摘要
SIMON算法是由美国国家安全局(NSA)在2013年推出的一簇轻量级分组密码算法,具有实现代价低、安全性能好等优点,其轮函数采用了F(x)=(x<<<a)&(x<<<b)+(x<<<c)类型的非线性函数。该文研究了移位参数(a,b,c)一般化时SIMON类算法轮函数的线性性质,解决了这类非线性函数的Walsh谱分布规律问题,证明了其相关优势只可能取到0或2^(-k),其中k∈Z且0≤k≤|2^(-1)n|,并且对于特定条件下的每一个,都存在相应的掩码对使得相关优势等于2^(-k),给出了相关优势取到2^(-1)时的充分必要条件及掩码对的计数,给出了特定条件下非平凡相关优势取到最小值时的充分必要条件与掩码对的计数。
SIMON algorithm is a group of lightweight block cipher algorithms introduced by the National Security Agency(NSA)in 2013.It has the advantages of low implementation cost and good security performance.Its round function adopts F(x)=(x<<<a)&(x<<<b)⊕(x<<<c)type nonlinear function.In this paper,the linear properties of the round function of SIMON algorithm when the shift parameters(a,b,c)are generalized are studied.The problem of Walsh spectrum distribution of this kind of nonlinear function is solved,it is proved that the correlation advantage can only be equal to 0 or2^(-k),where k∈Z and 0≤k≤|2^(-1)n|,and for each k under specific conditions,there are corresponding mask pairs so that the correlation advantage is equal to 2^(-k).The necessary and sufficient conditions for the correlation advantage to be equal to 1/2 and the count of mask pairs are given.And the necessary and sufficient conditions for the nontrivial correlation advantage to be equal to the minimum value and the count of mask pairs under specific conditions are also given.
作者
关杰
卢健伟
GUAN Jie;LU Jianwei(Strategic Support Forces Information Engineering University,Zhengzhou 450001,China)
出处
《电子与信息学报》
EI
CSCD
北大核心
2021年第11期3359-3366,共8页
Journal of Electronics & Information Technology
基金
国家自然科学基金(61572516)。
