ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (6): 1201-1210.doi: 10.7544/issn1000-1239.2018.20170275

• 信息安全 • 上一篇    下一篇

ARIA分组密码算法的不可能差分攻击

谢高淇,卫宏儒   

  1. (北京科技大学数理学院 北京 100083) (xiegaoqi@sina.cn)
  • 出版日期: 2018-06-01
  • 基金资助: 
    国家自然科学基金项目(61672509,U1603116);内蒙古自治区科技创新引导奖励资金(2012)

Impossible Differential Attack of Block Cipher ARIA

Xie Gaoqi, Wei Hongru   

  1. (School of Mathematics and Physics, University of Science and Technology Beijing, Beijing 100083)
  • Online: 2018-06-01

摘要: ARIA密码是2003年由韩国学者提出,并在2004年被选为韩国分组密码标准的新的分组密码算法.为了使用不可能差分方法对ARIA密码算法进行安全性分析,首先,根据ARIA密码的结构特征,构造一条4轮不可能差分路径,通过在不可能差分路径前面增加2轮、后面增加1轮的方式,对7轮ARIA密码算法进行不可能差分攻击.研究结果表明:7轮攻击共需要2\+\{119\}选择明文和大约2\+\{218\}次7轮加密运算.与已有结果相比较,该次攻击进一步降低了数据复杂度和时间复杂度.同时,在4轮不可能差分路径基础上,通过前面增加2轮、后面增加2轮的方式,首次提出了对ARIA密码算法的8轮不可能差分的新攻击.研究结果表明:8轮不可能差分攻击共需要2\+\{207\}选择明文和大约2\+\{346\}次8轮加密运算,已超过穷举搜索的攻击复杂度,故可认为在该路径下的8轮不可能差分攻击中ARIA密码算法是安全的.

关键词: 分组密码, ARIA密码, 不可能差分, 时间复杂度, 数据复杂度

Abstract: ARIA cipher is a new block cipher proposed by some South Korean experts in 2003. The design principle of ARIA is similar to the AES, and it has relatively high security. ARIA was established as a Korean Standard block cipher algorithm by Korean Agency for Technology and Standards in 2004. Combining the features of ARIA algorithm, a new impossible differential attack on 7-round ARIA is proposed by adding 2-round at the beginning and 1-round at the end. It is shown that this new impossible differential attack requires a data complexity of about 2\+\{119\}chosen plaintexts and a time complexity of about 2\+\{218\}7-round ARIA encryptions. Compared with the previous impossible differential attacks, this attack efficiently reduces the data complexity and time complexity. Similar to the attack of 7-round, a new impossible differential attack on 8-round ARIA is proposed first time by adding 2-round at the beginning and 2-round at the end. It is shown that this new impossible differential attack requires a data complexity of about 2\+\{207\} chosen plaintexts and a time complexity of about 2\+\{346\}8-round ARIA encryptions. It has exceeded the attack complexity of exhaustive search attack, so we can believe that ARIA cryptographic algorithm is safe in this path of 8-round impossible differential attack.

Key words: block cipher, ARIA cipher, impossible differential, time complexity, data complexity

中图分类号: