共查询到20条相似文献,搜索用时 15 毫秒
1.
Eli Biham 《Journal of Cryptology》1999,12(3):161-184
Multiple modes of operation and, in particular, triple modes of operation were proposed as a simple method to improve the
strength of blockciphers, and in particular of DES. Developments in the cryptanalysis of DES in recent years have popularized
the triple modes of DES, and such modes are now considered for ANSI standards.
In a previous paper we analyzed multiple modes of operation and showed that the security of many multiple modes is significantly
smaller than expected. In this paper we extend these results, with new cryptanalytic techniques, and show that all the (cascaded)
triple modes of operation are not much more secure than a single encryption—in the case of DES they can be attacked with up
to an order of 2
56
—2
66
chosen plaintexts or ciphertexts and complexity of analysis. We then propose several candidates for more secure modes.
Received 19 August 1996 and revised 29 September 1997 相似文献
2.
Luby and Rackoff [26] showed a method for constructing a pseudorandom permutation from a pseudorandom function. The method
is based on composing four (or three for weakened security) so-called Feistel permutations, each of which requires the evaluation
of a pseudorandom function. We reduce somewhat the complexity of the construction and simplify its proof of security by showing
that two Feistel permutations are sufficient together with initial and final pairwise independent permutations. The revised
construction and proof provide a framework in which similar constructions may be brought up and their security can be easily
proved. We demonstrate this by presenting some additional adjustments of the construction that achieve the following:
• Reduce the success probability of the adversary.
• Provide a construction of pseudorandom permutations with large input-length using pseudorandom functions with small input-length.
Received 2 August 1996 and revised 26 July 1997 相似文献
3.
In this paper we cryptanalyze the CBCM mode of operation, which was almost included in the ANSI X9.52 Triple-DES Modes of
Operation standard. The CBCM mode is a Triple-DES CBC variant which was designed against powerful attacks which control intermediate
feedback for the benefit of the attacker. For this purpose, it uses intermediate feedbacks that the attacker cannot control,
choosing them as a keyed OFB stream, independent of the plaintexts and the ciphertexts. In this paper we find a way to use
even this kind of feedback for the benefit of the attacker, and we present an attack which requires a single chosen ciphertext
of 2
65
blocks which needs to be stored and 2
59
complexity of analysis (CBCM encryptions) to find the key with a high probability. As a consequence of our attack, ANSI
decided to remove the CBCM mode from the proposed standard.
Received May 1998 and revised June 2001 Online publication 28 November 2001 相似文献
4.
2轮Trivium的多线性密码分析 总被引:1,自引:0,他引:1
作为欧洲流密码发展计划eSTREAM的7个最终获选算法之一,Trivium的安全性考察表明至今为止还没有出现有效的攻击算法。该文针对2轮Trivium,通过找出更多线性逼近方程,对其进行了多线性密码分析,提出了一种更有效的区分攻击算法。与现有的单线性密码分析算法相比,该算法攻击成功所需的数据量明显减少,即:若能找到n个线性近似方程,在达到相同攻击成功概率的前提下,多线性密码分析所需的数据量只有单线性密码分析的1/n。该研究结果表明,Trivium的设计还存在一定的缺陷,投入实用之前还需要实施进一步的安全性分析。 相似文献
5.
Ali Aydın Selçuk 《Journal of Cryptology》2008,21(1):131-147
Despite their widespread usage in block cipher security, linear and differential cryptanalysis still lack a robust treatment
of their success probability, and the success chances of these attacks have commonly been estimated in a rather ad hoc fashion.
In this paper, we present an analytical calculation of the success probability of linear and differential cryptanalytic attacks.
The results apply to an extended sense of the term “success” where the correct key is found not necessarily as the highest-ranking
candidate but within a set of high-ranking candidates. Experimental results show that the analysis provides accurate results
in most cases, especially in linear cryptanalysis. In cases where the results are less accurate, as in certain cases of differential
cryptanalysis, the results are useful to provide approximate estimates of the success probability and the necessary plaintext
requirement. The analysis also reveals that the attacked key length in differential cryptanalysis is one of the factors that
affect the success probability directly besides the signal-to-noise ratio and the available plaintext amount. 相似文献
6.
Charanjit S. Jutla 《Journal of Cryptology》2008,21(4):547-578
We define a new mode of operation for block ciphers which, in addition to providing confidentiality, also ensures message
integrity. In contrast, previously for message integrity a separate pass was required to compute a cryptographic message authentication
code (MAC). The new mode of operation, called Integrity Aware Parallelizable Mode (IAPM), requires a total of m+1 block cipher evaluations on a plain-text of length m blocks. For comparison, the well-known CBC (cipher block chaining) encryption mode requires m block cipher evaluations, and the second pass of computing the CBC-MAC essentially requires additional m+1 block cipher evaluations. As the name suggests, the new mode is also highly parallelizable. 相似文献
7.
In this paper we consider multiple encryption schemes built from conventional cryptosystems such as DES. The existing schemes
are either vulnerable to variants of meet-in-the-middle attacks, i.e., they do not provide security corresponding to the full
key length used or there is no proof that the schemes are as secure as the underlying cipher. We propose a variant of two-key
triple encryption with a new method of generating three keys from two. Our scheme is not vulnerable to the meet-in-the-middle
attack and, under an appropriate assumption, we can show that our scheme is at least about as hard to break as the underlying
block cipher.
Received 22 June 1995 and revised 11 October 1996 相似文献
8.
