| 摘要: |
| 差分-线性分析是将差分分析和线性分析结合起来的一类高效的安全性分析方法,被广泛应用于对各类对称密码算法的安全性分析与评估中.在构建密码算法的差分-线性区分器时,通常将其分成三部分,即差分部分、线性部分和中间连接部分.其中,中间连接部分的构建与其相关度的评估是整个区分器构建过程中最重要的工作.本文将差分-线性分析应用于ARX (Addition-Rotation-Xor) 结构分组密码Speck算法的分析.对Speck64,首次给出了从理论上估计差分-线性相关度的方法.对一个4轮差分-线性特征相关度的理论估计值,与通常采用的采样实验方法估计的相关度值非常接近,表明该方法的有效性.对所有版本的Speck算法,我们也基于实验方法成功构建了其差分-线性区分器.结果表明,与已有的基于单一分析方法所构建的区分器相比,差分-线性区分器包含的轮数有了很大提高. |
| 关键词: ARX密码 Speck算法 差分-线性分析 区分器 相关度 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2024.02.04 |
| 投稿时间:2022-01-18修订日期:2022-02-10 |
| 基金项目:国家自然科学基金项目(面上项目,重点项目,重大项目) |
|
| Differential-Linear Cryptanalysis of Speck Cipher |
|
Xu Yaqi, Wu Baofeng, Lin Dongdai
|
| (Institute of Information Engineering, Chinese Academy of Sciences) |
| Abstract: |
| Differential-linear cryptanalysis is an efficient method combined with differential and linear cryptanalysis which is widely applied to many kinds of ciphers. When establishing a differential-linear distinguisher, the usual way is to divide a cipher into three parts, i.e., the differential part, linear part and the middle part. The establishment of the middle part and estimation of its correlation is the most important work within the attack. In this paper, we apply the differential-linear cryptanalysis to the ARX-based block cipher Speck. For Speck64, we present a theoretical method to estimate the correlation of the middle part for the first time. The correlation value computed by our method for a special differential-linear characteristic is close to the value estimated by experiments, showing effectiveness of our method. For all versions of Speck, we also build their differential-linear distinguishers by experimentally estimating correlations of their middle parts. It turns out that the differential-linear distinguishers cover more rounds of Speck compared to the classical differential or linear distinguishers. |
| Key words: ARX cipher Speck cipher differential-linear cryptanalysis distinguisher correlation |
