| Trivium序列密码的线性性质和代数性质 |
| |
| 引用本文: | 申兵,霍家佳.Trivium序列密码的线性性质和代数性质[J].信息安全与通信保密,2013(12):113-116. |
| |
| 作者姓名: | 申兵 霍家佳 |
| |
| 作者单位: | 保密通信重点实验室,四川成都610041 |
| |
| 摘 要: | Trivium是C.De Cannière和B.Preneel在2005年为欧洲eSTREAM项目设计的序列密码,Trivium被选为最终的7个算法之一.Trivium的内部状态为288比特,密钥长度为80比特.文中给出Trivium的分组密码迭代模型,在这个模型下,利用计算程序得出了Trivium各轮输出关于内部状态的线性逼近及其线性逼近概率,当初始化轮数超过246时,其输出关于输入的线性逼近概率不大于1/2+2-41.利用计算机搜索程序,给出Trivi-um在轮的代数方程规模,利用l 152个输出比特,得到的二次方程组包含6 788个变量、11 232个方程,从实验上证明了Trivium算法能抗线性攻击和代数攻击.
|
| 关 键 词: | Trivium序列密码 线性攻击 代数攻击 |
Analysis on Linear and Algebraic Property of Trivium Stream Cipher |
| |
| SHEN Bing,HUO Jia-jia.Analysis on Linear and Algebraic Property of Trivium Stream Cipher[J].China Information Security,2013(12):113-116. |
| |
| Authors: | SHEN Bing HUO Jia-jia |
| |
| Affiliation: | (Science and Technology on Communication Security Laboratory, Chengdu Sichuan 610041, China) |
| |
| Abstract: | Trivium is a stream cipher designed by C. De Canni~re and B. Preneel for the European project eSTREAM in 2005. Trivium, selected as one of the final seven stream ciphers,has an internal state size of 288 bits and a key length of 80 bits. In this paper,a block cipher based iterative model for Trivium is proposed. Based on this model,the linear approximation probability for output bits and internal states of each round are computed. When the iterative rounds exceed 246, this probability is less than 1/2+2 41. Meanwhile, the scale of algebraic equations for each round of Trivium is estimated by a search program. With 1 152 output bits, the quadratic equation system containing 6 788 variants and 11 232 equations is obtained. Experimental results indicate that Trivium can successfully resist Linear attack and alge- braic attack. |
| |
| Keywords: | Trivium stream cipher linear attack algebraic attack |
| 本文献已被 维普 等数据库收录! |
|
