基于AES轮函数认证加密算法研究与设计

doi:10.11959/j.issn.2096-109x.2020028

网络与信息安全学报 ›› 2020, Vol. 6 ›› Issue (2): 106-115.doi: 10.11959/j.issn.2096-109x.2020028

基于AES轮函数认证加密算法研究与设计

高国强,李子臣()

北京印刷学院数字版权保护技术研究中心，北京 102600

修回日期:2020-02-03 出版日期:2020-04-15 发布日期:2020-04-23
作者简介:高国强（1995- ），男，内蒙古兴安盟人，北京印刷学院硕士生，主要研究方向为认证加密算法分析与设计。|李子臣（1962- ），男，河南温县人，博士，北京印刷学院教授、博士生导师，主要研究方向为公钥密码、数字签名、后量子密码。
基金资助:
国家自然科学基金资助项目(61370188);北京市教委科研计划一般基金资助项目(KM201610015002);北京市教委科研计划一般基金资助项目(KM201510015009);北京市教委科研计划重点基金资助项目(KZ201510015015);北京市教委科研计划重点基金资助项目(KZ201710015010);科技创新服务能力建设-科研水平提高定额基金资助项目(PXM2017_014223_000063);北京印刷学院校级基金资助项目(Ec201803);北京印刷学院校级基金资助项目(Ed201802);北京印刷学院校级基金资助项目(Ea201806)

Research and design of authenticated encryption algorithm based on AES round function

Guoqiang GAO,Zichen LI()

Research Center for digital copyright protection technology,Beijing Institute of Graphic Communication,Beijing 102600,China

Revised:2020-02-03 Online:2020-04-15 Published:2020-04-23
Supported by:
The National Natural Science Foundation of China(61370188);The Beijing City Board of Education Science and Technology Key Project(KZ201510015015);The Beijing City Board of Education Science and Technology Key Project(KZ201710015010);Project of Beijing Municipal College Improvement Plan(PXM2017_014223_000063);BIGC Project(Ec201803);BIGC Project(Ed201802);BIGC Project(Ea201806)

摘要/Abstract

摘要：

认证加密算法同时保证信息的机密性和完整性，在信息安全领域具有广泛的应用前景。利用混合整数线性规划方法，搜索高效且最小活跃S盒较多的迭代结构，基于AES轮函数和广义Feistel结构设计底层的轮函数，实现了一个基于 AES 轮函数的认证加密算法。该认证加密算法具有抵抗碰撞攻击、差分攻击、线性攻击等攻击的能力，且效率是原有认证加密算法AES-GCM的两倍。

关键词: 认证加密算法, AES算法, 混合整数线性规划

Abstract:

The authenticated encryption algorithm guarantees the confidentiality and integrity of the information at the same time,and has extensive research and application prospects in the field of information security.With the mixed integer linear programming (MILP) method,the iterative structure with high efficiency and more active S boxes is searched.Based on this new round iterative function and the generalized Feistel structure,an authenticated encryption algorithm with the ability to resist collision attack,differential attack,linear attack and other attacks was designed and implemented,and the efficiency was twice that of AES-GCM.

Key words: authenticated encryption algorithm, AES algorithm, MILP

中图分类号:

TP393

高国强,李子臣. 基于AES轮函数认证加密算法研究与设计[J]. 网络与信息安全学报, 2020, 6(2): 106-115.

Guoqiang GAO,Zichen LI. Research and design of authenticated encryption algorithm based on AES round function[J]. Chinese Journal of Network and Information Security, 2020, 6(2): 106-115.

