基于Feistel结构的分组密码算法Eslice

doi:10.6040/j.issn.1671-9352.0.2022.283

《山东大学学报(理学版)》 ›› 2023, Vol. 58 ›› Issue (3): 85-92.doi: 10.6040/j.issn.1671-9352.0.2022.283

基于Feistel结构的分组密码算法Eslice

梁丽芳^1,2,杜小妮^1,2*,李锴彬^2,3,谢歆^1,2,李晓丹^4,5

1.西北师范大学数学与统计学院, 甘肃兰州 730070;2.西北师范大学密码技术与数据分析重点实验室, 甘肃兰州 730070;3.西北师范大学计算机科学与工程学院, 甘肃兰州 730070;4.中国科学院软件研究所可信计算与信息保障实验室, 北京 100190;5.中国科学院大学计算机科学与技术学院, 北京 100049

出版日期:2023-03-20 发布日期:2023-03-02
作者简介:梁丽芳(1995— ),女,硕士研究生,研究方向为应用密码学. E-mail:lianglifang1003@163.com*通信作者简介:杜小妮(1972— ),女,博士,教授,博士生导师,研究方向为应用密码学. E-mail:ymldxn@126.com
基金资助:
国家自然科学基金资助项目(62172337)

Block cipher algorithm Eslice based on Feistel structure

LIANG Li-fang^1,2, DU Xiao-ni^1,2*, LI Kai-bin^2,3, XIE Xin^1,2, LI Xiao-dan^4,5

1. College of Mathematics and Statistics, Northwest Normal University, Lanzhou 730070, Gansu, China;
2. Key Laboratory of Cryptography and Data Analysis, Northwest Normal University, Lanzhou 730070, Gansu, China;
3. College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, Gansu, China;
4. Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing 100190, China;
5. School of Computer Science and Technology, University of Chinese Academy of Sciences, Beijing 100049, China

Online:2023-03-20 Published:2023-03-02

摘要/Abstract

摘要： 一族安全性较高的分组密码算法Eslice,包含3个版本:Eslice-64-64,分组长度和密钥长度均为64比特;Eslice-64-128,分组长度为64比特,密钥长度为128比特;Eslice-128-128,分组长度和密钥长度均为128比特。Eslice的设计灵感源于LBlock。整体采用Feistel结构,轮函数采用SP结构,所选取的S盒其各项密码性质均达到最优。线性变换仅有循环移位和异或两种操作,且密钥生成算法与加密算法使用相同的S盒。进一步,分析Eslice针对差分、线性、积分等密码分析方法的安全性,利用基于混合整数线性规划(MILP)的搜索模型,得到20轮的最小活跃S盒的个数为41个,比LBlock 20轮的最小活跃S盒的个数少3个,通过活跃S盒的个数估算差分概率和线性偏差,对算法进行安全性评估。结果表明,Eslice算法可以有效的抵抗差分攻击和线性攻击。

关键词: 分组密码, Feistel结构, 安全性分析, S盒

Abstract: A family of highly secure block cipher algorithms Eslice, including three versions: Eslice-64-64, the block length and key length are both 64 bits; Eslice-64-128, the block length is 64 bits, and the key length is 128 bits; Eslice-128-128, the block length and key length are both 128 bits. Eslices design was inspired by LBlock. The Feistel structure is adopted as a whole, and the SP structure is used for the round function. The selected S-box have all the optimal cryptographic properties. The linear transformation has only two operations: cyclic shift and XOR, and the key generation algorithm and the encryption algorithm use the same S-box. Furthermore, the security of Eslice for differential, linear, integral and other cryptanalysis methods is analyzed. The search model based on Mixed Integer Linear Programming(MILP)are used, and the number of minimum active boxes in 20 rounds is 41, which is 3 less than that of LBlock in 20 rounds. The differential probability and linear deviation are estimated by the number of active boxes, and the security of the algorithm is evaluated. The results show that Eslice can effectively resist differential attack and linear attack.

Key words: block cipher, Feistel structure, security cryptanalysis, S-box

中图分类号:

TN918.4

梁丽芳, 杜小妮, 李锴彬, 谢歆, 李晓丹. 基于Feistel结构的分组密码算法Eslice[J]. 《山东大学学报(理学版)》, 2023, 58(3): 85-92.

LIANG Li-fang, DU Xiao-ni, LI Kai-bin, XIE Xin, LI Xiao-dan. Block cipher algorithm Eslice based on Feistel structure[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2023, 58(3): 85-92.

参考文献

[1] BOGDANOV A, KNUDSEN L R, LEANDER G, et al. PRESENT: an ultra-lightweight block cipher[M] //Cryptographic Hardware and Embedded Systems-CHES 2007. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007: 450-466.
[2] WU Wenling, ZHANG Lei. LBlock: a lightweight block cipher[C] //Proceedings of the 9th International Conference on Applied Cryptography and Network Security, June 7-10, 2011, Nerja, Spain. New York: ACM, 2011: 327-344.
[3] ZHANG Wentao, BAO Zhenzhen, LIN Dongdai, et al. RECTANGLE: a bit-slice lightweight block cipher suitable for multiple platforms[J]. Science China Information Sciences, 2015, 58(12):1-15.
[4] BIHAM E, SHAMIR A. Differential cryptanalysis of DES-like cryptosystems[J]. Journal of Cryptography, 1991, 4(1):3-72.
[5] MATSUI M. Linear cryptanalysis method for DES cipher[M] //Advances in Cryptology-EUROCRYPT’93. Berlin, Heidelberg: Springer Berlin Heidelberg, 1993: 386-397.
[6] SUN Siwei, HU Lei, WANG Peng, et al. Automatic security evaluation and(related-key)differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L)and other Bit-Oriented block ciphers[M] //Advances in Cryptology-ASIACRYPT 2014. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014: 158-178.
[7] LEANDER G, POSCHMANN A. On the classification of 4 bit S-boxes[M] //Arithmetic of Finite Fields: WAIFI 2007. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007: 159-176.
[8] 李超, 孙兵, 李瑞林.分组密码的攻击方法与实例分析[M]. 北京: 科学出版社, 2010. LI Chao, SUN Bing, LI Ruilin. Attack method of block cipher and case analysis[M]. Beijing: Science Press, 2010.
[9] BLONDEAU C, LEANDER G, NYBERG K. Differential-linear cryptanalysis revisited[J]. Journal of Cryptology, 2017, 30(3):859-888.
[10] KUMAR M, PAL S K, PANIGRAHI A. FeW: a lightweight block cipher[J]. Turkish Journal of Mathematics and Computer Science, 2019, 11(2):58-73.
[11] KNUDSEN L, WAGNER D. Integral cryptanalysis[M] //Fast Software Encryption: FSE 2002. Berlin, Heidelberg: Springer Berlin Heidelberg, 2002: 112-127.
[12] TODO Y. Structural evaluation by generalized integral property[M] //Advances in Cryptology-EUROCRYPT 2015, Part I. Berlin, Heidelberg: Springer Berlin Heidelberg, 2015: 287-314.
[13] XIANG Zejun, ZHANG Wentao, BAO Zhenzhen, et al. Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers[M] //Advances in Cryptology-ASIACRYPT 2016, Part I. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016: 648-678.
[14] WEIZE Y, SELÇUK K. A lightweight masked AES implementation for securing IoT against CPA attacks[J]. IEEE Transactions on Circuits and Systems, 2017, 64(11):2934-2944.

多维度评价

Viewed

Full text

Abstract

Cited

Shared

Discussed

基于Feistel结构的分组密码算法Eslice

Block cipher algorithm Eslice based on Feistel structure

PDF (PC)

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 4

多维度评价

本文评价

推荐阅读 1

[1]	李昂,关杰. 一类轻量级最优S盒的构造方法[J]. 山东大学学报（理学版）, 2018, 53(7): 85-94.
[2]	程璐,魏悦川,李安辉,潘晓中. Midori算法的多维零相关线性分析[J]. 山东大学学报（理学版）, 2018, 53(2): 88-94.
[3]	杜承航1,2,陈佳哲1,2. 轻量级分组密码算法MIBS不可能差分分析[J]. J4, 2012, 47(7): 55-58.
[4]	杨林1,2,王美琴1,2. 约减轮的MIBS算法的差分分析[J]. J4, 2010, 45(4): 12-15.