J4

• 研究论文 • 上一篇    下一篇

Square-6攻击的修正方案

韦宝典;刘东苏;王新梅   

  1. (西安电子科技大学 计算机网络与信息安全教育部重点实验室, 陕西 西安 710071)

  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2004-02-20 发布日期:2004-02-20

The correctional Square-6 attack

WEI Bao-dian;LIU Dong-su;WANG Xin-mei

  

  1. (Ministry of Education Key Lab. of Computer Network and Information Security, Xidian Univ., Xi'an 710071, China)

  • Received:1900-01-01 Revised:1900-01-01 Online:2004-02-20 Published:2004-02-20

摘要: Square-6攻击曾被认为是对6圈AES算法Rijndael最为有效的攻击之一,通过猜测4个首圈子密钥构造只含一个活动字节的Λ集,在此基础上实施Square-5攻击,时间复杂度为272. 文中指出Square-6攻击并不能构造出Λ集,从而攻击是不成功的;利用部分和技术给出不依赖于首圈子密钥的修正的Square-6攻击方法,其时间复杂度为250.

关键词: Rijndael, Λ集, Square攻击, 部分和

Abstract: The Square-6 attack was once thought to be one of the most effective attacks against the AES algorithm Rijndael of six rounds. It was performed with a time complexity of 272 by means of applying a Square-5 attack to a Λ set that contains an active byte. The Λ set was constructed by guessing four bytes of the initial round key. We point out in this paper that no proper Λ set can be built in the Square-6 attack and therefore the overall attack will fail without doubt. Based on the technique of the partial sums, a correctional Square-6 attack independent of the initial round key is described. The time complexity of the correctional attack is 250.

Key words: Rijndael, Λ-set, square attack, partial sum

中图分类号: 

  • TP309.2