CN114900286A - 16-bit S box construction method based on L-M-NFSR structure - Google Patents
16-bit S box construction method based on L-M-NFSR structure Download PDFInfo
- Publication number
- CN114900286A CN114900286A CN202210533588.1A CN202210533588A CN114900286A CN 114900286 A CN114900286 A CN 114900286A CN 202210533588 A CN202210533588 A CN 202210533588A CN 114900286 A CN114900286 A CN 114900286A
- Authority
- CN
- China
- Prior art keywords
- bit
- box
- nfsr
- constructed
- sample set
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Complex Calculations (AREA)
Abstract
The invention discloses a method for constructing a 16-bit S box based on Lai-Massey and NFSR (L-M-NFSR) structures, which is characterized by selecting an AES algorithm S box as a sample construction sample set by using affine equivalence; by utilizing an 8-stage nonlinear feedback shift register, an NFSR structure with strict avalanche characteristics can be achieved by designing iteration with few beats, and the NFSR structure is combined with a Lai-Massey structure, an 8-bit S box is used as a sample, and the 8-bit S box is used as a round function in the Lai-Massey structure, so that the variability of the structure is enhanced, the structural design is simplified, and the NFSR structure is easy to realize. The method constructs a 16-bit S box with strong cryptography property, and provides safe nonlinear transformation support for a block cipher algorithm.
Description
Technical Field
The invention relates to the field of information security, in particular to a method for constructing a 16-bit S box based on an L-M-NFSR structure.
Background
The block cipher algorithm is widely used as a mainstream algorithm in the symmetric encryption algorithm. The design of block cipher algorithms needs to follow the shannon principle of diffusion and aliasing, where the aliasing property is mainly provided by means of the only S-Box (S-Box) capable of non-linear transformation. The security degree of the S-box determines the security strength of the overall cryptographic algorithm, so that attacks against the cryptographic algorithm are mainly attacks against the S-box at present. With grindingDES was shown to be compromised due to weakness in the nature of the S-box. With the increase of computer computing power, 4/8-bit S-boxes have been difficult to resist attack threats brought by high-performance computing, especially quantum computing, due to their low complexity. And 16-bit S-boxes, which are 2 higher in complexity than 8-bit S-boxes 8 The 16-bit S-box therefore has a strong advantage in resisting mathematical attacks.
The construction method of the password S box mainly comprises a mathematical method construction, a password algorithm structure construction, an intelligent algorithm construction and the like. The cipher algorithm structure is a common method, and classic cipher algorithm structures comprise a Feistel structure, an SPN structure, a MISTY structure, a Lai-Massey structure and the like, wherein the Lai-Massey structure is a two-branch structure, can iterate for multiple rounds, mainly comprises XOR operation and round functions, and has the advantages of simple structure, easiness in hardware implementation and the like. The evaluation indexes of the S box safety mainly comprise mathematical indexes and indexes for resisting side channel attacks. The mathematical indexes comprise nonlinearity, difference uniformity, algebraic times and the like; the evaluation of the side channel attack resistance index includes signal-to-noise ratio and the like.
Disclosure of Invention
The invention aims to provide a method for constructing a 16-bit S box based on Lai-Massey and NFSR (L-M-NFSR) structures, wherein the NFSR structure with strict avalanche characteristics can be achieved by designing iteration with less beat number, and is combined with the Lai-Massey structures, 8-bit S boxes are used as samples to construct 16-bit S boxes with strong cryptology properties, so that safe nonlinear transformation support is provided for a block cipher algorithm.
The technical scheme for realizing the purpose of the invention is as follows:
a16-bit S box construction method based on an L-M-NFSR structure comprises the following steps:
(1) constructing an 8-bit S-box sample set;
selecting an AES algorithm S box with better cryptography property as a sample construction sample set by using affine equivalence;
(2) designing an NFSR component which meets strict avalanche characteristics;
two NFSR components which have less iteration and can meet strict avalanche characteristics are constructed by using an 8-stage nonlinear feedback shift register, and complete diffusivity support is provided for the constructed 16-bit S-box;
(3) constructing a 16-bit S box structure based on the L-M-NFSR;
combining the constructed NFSR component with a Lai-Massey structure, performing multiple rounds of iteration based on the constructed 8-bit password S box sample set, calculating and outputting to construct a 16-bit password S box;
(4) traversing and searching a 16-bit S box;
based on the constructed new structure, a large number of 16-bit S boxes are constructed by fully traversing the 8-bit S box sample set and the left and right branches on an 8-bit binary domain;
(5) s, screening boxes;
and testing the constructed 16-bit S box to screen out the 16-bit password S box with better password property.
In the 16-bit S-box construction method of the present invention, the construction of the 8-bit S-box sample set in step (1) specifically comprises the following steps:
(1.1) selecting 8-bit S-box samples: selecting an AES algorithm 8-bit S box as an affine equivalent sample, wherein the nonlinearity of the S box is 112, the difference uniformity is 4, and the algebraic number is 7;
(1.2) based on the selected 8-bit S box, constructing an S box sample set by using affine equivalence, wherein the affine equivalence formula is as follows:wherein, SBox AES An AES algorithm S box; m, N is an N-order reversible matrix, and M, N belongs to GL (N, F) 2 ) M, n are n bit constants,the S box obtained by affine equivalence can ensure that the properties of the non-linearity, the difference uniformity, the algebraic times and the like are the same as the nature of the selected S box.
In the 16-bit S box construction method, the NFSR component which is constructed in the step (2) and accords with strict avalanche characteristics specifically comprises the following steps:
(2.1) in order to ensure that the constructed 16-bit S box has better diffusion effect and increase the safety of the S box, 2 8-stage NFSR components conforming to strict avalanche characteristics are constructed in the invention, which are respectively marked as NFSR1 and NFSR2, after a certain number of iterations, the sequence has diffusion characteristics, 8 state registers are arranged in each 8-stage NFSR, and R is used as i (0 ≦ i ≦ 7) for a certain bit state before register iteration, denoted R i '0 ≦ i ≦ 7' represents the bit state of the register after iteration, and in the iteration update, 4 bits to be updated are selected, namely 1 st, 3 rd, 5 th and 7 th bits, namely, every iteration of NFSR, the 4 bits are updated, and other positions directly receive circularly shifted data; setting the iterative beats of the NFSR1 and the NFSR2 to 10 beats and 23 beats respectively, wherein the two NFSRs can meet strict avalanche characteristics under the iterative beats;
in the 16-bit S-box construction method of the invention, the construction of the 16-bit S-box structure based on the L-M-NFSR in the step (3) comprises the following specific steps:
(3.1) constructing a 16-bit S box on the basis of a Lai-Massey structure, simplifying the design of a round function by taking 3 8-bit S boxes as the round function, providing stronger nonlinear support for the structure, and taking the NFSR structure constructed in the 2 steps (2) as a component for enhancing the diffusion effect;
(3.2) determining the number of wheels of the combined structure: the Lai-Massey structure can achieve certain safety in 3 rounds, and the number of iteration rounds of the new structure is set to be 3 rounds;
(3.3) determining input/output: the Lai-Massey structure is a balanced structure of left and right branches, so that the input/output of the left branch and the right branch are both 8 bits, wherein the input of the initial left branch and the input of the initial right branch are divided intoThe definition is as follows:the final left and right branch outputs are defined as:
(3.4) replace round function with 8-bit S-box: to increase the variability of the structure and simplify the design, the round function of the traditional Lai-Massey structure is replaced with the selected 8-bit S-boxes, and the 3-round structure uses 3 8-bit S-boxes, which are respectively identified as: s 0 、S 1 、S 2 (ii) a These 3S-boxes were taken from the 8-bit S-box sample set constructed using the replica equivalent in step (1), and the output of the round function, i.e., each S-box output, was expressed as:
(3.5) diffusion based on NFSR structure: placing the constructed NFSR1 and NFSR2 at the outputs of the left branch and the right branch of each round of the Lai-Massey structure respectively, wherein the calculation results of the NFSR1 and the NFSR2 in the first round of the structure are respectively represented by A1 and B1, and the calculation results in the second round of the structure are respectively represented by A2 and B2;
(3.6) output of the overall structure: based on the L-M-NFSR structure and the calculation method, the final output expression of the new structure is as follows:
in the 16-bit S box construction method of the invention, the step (4) of traversing and searching the 16-bit S box specifically comprises the following steps:
(4.1) initializing, setting a sample set of an 8-bit S-box as SBox8, and placing the 8-bit S-box based on an AES algorithm S-box affine equivalent structure into the sample set SBox 8; setting a 16-bit S-box Array with the length of 65536 to be null; the initial left and right branches are input asAccording to the dictionary respectivelySequentially taking a first value;
(4.2) according to a full traversal mode, selecting 3S boxes from the S box sample set SBox8, and respectively using the 3S boxes as S in the new structure 0 、S 1 、S 2 ;
(4.3) substituting L and R into the formula S LMN (L, R) calculating, performing first splicing on the output L 'and R' bit strings of the last left branch and the last right branch, converting the bit strings into decimal integers and sequentially storing the decimal integers into Array;
(4.4) if R is inIf the domain is not traversed completely, then R is inTraversing the next value in the domain according to the dictionary sequence, and turning to (4.3); traversing to complete the turn (4.5);
(4.5) if L is inIf the domain is not traversed, then L isTraversing next value in the domain according to the dictionary sequence, and placing R inTaking a first value in the domain according to the dictionary sequence, and turning to (4.3); finishing traversing if traversing is finished, and turning to (4.6);
(4.6) obtaining an Array of 65536 integer data elements, i.e. a 16-bit S-box Array, and writing the S-box out of the program to the TXT file of the disk by means of a character stream operation;
(4.7) if the traversal of the 8-bit S-box sample set SBox8 is not complete, then go on to get the next set of 3S-boxes, substituting S 0 、S 1 、S 2 Setting left and right branch inputs L and R to fetch respectivelyIn the domainOne value, go (4.2); traversing to complete the turn (4.8);
(4.8) ending the S-box search.
In the 16-bit S box construction method, S box screening in step (5) is to screen out S boxes with higher safety from constructed 16-bit password S box results, wherein the non-linearity, difference uniformity, algebraic times, bijection and signal-to-noise ratio of the S boxes are tested, and the 16-bit S boxes with excellent cryptology properties are screened out in a folding mode according to test results.
The invention has the beneficial effects that:
(1) the method is based on the L-M-NFSR structure, and takes an 8-bit S box as a round function in the Lai-Massey structure, so that the variability of the structure is enhanced, the structural design is simplified, and the method is easy to realize;
(2) the method can construct the 16-bit S box with better cryptology property, and provides the S box support with high security for the block cipher algorithm.
Drawings
FIG. 1 is a flow chart of an embodiment to construct a 16-bit S-box;
FIG. 2 is a block diagram of an embodiment of a component that configures the NFSR 1;
FIG. 3 is a block diagram of an embodiment of a component that configures the NFSR 2;
FIG. 4 is a diagram of an exemplary L-M-NFSR assembly;
FIG. 5 is a flow chart of an embodiment to construct a 16-bit S-box.
Detailed Description
The present invention will be described in further detail with reference to the following drawings and examples, but the present invention is not limited thereto.
Examples
A16-bit S box construction method based on an L-M-NFSR structure, referring to FIG. 1, comprises the following steps:
(1) selecting an AES algorithm 8-bit S box as an affine equivalent sample, wherein the nonlinearity of the S box is 112, the difference uniformity is 4, and the algebraic number is 7;
an 8-bit S-box sample set SBox8 is constructed by using affine equivalence, and the affine equivalence formula is as follows:wherein, SBox AES An AES algorithm S box; m, N is an N-order reversible matrix, and M, N belongs to GL (N, F) 2 ) M, n is n bit constant, m, n belongs to F 2 n 。
Example 16-bit S-cell construction method, referring to fig. 1, step (2) constructs two 8-level NFSR components conforming to strict avalanche characteristics, labeled NFSR1 and NFSR2, respectively, as shown in fig. 2 and 3, and the specific steps are as follows:
(2.1) NFSR1 and NFSR2 components whose sequence has a diffusion property after a certain number of iterations, 8 state registers in each 8-stage NFSR, with R i (0 ≦ i ≦ 7) for a certain bit state before register iteration, denoted R i '0 ≦ i ≦ 7' represents the bit state of the register after iteration, and in the iteration update, 4 bits to be updated are selected, namely 1 st, 3 rd, 5 th and 7 th bits, namely, the NFSR updates the above 4 bits every iteration, and the other positions directly receive the circularly shifted data; the iterative beat numbers of the NFSR1 and the NFSR2 are respectively set to 10 beats and 23 beats, and the two NFSRs can meet the strict avalanche characteristic under the iterative beat numbers;
example 16 bit S-box construction method, referring to fig. 1, step (3) constructs a 16 bit S-box structure based on L-M-NFSR, referring to fig. 4, the specific steps are as follows:
(3.1) the design of the round function is simplified by taking 3 8-bit S boxes as the round function, strong nonlinear support is provided for the structure, and the NFSR structure constructed in 2 steps (2) is taken as a component for enhancing diffusion;
(3.2) determining the number of wheels of the combined structure: the Lai-Massey structure can achieve certain safety in 3 rounds, and the number of iteration rounds of the new structure is set to be 3 rounds;
(3.3) determining input/output: the structure is a balanced structure of left and right branches, so that the input/output of the left branch and the right branch are both 8 bits, where the input of the initial left and right branches are defined as:the final left and right branch outputs are defined as:
(3.4) replace round function with 8-bit S-box: to increase the variability of the structure and simplify the design, the round function of the traditional Lai-Massey structure is replaced with the selected 8-bit S-boxes, and the 3-round structure uses 3 8-bit S-boxes, which are respectively identified as: s 0 、S 1 、S 2 (ii) a These 3S-boxes were taken from the 8-bit S-box sample set constructed using the replica equivalent in step (1), and the output of the round function, i.e., each S-box output, was expressed as:
(3.5) diffusion based on NFSR structure: placing the constructed NFSR1 and NFSR2 at the outputs of the left branch and the right branch of each round of the Lai-Massey structure respectively, wherein the calculation results of the NFSR1 and the NFSR2 in the first round of the structure are respectively represented by A1 and B1, and the calculation results in the second round of the structure are respectively represented by A2 and B2;
(3.6) output of the overall structure: based on the L-M-NFSR structure and the calculation method, the final output expression of the new structure is as follows:
embodiment 16 bit S box construction method, referring to fig. 1, step (4) traverses and searches 16 bit S box, referring to fig. 5, the specific steps are as follows:
(4.1) initialize, set the sample set of 8-bit S-boxesFor SBox8, putting an 8-bit S-box based on AES algorithm S-box affine equivalent structure into a sample set SBox 8; setting a 16-bit S-box Array with the length of 65536 to be null; the initial left and right branches are input asRespectively taking a first value according to the dictionary sequence;
(4.2) according to a full traversal mode, selecting 3S boxes from the S box sample set SBox8, and respectively using the 3S boxes as S in the new structure 0 、S 1 、S 2 ;
(4.3) substituting L and R into the formula S LMN (L, R) calculating, performing first splicing on the output L 'and R' bit strings of the last left branch and the last right branch, converting the bit strings into decimal integers and sequentially storing the decimal integers into Array;
(4.4) if R is inIf the domain is not traversed completely, then R is inTraversing the next value in the domain according to the dictionary sequence, and turning to (4.3); traversing to complete the turn (4.5);
(4.5) if L is inIf the domain is not traversed, then L isTraversing next value in the domain according to the dictionary sequence, and placing R inTaking a first value in the domain according to the dictionary sequence, and turning to (4.3); finishing traversing if traversing is finished, and turning to (4.6);
(4.6) obtaining an Array of 65536 integer data elements, i.e. a 16-bit S-box Array, and writing the S-box out of the program to the TXT file of the disk by means of a character stream operation;
(4.7) if the traversal of the 8-bit S-box sample set SBox8 is not complete, then go on to get the next set of 3S-boxes, substituting S 0 、S 1 、S 2 Setting left and right branch inputs L and R to fetch respectivelyThe first value in the field, go (4.2); traversing to complete the turn (4.8);
(4.8) ending the S-box search.
In the example 16-bit S-box construction method, referring to fig. 1, step (5) is S-box screening, specifically, an S-box with high security is screened from the constructed 16-bit cipher S-box results, where the non-linearity, the difference uniformity, the algebraic times, the bijectivity, and the signal-to-noise ratio of the S-box are tested, and a 16-bit S-box with excellent cryptology properties is screened according to the test results.
In the test of the embodiment, 256S boxes are selected from a batch of S boxes to be tested, and the test result shows that the constructed 16-bit S boxes all meet bijectivity, and the algebraic times are all 15; the difference uniformity has a lower bound of 18, an upper bound of 22, and a majority of 18; the highest nonlinearity is 31992; the lower bound of the signal-to-noise ratio is 146.712 and the upper bound is 148.937.
The embodiment shows that the method can construct a 16-bit S box with strong cryptology property, and provides safe nonlinear transformation support for the block cipher algorithm.
Claims (5)
1. A16-bit S box construction method based on an L-M-NFSR structure is characterized by comprising the following steps:
(1) constructing an 8-bit S-box sample set;
selecting an AES algorithm S box as a sample construction sample set by utilizing affine equivalence;
(2) constructing an NFSR component which conforms to strict avalanche characteristics;
two NFSR components which accord with strict avalanche characteristics are constructed by using an 8-stage nonlinear feedback shift register, and complete diffusivity support is provided for the constructed 16-bit S box;
(3) constructing a 16-bit S box structure based on the L-M-NFSR;
combining the constructed NFSR component with a Lai-Massey structure, performing multiple rounds of iteration based on the constructed 8-bit password S box sample set, calculating and outputting to construct a 16-bit password S box;
(4) traversing and searching a 16-bit S box;
based on the constructed new structure, a large number of 16-bit S boxes are constructed by fully traversing the 8-bit S box sample set and the left and right branches on an 8-bit binary domain;
(5) s, screening boxes;
and testing the constructed 16-bit S box to screen out the 16-bit password S box with better password property.
2. The method for constructing the 16-bit S-box according to claim 1, wherein the step (1) of constructing the 8-bit S-box sample set comprises the following specific steps:
(1.1) selecting 8-bit S-box samples: selecting an AES algorithm 8-bit S box as an affine equivalent sample, wherein the nonlinearity of the S box is 112, the difference uniformity is 4, and the algebraic number is 7;
3. the method for constructing a 16-bit S-box as claimed in claim 1, wherein the step (2) of constructing the NFSR component conforming to the strict avalanche property comprises the following steps:
(2.1) 2 stage 8 NFSR modules conforming to the strict avalanche behavior are constructed, labeled NFSR1 and NFSR2, respectively, and after a certain number of beats of iteration, the sequence has a diffusionCharacteristically, there are 8 status registers in each 8-stage NFSR, at R i Representing a certain bit state of the register before iteration by R i ' represents the bit state of the register after iteration, 0 is less than or equal to i is less than or equal to 7, in the iteration updating, 4 bits needing to be updated are selected and are respectively the 1 st bit, the 3 rd bit, the 5 th bit and the 7 th bit, namely, the NFSR updates the 4 bits at each iteration, and other positions directly receive circularly shifted data; setting the iterative beats of the NFSR1 and the NFSR2 to 10 beats and 23 beats respectively, wherein the two NFSRs can meet strict avalanche characteristics under the iterative beats;
4. the method according to claim 3, wherein the step (3) of constructing the 16-bit S-box structure based on the L-M-NFSR comprises the following specific steps:
(3.1) constructing a 16-bit S box based on a Lai-Massey structure, taking 3 8-bit S boxes as round functions, and taking 2 NFSR structures constructed in the step (2) as components for enhancing diffusion;
(3.2) determining the number of wheels of the combined structure: the Lai-Massey structure can achieve certain safety in 3 rounds, and the number of iteration rounds of the new structure is set to be 3 rounds;
(3.3) determining input/output: the Lai-Massey structure is a balanced structure of left and right branches, so the input/output of the left branch and the right branch are both 8 bits, where the initial input of the left branch and the right branch are respectively defined as:the final left and right branch outputs are defined as:
(3.4) replace round function with 8-bit S-box: the round function of the traditional Lai-Massey structure is replaced by the selected 8-bit S box, and the 3-round structure uses 3 8-bit S boxes, which are respectively marked as follows: s 0 、S 1 、S 2 (ii) a These 3S-boxes are taken from the 8-bit S-box sample set constructed in step (1) using affine equivalence, respectively, and let the output of the round function, i.e. each S-box output, be expressed as:
(3.5) diffusion based on NFSR structure: placing the constructed NFSR1 and NFSR2 at the outputs of the left branch and the right branch of each round of the Lai-Massey structure respectively, wherein the calculation results of the NFSR1 and the NFSR2 in the first round of the structure are respectively represented by A1 and B1, and the calculation results in the second round of the structure are respectively represented by A2 and B2;
(3.6) output of the overall structure: based on the L-M-NFSR structure and the calculation method, the final output expression of the new structure is as follows:
5. the method of claim 4, wherein the step (4) of traversing and searching the 16-bit S-box comprises the following steps:
