中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 信息安全国家重点实验室  > 学位论文
学科主题: 计算机科学技术基础学科::数据安全与计算机安全
题名:
流密码中非线性部件的分析与设计
作者: 杨笑
答辩日期: 2011-05-30
导师: 武传坤
专业: 信息安全
授予单位: 中国科学院研究生院
授予地点: 北京
学位: 博士
关键词: 流密码 ; T-函数 ; 布尔函数 ; ZUC算法 ; Loiss算法
摘要: 流密码算法是保密通信中一类重要的对称加密算法,对流密码算法的设计与分析是密码学界的热点研究问题。本文重点关注流密码算法中部分的非线性模块,研究了部分非线性模块的自身的密码学性质以及对算法整体安全性的影响,此外也给出了一些具有良好密码学性质的非线性模块的设计方案。主要结果有:(1).对布尔函数旋转对称性质的研究。滤波生成器的安全性主要由滤波函数提供。为抵抗代数攻击应该选取代数免疫函数作为滤波函数,但目前密码学界发现的几类代数免疫函数具有较强的旋转对称性。我们给出了一种对针对滤波函数的旋转对称性质攻击方法,并讨论了布尔函数旋转对称性质以及旋转对称性质对上述攻击的影响,分析了最优代数免疫函数对旋转对称攻击的脆弱性,指出滤波函数的选择应该适当远离旋转对称函数。(2).对单圈T-函数的构造及应用的研究。T-函数的概念是KlimovShamir2002年提出的,在密码学中有广泛的应用,但是如何快速有效地构造一大批具有单圈性质的T-函数是T-函数应用的一个瓶颈。本文主要关注单圈T-函数的构造,我们给出了两类一元单圈T-函数,这两类T-函数软件实现速度快、效率高,而且所生成的序列线性复杂度高、稳定性强。此外,我们还研究了参数与单圈T-函数的关系,给出了一个由已有的一元单圈T-函数和一个偶参数来构造新的一元单圈T-函数的方法。2005J.Hong提出了一类多元单圈T-函数,参数是这类单圈T-函数的关键组件。本文讨论了如何判断给定参数奇偶性,并给出了一类多元奇参数的构造方法,研究了多元奇参数和一类J.Hong函数的计数问题。基于上述工作,本文结合线性反馈移位寄存器和多元T-函数构造了一个新的伪随机序列生成器,所生成的序列周期长且具备良好的伪随机性质。(3).BOMM组件密码学性质的研究。BOMM组件是一种基于字节操作的混合型带记忆的序列扰乱算法。因具备良好的密码学性质,一个新的流密码算法Loiss使用了它作为主要组件。我们建立了BOMM组件的布尔方程系统,在此基础上,讨论了针对Loiss算法的代数攻击的复杂度。此外,我们还发现了BOMM组件的一个统计弱点,并分析了Loiss算法在一类的弱密钥下的安全性。(4).ZUC算法代数性质和比特重组部件的研究。ZUC算法是一个基于线性反馈移位寄存器(LFSR)的面向32比特字的流密码算法,我们讨论了该算法抵抗代数攻击的能力。研究了ZUC算法定义在GF(2)上的代数方程系统,讨论了求解的复杂度。由于ZUC算法使用了定义在Z/(2^{31}1)上的线性反馈移位寄存器,我们还给出了为ZUC算法建立定义在有限域Z/(2^{31}1)上的方程系统的方法。比特重组部件是连接ZUC算法的线性反馈寄存器和非线性函数部件的纽带,我们分析比特重组部件中抽头的选择对算法某些密码学性质的影响,给出了更优的抽头选择方案。
英文摘要:
The stream cipher algorithm is an important class of symmetric encryption algorithms using in secure communications, the cryptanalysis and design of Stream ciphers is one of the hot academic research problems. In this dissertation, we focus on some nonlinear primitives in stream ciphers. We make a survey and research of cryptanalysis of some non-linear cryptographic primitives and the impact on the overall security of stream cipher algorithms. In addition, we propose some of the non-linear primitive designs with good cryptographic properties. The main results of this dissertation are as follows:(1). The security of filter generators is provided by the filter function. For the resistance to algebraic attacks, functions with maximum algebraic immunity should be selected for use in the design of filter functions. However, the algebraic immune functions found so far have a strong property of rotation symmetry. In this dissertation, we introduce an attack on the rotation-symmetric nature of the filter functions, and discuss the rotation-symmetric property of filter functions and its influence on the rotation-symmetric attack. After the survey of the vulnerability of algebraic immunity function to the rotation-symmetric attack, we point out that the choice of filter function should be far away from rotation-symmetric functions properly.(2). In 2002, the notation of T-functions was introduced by Klimov and Shamir. T-functions are widely used in cryptographic designs, however, the efficient construction of large variety of such T-functions possessing single cycle property is a bottleneck for their applications. In this dissertation, we focus on the construction of single cycle T-functions. Two classes of single cycle T-functions on single-word are presented, and they can be efficiently implemented in software environment and produce sequences with high linear complexity and being stable. Moreover, we study the relationship between parameters and single cycle T-functions and give a method to construct new single cycle T-functions from given single cycle T-functions and even parameters. In 2005, J. Hong presented a class of multi-word single cycle T-functions with parameters as critical components. In this dissertation, we discuss how to determine whether a given parameter is even or odd, and present a class of odd parameters for multi-word T-functions and their enumeration. Based on that, we propose a construction of pseudo-random sequence generator which is composed of a Linear Feedback Shift Register (LFSR) and a multi-word T-function. It is proved that the generator can generate sequences with very large period and possess good pseudo-random properties. 

(3). BOMM is a byte-oriented mixed type algorithm with memory which is used to disorder a given byte sequence. It has been used as a main component in a new stream cipher called Loiss for having many good cryptographic properties. In this dissertation, we build an algebraic equation system with degree 5 for BOMM, and based on this equation system, we discuss the complexity of algebraic attack on Loiss. In addition, we also find a statistic weakness of BOMM and give an analysis of the security of Loiss under a specific class of weak keys.

(4). ZUC algorithm is a word-oriented stream cipher algorithm based on LFSR. We investigate the resistance of ZUC algorithm against algebraic attacks. We study an algebraic system of equations over GF(2) for ZUC and valuate the complexity of solving the algebraic system. As the LFSR of ZUC is defined over Z/(2^{31}-1), we also give an attempt at constructing a system of equations over Z/(2^{31} 1) for ZUC algorithm. The bit-reorganization connects the linear feedback registers and the nonlinear function in ZUC, we analyze impact of the choice of taps for the bit-reorganization to some cryptographic properties of ZUC, and give a better choice of taps for the bit-reorganization.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/10804
Appears in Collections:信息安全国家重点实验室_学位论文

Files in This Item:
File Name/ File Size Content Type Version Access License
博士论文.pdf(1632KB)----限制开放 联系获取全文
博士论文.pdf(1632KB)----限制开放 联系获取全文

Recommended Citation:
杨笑. 流密码中非线性部件的分析与设计[D]. 北京. 中国科学院研究生院. 2011-05-30.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[杨笑]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[杨笑]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace