节点文献

轻量级密码MANTIS的唯密文故障分析

Ciphertext-Only Fault Analysis on the MANTIS Lightweight Cipher

  • 推荐 CAJ下载
  • PDF下载
  • 不支持迅雷等下载工具,请取消加速工具后下载。

【作者】 李玮张雨希谷大武张金煜朱晓铭刘春蔡天培李嘉耀

【Author】 LI Wei;ZHANG Yu-xi;GU Da-wu;ZHANG Jin-yu;ZHU Xiao-ming;LIU Chun;CAI Tian-pei;LI Jia-yao;School of Computer Science and Technology,Donghua University;Department of Computer Science and Engineering,Shanghai Jiao Tong University;Department of Shanghai Key Laboratory of Scalable Computing and Systems(Shanghai Jiao Tong University);Shanghai Key Laboratory of Integrate Administration Technologies for Information Security(Shanghai Jiao Tong University);

【机构】 东华大学计算机科学与技术学院上海交通大学计算机科学与工程系上海市可扩展计算机与系统重点实验室(上海交通大学)上海市信息安全综合管理技术研究重点实验室(上海交通大学)

【摘要】 MANTIS密码是于2016年美密会上提出的一种轻量级可调分组密码,它的设计采用FX结构和TWEAKEY框架,适用于物联网环境中具有低延迟、高实时安全需求的受限设备中.本文基于半字节随机故障模型以及唯密文攻击,提出并讨论一种针对MANTIS密码的新型唯密文故障分析.该分析结合公开调柄,利用故障注入后中间状态的不均匀性,可以破译MANTIS的全部版本.实验结果表明,提出的新型双重区分器狄利克雷分布-汉明重量以及狄利克雷分布-极大似然最少分别需要392和396个故障,以99%及以上的成功率破译MANTIS各版本的128 bit原始密钥,不仅减少了故障注入数,而且提高了攻击效率,因此,MANTIS密码不能抵抗唯密文故障分析的攻击.该结果为其他轻量级可调分组密码的安全性分析和防护提供了重要参考.

【Abstract】 The lightweight tweakable block cipher MANTIS was published at the international Cryptology conference in 2016. It adopts the FX construction and the TWEAKEY framework, and can be applicable to the devices with the security requirements of low latency and high real time in the Internet of Things. The novel ciphertext-only fault analysis on MANTIS is proposed and discussed on the basis of the random nibble-oriented fault model and the assumption of ciphertext-only attack. On the public tweaks, the attackers can take advantage of the non-uniform property of the nibbles after fault injections, and recover the secret keys of all versions of MANTIS. The experimental results show that the new double distinguishers of Dirichlet distribution-Hamming weight and Dirichlet distribution-maximum likelihood can recover the 128-bit secret key with 392 and 396 faults, respectively. And the probability of success is no less than 99%. The proposed ciphertext-only fault analysis can not only decrease the faults, but improve the attacking efficiency. Thus, MANTIS cannot resist against the ciphertext-only fault analysis. It is vital for the security analysis and protection of other lightweight tweakable block ciphers.

【基金】 国家自然科学基金(No.61772129,No.61932014);国家密码发展基金(No.MMJJ20180101);上海市自然科学基金(No.19ZR14 02000);上海市可扩展计算与系统重点实验室开放课题;上海市信息安全综合管理技术研究重点实验室开放课题;中央高校基本科研业务费专项资金
  • 【文献出处】 电子学报 ,Acta Electronica Sinica , 编辑部邮箱 ,2022年04期
  • 【分类号】TN918.1
  • 【下载频次】42
节点文献中: 

本文链接的文献网络图示:

本文的引文网络