Improved integral attack——random linear distinguish and key recovery attack
Based on the integral attack and collision attack of four rounds of AES, a random linear distinguish attack against four rounds of SP block ciphers was proposed, which took advantage of the non-uniformity of linear biases’ distribution between some blocks of plaintext and inner state.Combined with p...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2023-04-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023085/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Based on the integral attack and collision attack of four rounds of AES, a random linear distinguish attack against four rounds of SP block ciphers was proposed, which took advantage of the non-uniformity of linear biases’ distribution between some blocks of plaintext and inner state.Combined with precomputation, a key recovery attack against four rounds of AES-like block ciphers was proposed.For LED-64, the results of distinguish attack and key recovery attack were given.Therein for LED-64 of 1-Step, the probability of successful distinguish attack is 85% under the condition that the data complexity is 2<sup>8</sup> and the computational complexity is 2<sup>16</sup> basic operation.For LED-64 of 2-Step, the calculation complexity of the key recovery attack under the condition of related key is 2<sup>14</sup> basic operation, the data complexity is 2<sup>8</sup>, and the precomputation storage complexity is 2<sup>38</sup> half bytes. |
|---|---|
| ISSN: | 1000-436X |