摘要
Lai-Massey结构是由IDEA算法发展而来的一个分组密码结构,FOX系列密码算法是该密码结构的代表。该文从差分概率关于独立等概轮密钥的平均概率上界和给定起点和终点的线性链的平均概率上界两个角度出发,研究Lai-Massey结构的差分和线性可证明安全性。该文证明了2轮Lai-Massey结构的非平凡差分对应关于独立等概的轮密钥的平均概率≤p_(max);证明了当Lai-Massey结构的F函数是正型置换时,轮数r≥3的非平凡差分对应关于独立等概的轮密钥的平均概率≤p_(max)~2。针对给定起点和终点的线性链的平均概率上界,该文也获得了类似的结论。
Lai-Massey structure is a block cipher structure developed from IDEA algorithm. FOX is the representative of this cipher structure. In this paper, the keys are assumed to be generated independently and uniform randomly, and then the provable security against differential and linear cryptanalysis of Lai-Massey structure is studied from two aspects: the upper bound of the average differential probability and the upper bound of the average linear chains probability with the given starting and ending points. This paper proves that when r=2, the average differential probability ≤ pmax. With the F function of the Lai-Massey structure is 2 orthomorphism, this paper proves that when r≥ 3, the average differential probability ≤ p2max . A similar conclusion is obtained for the linear chains with a given starting and ending point.
作者
凡如亚
金晨辉
崔霆
FAN Ruya;JIN Chenhui;CUI Ting(The Information Engineering University of PLA,Zhengzhou 450001,China)
出处
《电子与信息学报》
EI
CSCD
北大核心
2018年第12期2986-2991,共6页
Journal of Electronics & Information Technology
基金
国家自然科学基金(61402523
61572516
61502532)~~