(4.1) initializing, setting a sample set of an 8-bit S-box as SBox8, and placing the 8-bit S-box based on an AES algorithm S-box affine equivalent structure into the sample set SBox 8; setting a 16-bit S-box Array with the length of 65536 to be null; the initial left and right branches are input asRespectively taking a first value according to the dictionary sequence;
(4.2) in a full traversal manner, fromSelecting 3S boxes from the S box sample set SBox8 as S in the new structure 0 、S 1 、S 2 ;
(4.3) substituting L and R into the formula S LMN (L, R) calculating, performing first splicing on the output L 'and R' bit strings of the last left branch and the last right branch, converting the bit strings into decimal integers and sequentially storing the decimal integers into Array;
(4.4) if R is inIf the domain is not traversed completely, then R is inTraversing the next value in the domain according to the dictionary sequence, and turning to (4.3); traversing to complete the turn (4.5);
(4.5) if L is inIf the domain is not traversed, then L isTraversing next value in the domain according to the dictionary sequence, and placing R inTaking a first value in the domain according to the dictionary sequence, and turning to (4.3); finishing traversing if traversing is finished, and turning to (4.6);
(4.6) obtaining an Array of 65536 integer data elements, i.e. a 16-bit S-box Array, and writing the S-box out of the program to the TXT file of the disk by means of a character stream operation;
(4.7) if the traversal of the 8-bit S-box sample set SBox8 is not complete, then go on to get the next set of 3S-boxes, substituting S 0 、S 1 、S 2 Setting left and right branch inputs L and R to fetch respectivelyThe first value in the field, go (4.2); complete traversalTurning to (4.8);
(4.8) ending the S-box search.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210533588.1A CN114900286A (en) | 2022-05-15 | 2022-05-15 | 16-bit S box construction method based on L-M-NFSR structure |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210533588.1A CN114900286A (en) | 2022-05-15 | 2022-05-15 | 16-bit S box construction method based on L-M-NFSR structure |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114900286A true CN114900286A (en) | 2022-08-12 |
Family
ID=82724349
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210533588.1A Pending CN114900286A (en) | 2022-05-15 | 2022-05-15 | 16-bit S box construction method based on L-M-NFSR structure |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114900286A (en) |
-
2022
- 2022-05-15 CN CN202210533588.1A patent/CN114900286A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Boura et al. | Efficient MILP modelings for sboxes and linear layers of SPN ciphers | |
Derbez et al. | Meet-in-the-middle attacks and structural analysis of round-reduced PRINCE | |
Shi et al. | Programming the Demirci-Selçuk meet-in-the-middle attack with constraints | |
CN111756521B (en) | Cipher S box design method based on Feistel-SP structure | |
Yang et al. | Spectral analysis of ZUC-256 | |
MX2011001228A (en) | Method for generating a cipher-based message authentication code. | |
Zong et al. | Related-tweakey impossible differential attack on reduced-round Deoxys-BC-256 | |
Zong et al. | Milp-aided related-tweak/key impossible differential attack and its applications to qarma, joltik-bc | |
Yang et al. | Cube cryptanalysis of round-reduced ACORN | |
CN113783684B (en) | Construction method of 16-bit S box based on NFSR and Feistel structures | |
He et al. | Improved cube attacks on some authenticated encryption ciphers and stream ciphers in the Internet of Things | |
CN104967509B (en) | It is a kind of to take turns ZUC stream cipher algorithm mask means of defence of the output for arithmetic mask | |
Yao et al. | Topological graphic passwords and their matchings towards cryptography | |
Bagheri et al. | Cryptanalysis of reduced NORX | |
Zhang et al. | Security of SM4 against (related-key) differential cryptanalysis | |
Hu et al. | Finding all impossible differentials when considering the DDT | |
CN114900286A (en) | 16-bit S box construction method based on L-M-NFSR structure | |
Crowley | Improved cryptanalysis of Py | |
Udovenko | Convexity of division property transitions: theory, algorithms and compact models | |
ElSheikh et al. | On MILP-based automatic search for bit-based division property for ciphers with (large) linear layers | |
US7103180B1 (en) | Method of implementing the data encryption standard with reduced computation | |
Zhou et al. | Efficient and extensive search for precise linear approximations with high correlations of full SNOW-V | |
Tian et al. | Integral cryptanalysis on two block ciphers Pyjamask and uBlock | |
Luo et al. | Improvements for finding impossible differentials of block cipher structures | |
Shiba et al. | Integral and impossible‐differential attacks on the reduced‐round Lesamnta‐LW‐BC |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |