| Nowadays, because of the high computing performance, the security of the original cryptography standard cannot cope with our everyday use, therefore USA has carried out AES and UK has carried out NESSIE and eSTREAM. With the overall implementation of these plans, the theory and the research of the cryptography are facing severe challenges together with development opportunities. How to design a safe and efficient cryptography system has become an important problem in the area of information security.Block cipher which is an important technology used to protect the confidentiality and the integrity of information is an important kind of symmetric cipher. The main researches on block cipher are design, analysis, working mode, fast implementation, detection and so on. The design and analysis on block cipher which determine the development of block cipher are independent and unified contradictory objects. Analysis on the security provides new thought for the design and various deliberate designs bring severe challenges to the analysis conversely. Only by profound understanding and keen sensation, can a safe and efficient block cipher be designed. The working mode is a cryptography scheme used to solve practical problems so it affects the security and the efficiency directly when the block cipher is being used. Fast implementation and detection are used to evaluate block cipher, which provide quantitative indexes and technical parameters for design, analysis and application. The overall implementation of AES and NESSIE has greatly promoted the development of block cipher and changes the design of a block cipher from experience to theory.This paper firstly introduces the design principles of the block cipher and the mathematical basis of AES. The whole encryption and decryption processes of AES are illustrated through one round transformation. After analysis in some effective known attacks, the weak link of AES is found, that is, the key schedule.Aiming at the weakness of AES key schedule, this paper puts forward three specific improvements step by step and analyzes the security of the improvements. Improvement 1, based on a further research on the key schedule of Serpent which is one of the AES candidate algorithms, makes it impossible to deduce forward and backward by adding one round keys to participate in the process of the next round keys generation, so the security of the original algorithm is increased. On this basis, this paper summarizes an attribute which an excellent key schedule should posses, that is non-deduction. With the guidance of this attribute, improvement 2 and improvement 3 are put forward. Its core idea is still to use the front round keys to generate the back ones. The difference is that one round keys are added to participate in the process of the next round keys generation. In theory, this makes it impossible to deduce forward and backward for the attackers who can obtain one round keys. However there is a serious defect in improvement 1 which has the risk of exposure all the keys including the seeds, regarding to known continuous two round keys. Because of the design of the algorithm itself, when continuous two round keys have been known, backward deduction cannot be avoided. The only thing can be done is to try our best to make forward deduction impossible, so improvement 2 is put forward to protect the seeds. Regarding to known one round keys, improvement 2 makes the complexity of forward deduction of one round keys 296 and the complexity of backward deduction of one round keys 264. If forward deduction of two round keys is wanted, the modified complexity is multiplied 232, analogizing later. Regarding-to known continuous two round keys, improvement 2 makes the complexity of forward deduction of one round keys 23. If forward deduction of two round keys is wanted, the modified complexity is multiplied 232, analogizing later. If the continuous two round keys are from the fourth round and the fifth round, the complexity will not be lower than exhaustive attack. When the first two words in the previous round are obtained, they can be used to determine the last two words so the strength of improvement 2 can reach that of 128 bits' key only after four rounds. Aiming at this problem, improvement 3 is put forward, which makes complexity of forward deduction of one round keys from continuous two round keys 264. The strength of improvement 3 can reach that of 128 bits' key just after two rounds and it can reduce one complex operation in each round. According to the experimental data, improvement 3 has not affected the high efficiency of the original algorithm.Through a further research on AES key schedule, this paper puts forward non-deduction which is an excellent attribute that the key schedule of a block cipher should possess for the first time in the field of AES and uses it in the design of AES key schedule. When AES is being used to encryption and decryption, key schedule is just one module whose function is only to provide round keys used in the step of AddRoundKey and does not participate in any other steps of the encryption and decryption so it will not bring unknown effect to AES. The improvement in this paper does not affect the high efficiency of the original algorithm while increases the security of the original algorithm. This has unified the security and the high efficiency of an algorithm and will provide a new reference standard for the design of a new block cipher in the future. This is absolutely different from the original algorithms which sacrificed high efficiency for security or security for high efficiency.The significance of this paper lies in not only putting forward a new attribute of a key schedule and using it in a specific algorithm in order to increase the security of the original one but providing a new way to design a block cipher which unifies the security and the high efficiency of an algorithm, that is one attribute cannot be sacrificed for the other attributes as well. |
PDF Full Text Request