Research On Differential Security Against Several Typical Block Cipher

Cryptography is the base and core of network security,which has spent about 4,000 years development.Block cipher is an important part of cryptography.Since DES was proposed up,security analysis of block ciphers has been a hot area.Many attack methods are proposed up,such as differential cryptanalysis,impossible differential cryptanalysis,related-key impossible differential cryptanalysis,linear cryptanalysis and zero-correlation linear cryptanalysis etc.For each new designed cipher,it is necessary to evaluate its security against the existing cryptographic methods.This dissertation mainly focuses on the ability of multiple differential attack resistance,such as SP structure block cipher SMS4,Feistel structure block cipher PRESENT,CLEFIA.The main contributions of this dissertation are as follows.1.Multile differential attack on SMS4.SMS4 is the underlying block cipher used in the WAPI(WLAN Authentication and Privacy Infrastructure)standard for securing wireless LANs in China,also the first commercial cipher algrithm.SMS4 has a 128-bit block size,a 128-bit user key,and a total of 32 rounds.In this part,firstly we integrated a group of 17-round differential characteristics,then constructed a statistic with multiple differentials for each experimental key.According to the statistics,we could validate the correctness of the experimental keys.To analyze the relation of success probability and data complexity,we set the computational complexity of multiple differential cryptanalysis and the probability distribution of statistics corresponding correct key and incorrect key as the correlated variables.As a result,we proposed an attack against 21-round SMS4 with some chosen plaintexts and encryptions by using the multiple differential cryptanalysis based on the optimal distinguisher.Compared with the existing results of differential and linear cryptanalysis on 21-round SMS4,the data complexity and time complexity of our attack can be reduced.Example shows that under circumstances of same success probability,multiple differential cryptanalysis can decrease the data complexity with more differential characteristics.2.Multile differential attack on PRESENT.PRESENT is an Ultra-Lightweight block cipher for extremely constrained environments such as RFID tags and sensor networks,and also can fulfill security requirements for application with low implementation costs.In this part,we integrated 320 14-round differential characteristics.Then we used the multiple differential cryptanalysis based on the optimal distinguisher to attack on 16-round PRESENT with some chosen plaintexts and encryptions to recover the 80-bit round key.Compared with the existing results of differential cryptanalysis on 16-round PRESENT,our data complexity and time complexity are also reduced.3.Differential Analysis of a Variable Generalized Feistel Structure.In order to investigate the impact of variable shift permutation on the ability of resisting differential attack for the block cipher with generalized feistel structure(GFS),we defined a controlled GFS and gave the relation of differential models of three consecutive rounds of controlled GFS.For r consecutive rounds of this structure,we presented a searching algorithm to derive the tight low bounds for the minimum number of active S-box.Experiments show that the ability of resisting differential attack of the controlled GFS is not improved comparing with the GFS with fixed shift permutation.Since the shift permutation is controlled by key,the implementation efficiency is reduced.4.Differential Analysis of General Feistel Network with Diffusion Switching Mechanism Structure.In order to provide the method to evaluate the ability against differential attack of a block cipher with DSM-GFS,we analyzed the relation of differential models in three consecutive rounds of DSM-GFS.For r consecutive rounds of this structure,we presented a searching algorithm to derive the tight low bounds for the minimum number of active S-box.Experiments show that the ability of resisting differential attack of the DSM-GFS will be improved comparing with the GFS.