?541004
3.桂林电子科技大学广西高校云计算与复杂系统重点实验室? ?桂林? ?541004
4.中国科学院大学? ?北京? ?100049
5.中国科学院软件研究所? ?北京? ?100190
基金项目:国家自然科学基金(61572148, 61872103, 61561016), 广西研究生教育创新计划资助项目(YCBZ2018051), 获桂林电子科技大学研究生优秀学位论文培育项目(16YJPYSS12), 桂林电子科技大学研究生教育创新计划(2018YJCX45)

详细信息

作者简介:韦永壮：男，1976年生，教授，博士生导师，研究方向为密码函数、分组密码分析
史佳利：女，1992年生，硕士生，研究方向为对称密码算法分析
李灵琛：女，1988年生，博士生，研究方向为分组密码的分析与设计

通讯作者:史佳利　jiali00@126.com

中图分类号:TP309

计量

文章访问数:2249
HTML全文浏览量:1149
PDF下载量:80
被引次数:0

出版历程

收稿日期:2018-07-19
修回日期:2018-10-29
网络出版日期:2019-03-18
刊出日期:2019-07-01

Impossible Differential Cryptanalysis of LiCi Block Cipher

Yongzhuang WEI^{1, 2},
Jiali SHI^{2, 3,,},
Lingchen LI^{4, 5}
1. Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology, Guilin 541004 ,China
2. Guangxi Key Laboratory of Wireless Wideband Communication and Signal Processing, Guilin University of Electronic Technology, Guilin 541004 ,China
3. Guangxi Colleges and University Key Laboratory of Cloud Computing and Complex Systems, Guilin University of Electronic Technology, Guilin 541004 ,China
4. University of Chinese Academy of Sciences, Beijing 100049, China
5. Institute of Software, Chinese Academy of Sciences, Beijing 100190, China
Funds:The National Natural Science Foundation of China (61572148, 61872103, 61561016), The Innovation Project of Guangxi Graduate Education (YCBZ2018051), Guilin University of Electrionic Technology Excellent Graduate Thesis Program (16YJPYSS12), The Innovation Project of Guilin University of Electrionic Technology Graduate Education (2018YJCX45)


摘要
摘要:LiCi是由Patil等人(2017)提出的轻量级分组密码算法。由于采用新型的设计理念，该算法具有结构紧凑、能耗低、占用芯片面积小等优点，特别适用于资源受限的环境。目前该算法的安全性备受关注，Patil等人声称：16轮简化算法足以抵抗经典的差分攻击及线性攻击。该文基于S盒的差分特征，结合中间相遇思想，构造了一个10轮的不可能差分区分器。基于此区分器，向前后各扩展3轮，并利用密钥编排方案，给出了LiCi的一个16轮的不可能差分分析方法。该攻击需要时间复杂度约为2^83.08次16轮加密，数据复杂度约为2^59.76选择明文，存储复杂度约为2^76.76数据块，这说明16轮简化的LiCi算法无法抵抗不可能差分攻击。
关键词:轻量分组密码算法/
LiCi算法/
不可能差分分析/
差分特征
Abstract:LiCi algorithm is a newly lightweight block cipher. Due to its new design idea adopted by Patil et al, it has the advantages of compact design, low energy consumption and less chip area, thus is is especially suitable for resource-constrained environments. Currently, its security receives extensively attention, and Patil et al. claimed that the 16-round reduced LiCi can sufficiently resist both differential attack and linear attack. In this paper, a new 10-round impossible differential distinguisher is constructed based on the differential characteristics of the S-box and the meet-in-the-middle technique. Moreover, on the basis of this distinguisher, a 16-round impossible differential attack on LiCi is proposed by respectively extending 3-round forward and backward via the key scheduling scheme. This attack requires a time complexity of about 2^83.08 16-round encryptions, a data complexity of about 2^59.76 chosen plaintexts, and a memory complexity of 2^76.76 data blocks, which illustrates that the 16-round LiCi cipher can not resist impossible differential attack.
Key words:Lightweight block cipher/
LiCi cipher/
Impossible differential cryptanalysis/
Differential characteristic



PDF全文下载地址:

https://jeit.ac.cn/article/exportPdf?id=b2b8e802-45bb-4c5d-8d48-6bb356a708d7