若干对称密码算法的安全性分析
发布时间:2019-05-12 14:36
【摘要】:在信息技术日新月异的互联网时代,信息安全问题变得日益突出。作为信息安全的理论核心,密码学为数据的安全传送提供基本保障。现代密码学的密码体制通常分为两类:对称密码体制和非对称密码体制,其中对称密码是密码学研究的核心内容之一。对称密码主要包括分组密码、Hash函数和流密码,并且对称密码算法具有运行速度快,存储量小以及易于软硬件实现等优点。分组密码作为对称密码的重要分支,广泛地应用于许多领域,,如文件传输、网络通信和数据库系统安全等。Hash函数作为对称密码的另一个重要组成部分,在数字签名、文件完整性和身份认证等领域有着广泛的应用。 随着智能硬件和嵌入式技术的飞速发展,以及密码设备的大规模应用,从密码算法的数学结构上研究算法的安全性已经远远不够,而需从密码算法的具体实现分析算法的安全性。在这种背景下侧信道攻击应运而生,它利用密码设备计算过程中出现的软、硬件故障信息及相关输出可快速地恢复出密钥或者明文。差分故障攻击作为一种有效的侧信道攻击,是指通过对密码设备诱导故障并结合差分分析技术的密码分析方法。差分故障攻击凭借其攻击能力强,速度快且易实现等特点,已引起国内外研究学者的广泛关注。 本文主要针对Serpent算法、GOST算法和MD5算法压缩函数提出了有效的差分故障攻击方法,并进行了软件模拟。同时,本文也针对MD4算法提出了有效的故障检测方法。本文的创新性研究成果有: 首先,在面向单字节的随机故障模型和差分技术的基础上,提出了针对Serpent密码的有效差分故障攻击方法。数学分析和实验结果表明仅需要48个故障密文即可恢复Serpent密码的128位原始密钥。该方法也为同类型的其他迭代密码的差分故障攻击提供了一种较通用的分析手段。 其次,依据面向单字节的随机故障模型和差分技术,提出了对GOST密码的差分故障攻击方法。实验结果表明仅需要32个故障密文即可恢复GOST密码的256比特原始密钥。本文提出的方法不仅扩大了故障攻击的范围,而且还提高了故障导入效率,降低了所需的故障密文数。 然后,根据面向字的随机故障模型和差分技术,提出了对MD5算法压缩函数的差分故障攻击方法。实验结果表明仅需要导入144个故障即可恢复出MD5算法的当前输入消息块。该方法也为其它类似MD5结构的Hash函数的安全性分析提供了新的分析手段。 最后,依据差分故障攻击原理,提出了MD4算法抵御差分故障攻击的检测方法。通过该检测方法可以判断当前的MD4算法是否受到差分故障攻击,并确定故障导入位置,以及分辨导入的故障是否为有效故障。该检测方法对于其他的密码算法抵御差分故障攻击的研究具有重要的参考价值。
[Abstract]:In the Internet era with the rapid development of information technology, the problem of information security has become increasingly prominent. As the theoretical core of information security, cryptography provides the basic guarantee for the secure transmission of data. The cryptography of modern cryptography is usually divided into two categories: symmetric cryptography and asymmetric cryptography, in which symmetric cryptography is one of the core contents of cryptography research. Symmetric ciphers mainly include block ciphers, Hash functions and stream ciphers, and symmetric cryptography algorithms have the advantages of fast running speed, small storage and easy implementation of software and hardware. Block cipher, as an important branch of symmetric cipher, is widely used in many fields, such as file transfer, network communication and database system security. Hash function, as another important part of symmetric cipher, is used in digital signature. File integrity and identity authentication have a wide range of applications. With the rapid development of intelligent hardware and embedded technology, as well as the large-scale application of cryptography devices, it is far from enough to study the security of the algorithm from the mathematical structure of the cryptography algorithm. It is necessary to analyze the security of the algorithm from the specific implementation of the cryptography algorithm. In this context, the side channel attack emerges as the times require, which can quickly recover the key or clear text by using the software and hardware fault information and related output in the process of cryptography computing. As an effective side channel attack, differential fault attack refers to the cryptanalysis method which leads to the fault of cryptography equipment and combines the differential analysis technology. Differential fault attack has attracted extensive attention of scholars at home and abroad because of its strong attack ability, fast speed and easy implementation. In this paper, an effective differential fault attack method is proposed for Serpent algorithm, GOST algorithm and MD5 algorithm compression function, and the software simulation is carried out. At the same time, an effective fault detection method for MD4 algorithm is proposed in this paper. The innovative research results of this paper are as follows: firstly, based on the single byte-oriented stochastic fault model and differential technique, an effective differential fault attack method for Serpent cryptography is proposed. The mathematical analysis and experimental results show that only 48 fault ciphers are needed to recover the 128bit original key of Serpent password. This method also provides a general analysis method for differential fault attacks of other iterative ciphers of the same type. Secondly, based on the single byte-oriented stochastic fault model and differential technique, a differential fault attack method for GOST cryptography is proposed. The experimental results show that only 32 fault ciphertext is needed to recover the 256bit original key of the GOST password. The method proposed in this paper not only expands the scope of fault attack, but also improves the efficiency of fault import and reduces the number of fault ciphertext required. Then, according to the word-oriented stochastic fault model and differential technique, a differential fault attack method for compression function of MD5 algorithm is proposed. The experimental results show that only 144 faults can be imported to recover the current input message block of MD5 algorithm. This method also provides a new method for the security analysis of other Hash functions similar to MD5 structure. Finally, according to the principle of differential fault attack, a detection method of MD4 algorithm against differential fault attack is proposed. The detection method can be used to determine whether the current MD4 algorithm is attacked by differential fault, and to determine the location of fault import, and to distinguish whether the imported fault is an effective fault or not. This detection method has important reference value for other cryptography algorithms to resist differential fault attacks.
