ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (7): 1525-1536.doi: 10.7544/issn1000-1239.2017.20160415

• 信息安全 • 上一篇    下一篇



  1. (解放军信息工程大学 郑州 450001) (
  • 出版日期: 2017-07-01
  • 基金资助: 

Impossible Differential Attack on Crypton

Cui Jingyi, Guo Jiansheng, Liu Yipeng   

  1. (The PLA Information Engineering University, Zhengzhou 450001)
  • Online: 2017-07-01

摘要: Crypton算法是基于Square算法设计的SPN结构类密码算法,由于其具备良好的软硬件性能而引起了广泛的关注.对Crypton分组密码算法在不可能差分分析下的安全性进行了研究.通过分析Crypton算法扩散层的性质,指出了现有7轮Crypton算法不可能差分分析中存在的问题,结合快速排序、分割攻击与早夭技术对7轮Crypton算法的不可能差分分析进行了改进,降低了其数据复杂度与时间复杂度;同时,通过并行使用4条不可能差分区分器,结合密钥扩展算法的性质给出了7轮Crypton算法的多重不可能差分分析结果,恢复了算法的主密钥;最后,在7轮Crypton算法的不可能差分分析的基础上向后拓展1轮,给出了8轮Crypton-256算法的不可能差分分析,恢复了其主密钥,其数据复杂度为2\+{103}个选择明文,时间复杂度为2\+{214}次8轮Crypton加密,存储复杂度为2\+{154.4} B.研究结果表明:结合算法的性质及多种技术给出了Crypton算法目前最优的不可能差分分析结果.

关键词: 分组密码, 密码分析, Crypton, 不可能差分分析, 早夭技术

Abstract: Crypton is one of the candidates of AES that designed based on Square which is a SP-network block cipher. Crypton attracts much attention of the world because of its excellent performance on hardware. The security of Crypton block cipher under impossible differential attack was studied in this paper. The properties of the diffusion layer and nonlinear layer of Crypton are analyzed and combined with the quick sort technique, the divide-and-conquer strategy, the early abort technique, the impossible differential attack on 7-round Crypton is improved with a lower data complexity and time complexity. By using 4 impossible differential distinguishers in parallel, combined with the property of key schedule, the master key of 7-round Crypton is recovered. Based on the impossible differential attack on 7-round Crypton, one more round is extended to maintain the attack on 8-round Crypton-256 to recover the 256-bit key with a data complexity of 2\+{103} chosen plaintexts, a time complexity of 2\+{214} 8-round encryptions, a memory complexity of 2\+{154.4 }B. The results show that with the usage of several techniques and the properties of Crypton, the best impossible differential attacks on Crypton are proposed in this paper known before. These techniques can also be used to analyze the other SP-network block ciphers.

Key words: block cipher, cryptanalysis, Crypton, impossible differential attack, early abort technique