介绍了正交空时分组码的模型,自干扰,性能;并由此提出了一种高速率准正交空时分组码的闭环模式,保证MIMO系统获得较高的速率,同时减少由于正交性减弱而引起的性能下降.其中反馈的方法就是根据发射端能够获得部分信道状态信息而提出的,这种自适应模式的性能在瑞利衰落信道下通过仿真得到了验证. 相似文献
9.
针对机载火控雷达典型空空工作模式的判定问题,提出一种基于DS证据理论的判定体系。首先,从侦收到的敌方雷达信号中提取特征参数并构建雷达信号特征库,通过预判断流程快速实现单平台下的模式分组;然后,对分组后的多维空间模式识别结果运用DS证据理论,采用分布式结构进行单平台多周期时域融合和多平台空域信息融合,实现雷达工作模式判定。仿真结果表明:该体系能在单平台下识别速度搜索模式和单目标跟踪模式,在多平台下对边搜索边测距模式和边扫描边跟踪模式的判定信度达83.3%,实时性和准确率较好,具有实际应用价值。 相似文献
10.
设计了一种中心对称的分裂环形状超表面结构,该结构具有偏振不敏感和高品质因子的特性。通过理论和实验研究,深入分析了其谐振点的频谱特性,并确定了谐振峰的模式,包括LC、偶极和高阶谐振等。其中,几种高阶谐振模式表现出较高的高品质因数Q(约230),并且对超表面衬底材料的介电常数变化高度敏感。此外,还研究了具有不对称超表面结构的电磁性质,发现通过分别增加超表面结构沿水平轴(x轴)和垂直轴(y轴)的不对称性,可以产生和增强0.332 THz和0.210 THz的谐振。 相似文献
11.
12.
目前,有线电视数字化正在全国广泛展开。数字互动电视使用户变被动收视为主动收视,提供了更加个性化的服务,成为推广数字电视的一个亮点。提出了广电网络运营商利用现有接入网络开展数字互动电视业务的解决方案。 相似文献
13.
14.
15.
Mohsen Shakiba Mohammad Dakhilalian Hamid Mala 《International Journal of Communication Systems》2015,28(8):1401-1418
In recent years, because of the security requirements of resource‐constrained devices, design and analysis of lightweight block ciphers has received more attention. mCrypton is a lightweight block cipher that has been specifically designed for using in resource‐constrained devices, such as low‐cost radio‐frequency identification tags and sensors. In this paper, we consider cryptanalysis of full‐round mCrypton‐64 using a new extension of biclique attack called non‐isomorphic biclique cryptanalysis. As it is known, effectiveness of the biclique attack is highly dependent to the weakness of key schedule, and it does not seem to be appropriate for block ciphers with strong key scheduling. The non‐isomorphic biclique attack, using an asymmetric key partitioning technique, provides more degrees of freedom to the attacker and makes it possible to use the diffusion layer properties of a block cipher for constructing longer bicliques. Results show that the attack on full‐round mCrypton requires 233.9 chosen plaintexts and a time complexity of 262.67 encryptions. The computational complexity reduces to 262.3, 261.4, and 259.75 encryptions for 10, 8, and 6 rounds of mCrypton‐64, respectively. We also have a discussion on the general form of the computational complexity for non‐isomorphic biclique cryptanalysis. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
16.
CBC MAC for Real-Time Data Sources 总被引:1,自引:0,他引:1
The Cipher Block Chaining (CBC) Message Authentication Code (MAC) is an authentication method which is widely used in practice.
It is well known that the use of the CBC MAC for variable length messages is not secure, and a few rules of thumb for the
correct use of the CBC MAC are known by folklore. The first rigorous proof of the security of CBC MAC, when used on fixed
length messages, was given only recently by Bellare et al.[3]. They also suggested variants of CBC MAC that handle variable-length
messages but in these variants the length of the message has to be known in advance (i.e., before the message is processed).
We study CBC authentication of real-time applications in which the length of the message is not known until the message ends,
and furthermore, since the application is real-time, it is not possible to start processing the authentication until after
the message ends.
We first consider a variant of CBC MAC, that we call the encrypted CBC MAC (EMAC), which handles messages of variable unknown lengths. Computing EMAC on a message is virtually as simple and as efficient
as computing the standard CBC MAC on the message. We provide a rigorous proof that its security is implied by the security
of the underlying block cipher. Next, we argue that the basic CBC MAC is secure when applied to a prefix-free message space.
A message space can be made prefix-free by also authenticating the (usually hidden) last character which marks the end of
the message.
Received 16 September 1997 and revised 24 August 1999 Online publication 2 June 2000 相似文献
17.
中国电信企业经过多年的高速发展,逐渐步入成熟期,增长率下降、利润降低将是必然趋势,因此目前亟需探索新的运营模式,向综合型全业务电信运营商的方向发展。法国电信集团历史悠久,市场转型起步早.其发展经验有许多地方值得借鉴,包括法国电信集团具有特色的品牌战咯、灵活的经营模式、为企业提供全方位服务的经营手段。中国电信企业应积极开展全业务经营,加快发展企业网市场,完善合作运营模式,争取早日走向世界。 相似文献
18.
19.
20.
Mark Vrancken Guy A.E. Vandenbosch 《AEUE-International Journal of Electronics and Communications》2002,56(6):411-415
For the emerging market of Direct-to-User Broadcast Satellite TV (DBS-TV), flat plate slot array antennas are currently being designedand commercialized. Although the antenna configuration resembles a FSS (Frequency Selective Surface) slot array, the electromagnetic analysis ofthe antenna problem requires a new approach. The theory of Characteristic Modes is extended to deal with multiple stacked apertures. Entire domain expansion functions are selected from the Characteristic Mode set and used to reduce the computational effort to analyze finite arrays with an orderof magnitude. 相似文献