论文部分内容阅读
2002年Klimov和Shamir提出了一类新的非线性函数——T函数,2005年Anashin等人利用一类单字单圈T函数作为主要驱动部件,设计了面向软件实现的ABC流密码算法参与e STREAM计划的征集.根据对ABC算法已有的攻击结果,在弱密钥情况下,可以利用快速相关攻击获得组件A的状态,所以本文主要研究了在已知组件A状态的前提下,组件B与C对差分错误攻击的安全性.攻击利用面向比特的错误模型,在不同时刻向组件B的输出状态注入单比特错误.然后根据正确的输出密钥字与错误的输出密钥字,结合差分分析技术,通过组件C建立起不同时刻组件B状态之间的关系.分析结果显示通过192个错误密钥字和160个正确密钥字可以建立含5个状态方程的方程组;然后根据单圈T函数的性质,本文设计了逐比特求解该方程组的算法,平均得到192组候选解;最后利用正确密钥字对候选解进行筛选.从而使恢复组件B和C的数据复杂度从2~(17.5)降为2~(8.46),计算复杂度从2~(32.84)降为2~(16.32),本文结论显示ABC对于差分错误攻击是不安全的.
In 2002, Klimov and Shamir proposed a new kind of nonlinear function - T function. In 2005, Anashin et al. Used a kind of single-word single-turn T function as the main driving part and designed a software-implemented ABC stream cipher algorithm to participate in e STREAM According to the existing attack results on ABC algorithm, under the condition of weak key, the state of component A can be obtained by using fast correlation attack, so this paper mainly studies the state of component A under the condition of known component A, C. Security against differential error attacks Attacks utilize a bit-oriented error model to inject a single-bit error into the output state of component B at different times, and then based on the correct output key word and the wrong output key word, Technology to establish the relationship between component B states at different time points through component C. The analysis results show that the system of equations with 5 state equations can be established through 192 incorrect key words and 160 correct key words, In this paper, an algorithm is proposed to solve the system of equations by bit by bit, and an average of 192 candidate solutions are obtained. Finally, the correct key words are used to filter the candidate solutions, so that the recovery group The data complexity of component B and C is reduced from 2 ~ (17.5) to 2 ~ (8.46), and the computational complexity is reduced from 2 ~ (32.84) to 2 ~ (16.32). The conclusion of this paper shows that ABC is not safe for differential error attack of.