SIMON类密钥交替Feistel密码不可分辨性分析的改进

发布时间：2018-03-11 00:10

本文选题：不可分辨性　切入点：Feistel结构　出处：《山东大学》2017年硕士论文　论文类型：学位论文

【摘要】：之前的工作已经证明Feistel结构与随机置换是不可分辨的,随后研究员开始研究如何在这样的Feistel结构中添加密钥获取一个可证明安全的分组密码。在Feistel结构中,假设轮函数是n比特到n比特的随机函数,各轮所采用的轮函数是相互独立且公开的,相同密钥交替的混合进状态的一半,这样设计的结构正是SIMON族分组密码的基本结构。更详细地,状态更新可以描述为:(xi,xi-1)→(xi-1(?)Fi(xi)(?)k,xi)本文借鉴John Steinberger教授的思想,修改了郭与林之前证明中用到的模拟器,证明18轮足够可以使得这样Feistel结构的密码与分组长度为2n,密钥长度为n比特的理想密码不可分辨,成功地将之前的21轮才能证明Feistel结构的密码与理想密码不可分辨性结论修改为18轮。
[Abstract]:Previous work has proved that the Feistel structure is indistinguishable from the random permutation, and researchers then began to study how to add a key to such a Feistel structure to obtain a provable secure block cipher. Assuming that the wheel function is a random function from n-bit to n-bit, the wheel functions used in each round are independent and open, half of the intermingled state with the same key alternately. The structure so designed is the basic structure of the SIMON family block cipher. In more detail, the status update can be described as:. 鈫扻i-1a? What is it? This paper uses Professor John Steinberger's idea for reference and modifies the simulator used in Guo Yulin's previous proof. It is proved that 18 rounds can make the ciphers of this Feistel structure indistinguishable from the ideal ciphers of 2nn, n-bit key length. The indiscernibility conclusion of the previous 21 rounds to prove that the Feistel structure is indistinguishable from the ideal cipher is modified to 18 rounds.
【学位授予单位】：山东大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TN918.4

【相似文献】