ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2016, Vol. 53 ›› Issue (3): 666-673.doi: 10.7544/issn1000-1239.2016.20148270

• 信息安全 • 上一篇    下一篇



  1. 1(华东师范大学计算机科学与软件工程学院 上海 200062); 2(东华大学计算机科学与技术学院 上海 201620) (
  • 出版日期: 2016-03-01
  • 基金资助: 

A Meet-in-the-Middle Attack on 8-Round mCrypton-96

WangGaoli1,2, GanNan2   

  1. 1(School of Computer Science and Software Engineering, East China Normal University, Shanghai 200062); 2(School of Computer Science and Technology, Donghua University, Shanghai 201620)
  • Online: 2016-03-01

摘要: 在分析分组密码算法的安全性时,利用密钥关系来降低时间、存储和数据复杂度是一个常用的手段.在4轮mCrypton-96性质的基础上,利用密钥生成算法的弱点和S盒的性质,降低了攻击过程中需要猜测的密钥比特数,提出了对8轮mCrypton-96算法的中间相遇攻击,攻击的时间复杂度约为2\+{93.5}次8轮mCrypton-96加密运算,存储复杂度为2\+{47}B,数据复杂度为2\+{57}个选择明文.

关键词: 密码算法分析, 中间相遇攻击, 分组密码, mCrypton, 密钥关系

Abstract: mCrypton is a lightweight block cipher introduced in Information Security Application 2006 by Lim and Korkishko. mCrypton-64/96/128 denote 3 versions of the cipher with 64/96/128 b keys respectively. In this paper, we apply the meet-in-the-middle (MITM) attack on 8-round mCrypton-96, which improves the best MITM attack result on mCrypton-96 by 1 round.When analyzing the security of block ciphers, using key relations to reduce the time complexity, memory complexity and data complexity is a common method. From the property of the key schedule of mCrypton-96, we know that each round key could calculate some information of the internal register by the algebraic structure of the key schedule, and some round keys could be deduced from the other round keys. By using the relationship of key schedule and the properties of S-box, we present a MITM attack on 8-round mCrypton-96 based on the 4-round distinguisher by adding 1 round on the top and 3 rounds at the bottom. The time, memory and data complexities of the attack are 2\+{93.5} encryptions, 2\+{47} B and 2\+{57} chosen plaintexts respectively. It is illustrated that mCrypton-96 not only has an efficient performance but also possesses strong security.

Key words: cryptanalysis, meet-in-the-middle (MITM) attack, block ciphers, mCrypton, relationship of keys