改进的减轮Kiasu-BC 算法的中间相遇攻击

通信学报

• •

改进的减轮Kiasu-BC 算法的中间相遇攻击

李曼曼1,2,3 ，陈少真1,2,3

1.战略支援部队信息工程大学网络空间安全学院，河南郑州 45000450001；
2. 密码科学技术国家重点实验室，北京 100878100878；
3. 河南省网络密码技术重点实验室，河南郑州 450001450001

作者简介:李曼曼(1986–)，女，河南开封人，博士，战略支援部队信息工程大学讲师，主要研究方向为网络空间安全、信息安全、对称密码的设计与分析等。陈少真(1967–)，女，江苏无锡人，博士，战略支援部队信息工程大学教授，主要研究方向为密码学与信息安全。

Improved Meet-in -the-Middle Attack on ReducedReduced-Round KiasuKiasu-BC Cipher

LI Manman 1,2,3, CHEN Shaozhen 1,2,3

1. College of Cyberspace Security Security, Strategic Support Force Information Engineering University University, Zhengzhou 45000450001, China
2. State Key Laboratory of Cryptology, Beijing, 100878, China
3. Henan Key Laboratory of Network Cryptography Technology Technology, Zhengzhou 45 0000001, China

摘要/Abstract

摘要： KiasuKiasu-BC 算法是加密认证竞赛CAESAR第一轮入选方案Kiasu 的内置可调分组密码。KiasuKiasu-BC 算法是基于AESAES-128 轮函数构造的可调分组密码算法，通过对KiasuKiasu-BC算法的结构特征的研究，利用调柄自由度以及内部密钥间的制约关系,降低预计算的复杂度。结合差分枚举技术，构造新的5轮中间相遇区分器，改进KiasuKiasu-BC算法的8轮中间相遇攻击。改进后攻击的时间复杂度为2114 ，存储复杂度263，数据复杂度为2108 。

关键词: 可调分组密码, KiasuKiasu-BC 算法, 中间相遇攻击 , 差分枚举

Abstract: KiasuKiasu-BC is an internal tweakable block cipher of authenticated encryption algorithm Kiasu as one of
firstfirst-round candidates in the CAESAR competition. The precomputation complexity is reduced by utilizing the
freedom of the tweak and the internal key restriction through the research on structural characteristics of KiasuKiasu-BC cipher based on AES AES-128 round function. Combined with the d ifferential enumeration technique, a new 5 5-round
meet -in -thethe-middle distinguisher is constructed to impr ove the meet -in -thethe-middle attack on 8-round Kiasu Kiasu-BC ciphercipher. The new attack requires the time complexity of 2 114 , the memory complexity of 2 263 and the data complexity
of 2 2108 .

李曼曼, 陈少真, . 改进的减轮Kiasu-BC 算法的中间相遇攻击[J]. 通信学报.

LI Manman , CHEN Shaozhen , . Improved Meet-in -the-Middle Attack on ReducedReduced-Round KiasuKiasu-BC Cipher[J]. Journal on Communications.