【学位授予单位】:东华大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TP309
本文编号:2475460
[Abstract]:In the Internet era with the rapid development of information technology, the problem of information security has become increasingly prominent. As the theoretical core of information security, cryptography provides the basic guarantee for the secure transmission of data. The cryptography of modern cryptography is usually divided into two categories: symmetric cryptography and asymmetric cryptography, in which symmetric cryptography is one of the core contents of cryptography research. Symmetric ciphers mainly include block ciphers, Hash functions and stream ciphers, and symmetric cryptography algorithms have the advantages of fast running speed, small storage and easy implementation of software and hardware. Block cipher, as an important branch of symmetric cipher, is widely used in many fields, such as file transfer, network communication and database system security. Hash function, as another important part of symmetric cipher, is used in digital signature. File integrity and identity authentication have a wide range of applications. With the rapid development of intelligent hardware and embedded technology, as well as the large-scale application of cryptography devices, it is far from enough to study the security of the algorithm from the mathematical structure of the cryptography algorithm. It is necessary to analyze the security of the algorithm from the specific implementation of the cryptography algorithm. In this context, the side channel attack emerges as the times require, which can quickly recover the key or clear text by using the software and hardware fault information and related output in the process of cryptography computing. As an effective side channel attack, differential fault attack refers to the cryptanalysis method which leads to the fault of cryptography equipment and combines the differential analysis technology. Differential fault attack has attracted extensive attention of scholars at home and abroad because of its strong attack ability, fast speed and easy implementation. In this paper, an effective differential fault attack method is proposed for Serpent algorithm, GOST algorithm and MD5 algorithm compression function, and the software simulation is carried out. At the same time, an effective fault detection method for MD4 algorithm is proposed in this paper. The innovative research results of this paper are as follows: firstly, based on the single byte-oriented stochastic fault model and differential technique, an effective differential fault attack method for Serpent cryptography is proposed. The mathematical analysis and experimental results show that only 48 fault ciphers are needed to recover the 128bit original key of Serpent password. This method also provides a general analysis method for differential fault attacks of other iterative ciphers of the same type. Secondly, based on the single byte-oriented stochastic fault model and differential technique, a differential fault attack method for GOST cryptography is proposed. The experimental results show that only 32 fault ciphertext is needed to recover the 256bit original key of the GOST password. The method proposed in this paper not only expands the scope of fault attack, but also improves the efficiency of fault import and reduces the number of fault ciphertext required. Then, according to the word-oriented stochastic fault model and differential technique, a differential fault attack method for compression function of MD5 algorithm is proposed. The experimental results show that only 144 faults can be imported to recover the current input message block of MD5 algorithm. This method also provides a new method for the security analysis of other Hash functions similar to MD5 structure. Finally, according to the principle of differential fault attack, a detection method of MD4 algorithm against differential fault attack is proposed. The detection method can be used to determine whether the current MD4 algorithm is attacked by differential fault, and to determine the location of fault import, and to distinguish whether the imported fault is an effective fault or not. This detection method has important reference value for other cryptography algorithms to resist differential fault attacks.
【学位授予单位】:东华大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TP309
【参考文献】
相关期刊论文 前3条
1 张蕾;吴文玲;;SMS4密码算法的差分故障攻击[J];计算机学报;2006年09期
2 李玮;谷大武;;基于密钥编排故障的SMS4算法的差分故障分析[J];通信学报;2008年10期
3 韩军;曾晓洋;赵佳;;抗差分功耗分析和差分故障分析的AES算法VLSI设计与实现[J];通信学报;2010年01期
本文编号:2475460
本文链接:https://www.wllwen.com/kejilunwen/xinxigongchenglunwen/2475460.html
