Application Of MILP Method In Lightweight Cryptanalysis

With the popularization of computer and Internet technology,information security is getting more and more attention.Cryptography,as the cornerstone of information security,plays a very important role in modern society.The study of block ciphers is an important field of cryptography research.Block ciphers are generally used in iterative structure,which is fast and easy to implement.So it is widely used in various hardware and software security systems.The block cipher has a variety of structures,such as SPN structure,Feitesl structure.Present algorithm,Lbock algorithm is SPN structure and Festiel structure of the representative algorithm,Present algorithm is A Bogdanov proposed in CHES2007 on the SPN(Substitution Permutation Network)structure of the ultra-lightweight encryption algorithm,There will be a total of 31 rounds,the length of the plaintext is 64 bit,the key has two options are 80 bit and 128 bit two versions,mainly for resource-constrained environment.Because of its simple and efficient,in the Internet of things and radio frequency identification technology(RFID)has been widely used.The Lblock cipher algorithm is a lightweight block cipher presented at the 2011 Cryptography Network Security Conference.Lblock is a block cipher algorithm with a packet length of 64 bits and a total of 32 rounds with a key length of 80 bits.MILP full name is mixed integer linear programming is a class from the linear programming optimization,the goal is to optimize the objective function under certain constraints.MILP has been widely used in academia and industry.In the block cipher module,MILP model is not the same.Prof.Sun proposed the application of MILP model in block cipher,and Nicky Mouha and Qingju Wang's MILP model combined with block cipher,and the Division Property proposed by Japanese Todo,combined with MILP method to search for the lightweight block cipher algorithm for the Integral Distinguisher's balance bit.The main contents of this paper include:(1)for the SPN class Present algorithm,combined with the impossible differential characteristic of the algorithm,we use two methods,One is the total number of active S-box diffusion and the number of rounds,the sum of the sum of the S-box diffusion is the least,that is,the optimal situation,the other is by means of greedy algorithm for research,discharge can not appear difference characteristic.(2)for the Feitesl class Lblock algorithm,the core of integral attack is to construct the appropriate integral distinguisher,and then according to their own summary of the Lblock algorithm key diffusion law,statistics the number of keys which need to guess,and the time complexity and data complexity of the integral attack are obtained,compared with the time data complexity of other analysis methods of Lblock algorithm.The time complexity of Lblock algorithm based on integral attack is reduced.(3)By the Lblock algorithm integral attack,based on the concept of Division Property proposed by Todo,the Lblock algorithm and MILP model are studied on the basis of predecessors.