参考文献

[1] Liskov M M, Rivest R R, Wagner D D. Tweakable Block Ciphers [C] C]. CRYPTO 2002 2002, LNCS 2442 2442, SpringerSpringer, 20022002, 31 -46.
[2] Jean J J, Nikolic I I, Peyrin T T. Tweaks and Keys for Block Ciphers Ciphers: The TWEAKEY Framework [C] C]. ASIACRYPT 2014 2014, PART II II, LNCS 8874 8874, SpringerSpringer, 20142014, 274274-288288.
[3] Jean J J, Nikolić I, Peyrin T T. KIASU Submission to the CAESAR competition competition, [EB/ OL]. [2018 2018-11 -28]28].
[4] Jean J J, Nikolić I I, Peyrin T T. JoltikJoltik. Submission to the CAESAR competition competition, [EB/ OL]. [2018 2018-11 -28] .
[5] Jean J J, Nikolić I I, Peyrin T T. Deoxys v1 v1. 41 . Submission to CAESAR CAESAR, October 20 2016 . [EB/ OL].
[6] Dobraunig C C, Eichlseder M, Mendel F F. (2016) Square attack on 7 7-round Kiasu Kiasu-BC [ C]. In Proc Proc. IntInt. ConfConf. Applied
Cryptography and Network Security - ACNS 2016 2016, GuildfordGuildford, UK , June 19 19-22 , pp . 500 -517 . SpringerSpringer, Cham.
[7] Abdelkhalek A A, Tolba M M, Youss ef A M. (2016) Impossible differential cryptanalysis of 8 8-round Kiasu Kiasu-BC , (to [ J].
[8] Tolba M M, Abdelkhalek A A, Youssef A M M. (2016) A meet in the middle attack on reduced round Kiasu Kiasu-BC [ C]. IEICE Trans Trans. FundamentalsFundamentals, E99E99-A, 18881888-18901890.
[9] Dobraunig C C, List E. (2017) Impossible Impossible-differential and boomerang cryptanalysis of round round-reduced Kia Kiasu -BC [ J]. In Proc Proc. Topics in Cryptology - CT -RSA 2017 2017, CA , USAUSA, February 14 14-17 , pp . 207207-222222. SpringerSpringer, ChamCham.
[10] Liu Y, Shi Y Y, Gu D D. Improved Meet Meet-in -thethe-Middle Attacks on Reduc Reduced -Round Kiasu Kiasu-BC and Joltik Joltik-BC [ J]. The Computer
JournalJournal, Volume 62 62, Issue 12 12, December 2019 2019, Pages 1761 1761-17761776.
[11] Diffie W W, Hellman M M. Exhaustive Cryptanalysis of the NBS Data Encryption Standard[J] J], Computer 10 10, 74 -84 , 19771977.
[12] Gilbert H H, Minier M M. A collisions attack on the 7 7-rounds Rijndael[A] A]. In : AES Candidate Conference (2000) 2000).
[13] Demirci H H, Selçuk A A. A meet meet-in -thethe-middle attack on 8 8-round AES[J] J]. Fast Software Encryption Encryption, pp . 116116-126 . SpringerSpringer, Heidelberg (2008) 2008).
[14] Dunkelman O O, Keller N N, Shamir A A. Improved s ingleingle-key attacks on 8 8-round AES AES-192 and AES AES-256[J] J]. Advances in
CryptologyCryptology-ASIACRYPT 2010 2010, pp . 158158-176176. SpringerSpringer, Heidelberg (2010) 2010).
[15] Dunkelman O, Keller N, Shamir A. Improved Single Single-Key Attacks on 8 8-Round AES AES-192 and AES AES-256[A]. Advances in
Cryptology - ASIACRYPT 2010[C], LNCS 6477, Berlin: Springer Springer-Verlag, 2010: 158 158-176.
[16] Derbez P, Fouque P A, Jean J. Improved Key Recovery Attacks on Reducededuced-Round AES in the Single Single-Key Setting [ C]. EUROCRYPTEUROCRYPT’13, LNCS 7881 7881. SpringerSpringer-Verlag 2013: 371 -387.
[17] Li L L, Jia K K, Wang X X. Improved Single Single-Key Attacks on 9 9-Round AES AES-192/256[C] C]. FSE 2014 2014, LNCS 8540 8540, SpringerSpringer-VerlagVerlag, 20152015, 127127-146146.
[18] Dong X X, Li L L, Jia K K, et al al. Improved Ataacks on Reduced Reduced-Round Cammelia Cammelia-128/192/256 [ A]. CT -RSARSA’15 , LNCS 9048 9048. SpringerSpringer-Verlag 2015 2015: 59 -83.
[19] Lin L L, Wu W, Zhang Y Y. Improved Meet Meet-in -thethe-Middle Distinguisher on Feistel Schemes [ A]. Selected Areas in
CryptographyCryptography-SACSAC’15 , LNCS 9566 9566. SpringerSpringer-Verlag 2016 2016: 122122-142.
[20] Biryukov A A, Derbez P P, Perrin L L. Differential Analysis and Meet Meet-in -thethe-Middle Attack Against Round Round-Reduced TWINE [ J]. Fast Software Encryption Encryption-FSEFSE’15 , LNCS 90549054. SpringerSpringer-Verlag 20 16 : 3-27 .
[21] Derbez P P, Perrin L L. MeetMeet-in -thethe-Middle Attacks and Structural Analysis of Round Round-Reduced PRINCE [ J]. Fast Software
EncryptionEncryption-FSEFSE’15 , LNCS 90549054. SpringerSpringer-Verlag 20 15 : 190190-216.
[22] Derbez P, Fouque P A. Automatic Search of Meet Meet-in -thethe-Middle and Impossible Differential Attacks [ J]. CRYPTO CRYPTO’16 (Part
II), LNCS 9815. Springer Springer-Verlag 2016: 157 157-184.
[23] Biham E E, Shamir A. Differential Cryptanalysis of DES DES-Like Cryptosystems[A]. CRYPTO’ 90[C], LNCS 537, Springer
1990: 2 2-21 .
[24] Kanda M. Practical Security Evaluation against Differential and linear Attacks for Feistel Ciphers with SPN Round
Function [ J]. Selected Areas in Cryptography, SAC’ 00 , LNCS 7707, Springer Springer-Verlag, pp: 168 168-179.
[25] Jiang Z Z, Jin C. (2018) Multiple impossible differentials cryptanalysis on 8 8-round Kiasu Kiasu-BC [J]. Cryptologic Res., 5,
359359–367 .
[26] Li R, Jin C. Meet Meet-in -thethe-middle attacks on 10 10-round AES AES-256 [ J]. Des. Codes Cryptogr. 80, 459459-471 (2016).