图/表 7

图1

表1

表2

图2

表3

表4

图3

参考文献 25

[1]	BELLARE M , KOHNO T , NAMPREMPRE C . Authenticated encryption in SSH:Provably ?xing the SSH binary packet protocol[C]// Proceedings of the 9th ACM Conference on Computer and Communications Security. 2002: 1-11.
[2]	KRAWCZYK H , . The order of encryption and authentication for protecting communications (or:How secure is SSL)[C]// Advances in Cryptology-CRYPTO 2001. 2001: 310-331.
[3]	BELLARE M , NAMPREMPRE C . Authenticated encryption:Relations among notions and analysis of the generic composition paradigm[C]// Advances in Cryptology-ASIACRYPT 2000.Berlin:Springer. 2000: 531-545.
[4]	BELLARE M , ROGAWAY P . Encode-then-encipher encryption:how to exploit nonces or redundancy in plaintexts for efficient cryptography[C]// Advances in Cryptology—ASIACRYPT 2000. 2000: 317-330.
[5]	ROGAWAY P , BELLARE M , BLACK J . OCB:a block-cipher mode of operation for efficient authenticated encryption[J]. ACM Transactions on Information and System Security (TISSEC), 2003,6(3): 365-403.
[6]	DWORKIN M J ， . National institute of standards and technology (NIST).Recommendation for block cipher modes of operation:the CCM mode for authentication and con?dentiality[R]. 2004.
[7]	BELLARE M , ROGAWAY P , WAGNER D . The EAX mode of operation[C]// Fast Software Encryption. 2004.
[8]	MCGREW D A , VIEGA J . The Galois/counter mode of operation (GCM)[J]. Submission to NIST Modes of Operation Process, 2004,(20).
[9]	GOLDWASSER S , MICALI S . Probabilistic encryption[J]. Journal of Computer and System Sciences, 1984,28(2): 270-299.
[10]	SASAKI Y , LEI W . Message extension attack against authenticated encryptions:application to PANDA[J]. IEICE Transactions on Fundamentals of Electronics,Communications and Computer Sciences, 2016,99(1): 49-57.
[11]	MOUHA N , WANG Q , GU D ,et al. Differential and linear cryptanalysis using mixed-integer linear programming[C]// International Conference on Information Security and Cryptology. 2011: 57-67.
[12]	田玉丹, 韦永壮 . 认证加密算法SCREAM及iSCREAM的新伪造攻击[J]. 网络与信息安全学报, 2016,2(1): 60-64.
	TIAN Y D , WEI Y Z . New forgery attack on the authenticated cipher SCREAM and iSCREAM[J]. Chinese Journal of Network and Information Security, 2016,2(1): 60-64.
[13]	田玉丹, 韦永壮 . 认证加密模型JAMBU的新分析[J]. 网络与信息安全学报, 2017,3(7): 53-57.
	TIAN Y D , WEI Y Z . New cryptanalysis of the authenticated cipher model JAMBU[J]. Chinese Journal of Network and Information Security, 2017,3(7): 53-57.
[14]	WU H , PRENEEL B . AEGIS:a fast authenticated encryption algorithm[C]// Selected Areas in Cryptography-SAC. 2014: 185-201.
[15]	BOGDANOV A , MENDEL F , REGAZZONI F ,et al. ALE:AES-based lightweight authenticated encryption[C]// International Workshop on Fast Software Encryption. 2013: 447-466.
[16]	NIKOLIC I . TiaoXin-346[EB].
[17]	HOANG V T , KROVETZ T . AEZ v5:authenticated encryption by enciphering[EB].
[18]	ZHANG J , WU W , ZHENG Y . Security of SM4 against (related-key) differential cryptanalysis[C]// Information Security Practice and Experience. 2016: 65-78.
[19]	BILGIN B , BOGDANOV A , KNE?EVI? M .et al Fides:lightweight authenticated cipher with side-channel resistance for constrained hardware[C]// Cryptographic Hardware and Embedded Systems - CHES 2013. 2013.
[20]	BEIERLE C , JéRéMY J , STEFAN K , ,et al. The SKINNY family of block ciphers and its low-latency variant MANTIS[C]// Annual Cryptology Conference. Berlin:Springer, 2016.
[21]	张建, 吴文玲 . 基于 SM4 轮函数设计的认证加密算法[J]. 电子学报, 2018,46(6): 1294-1299.
	ZHANG J , WU W L . Authentication encryption based on SM4 round function[J]. Chinese Journal of Electronics, 2018,46(6): 1294-1299.
[22]	DAEMEN J , RIJMEN V . The design of rijndael[M]. Berlin: SpringerPress, 2002.
[23]	MATSUI M , . Linear cryptanalysis method for DES cipher[C]// Advances in Cryptology -EUROCRYPT ’93. 1994.
[24]	尤加勇, 李超 . 针对 LEX 算法的截断滑动攻击[J]. 信息安全与通信保密, 2007(9): 96-98.
	YOU J Y , LI C . Interruption slide attack against stream cipher lex algorithm[J]. Information Security and Communications Privacy, 2007(9): 96-98.
[25]	MINAUD B , . Linear biases in AEGIS keystream[C]// Selected Areas in Cryptography. 2014: 290-305.

No.	置换P	四轮活跃S盒数	十轮活跃S盒数	全状态混淆轮次
P₁	9,6,12,15,5,2,8,11,1,14,4,7,13,10,0,3	25	78	5
P₂	7,13,10,0,6,3,9,12,2,15,5,8,14,11,1,4	25	80	3
P₃	13,10,0,6,3,9,12,2,15,5,8,14,11,1,4,7	25	88	4
P₄	1,7,13,10,0,3,9,6,12,15,5,2,8,11,14,4	25	78	5
P₅	2,15,5,11,8,14,1,7,4,10,13,3,0,6,9,12	25	78	3

斐波那契数列	模256后二进制序列
1、1、2、3	00000001、00000001、00000010、00000011
5、8、13、21	00000101、00001000、00001101、00010101
34、55、89、144	00100010、00110111、01011001、10010000
233、377、610、987	11101001、01111001、01100010、11011011

消息长度	AMRAE/μs	AEGIS/μs	AES-GCM/μs
128 bit	126.73	120.07	106.03
1 kB	158.49	137.51	118.21
2 kB	180.28	158.333	156.37
4 kB	167.13	163.34	223.55
40 kB	625.35	603.25	1 122.47

基于AES轮函数认证加密算法研究与设计

Research and design of authenticated encryption algorithm based on AES round function

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献 25

相关文章 1

Metrics

推荐阅读 0

Rounds	R(4,4,1)密钥加未参与	R(4,4,1)密钥加参与	AES密钥加未参与	AES密钥加参与
1	1	1	1	1
2	5	4	5	1
3	9	9	9	3
4	25	25	25	5
5	41	38	26	7
6	60	42	30	9
7	64	55	34	11
8	80	71	50	13
9	84	76	51	15
10	100	80	55	17