微信服务号

微信订阅号

2025-5-13- 3
Home > Archive>Volume 34, Issue 9, 2023 >4239-4255. DOI:10.13328/j.cnki.jos.006636
PDF HTML XML Export Cite reminder
New Key Recovery Attack Based on Periodic Property
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [32]
    • |
  • Related
    • |
  • Cited by
    • | |
  • Comments
    Abstract:

    This study proposes a new classical key recovery attack against schemes such as Feistel, Misty, and Type-1/2 generalized Feistel schemes (GFS), which creatively combines the birthday attack with the periodic property of Simon’s algorithm. Although Simon’s algorithm can recover the periodic value in polynomial time, this study requires the birthday bound to recover the corresponding periodic value in the classical setting. By this new attack, the key to a 5-round Feistel-F scheme can be recovered with the time complexity of O(23n/4) under the chosen plaintexts and ciphertexts of O(2n/4), and the corresponding memory complexity is O(2n/4). Compared with the results of Isobe and Shibutani, the above result not only increases one round but also requires lower memory complexity. For the Feistel-FK scheme, a 7-round key recovery attack is constructed. In addition, the above approach is applied to construct the key recovery attacks against Misty schemes and Type-1/2 GFS. Specifically, the key recovery attacks against the 5-round Misty L-F and Misty R-F schemes and those against the 6-round Misty L-KF/FK and Misty R-KF/FK schemes are given; for the d-branch Type-1 GFS, a d2-round key recovery attack is presented, and when d≥6, the number of rounds of the key recovery attack is superior to those of the existing key recovery attacks.

    Reference
    [1] Feistel H. Cryptography and computer privacy. Scientific American, 1973, 228(5): 15-23. [doi: 10.1038/scientificamerican0573-15]
    [2] GOST. GOST 28147-89 Information processing systems. Cryptographic protection cryptographic transformation algorithm. GOST, 1989.
    [3] Aoki K, Ichikawa T, Kanda M, Matsui M, Moriai S, Nakajima J, Tokita T. Camellia: A 128-bit block cipher suitable for multiple platforms-design and analysis. In: Stinson DR, Tavares S, eds. Selected Areas in Cryptography. Berlin: Springer, 2001. 39-56.
    [4] Matsui M. New block encryption algorithm MISTY. In: Biham E, ed. Fast Software Encryption. Berlin: Springer, 1997. 54-68.
    [5] Zheng YL, Matsumoto T, Imai H. On the construction of block ciphers provably secure and not relying on any unproved hypotheses. In: Brassard G, ed. Advances in Cryptology (CRYPTO 1989). Lecture Notes in Computer Science, vol 435. New York: Springer, 1990. 461-480.
    [6] ETSI. Universal mobile telecommunications system (UMTS); specification of the 3GPP confidentiality and integrity algorithms. Document 2: Kasumi algorithm specification (3GPP TS 35.202 version 3.1. 2 Release 1999).
    [7] Adams C, Gilchrist J. The CAST-256 encryption algorithm. Reston: Internet Society 1999. http://ftp.arnes.si/packages/rfc/pdfrfc/rfc2612.txt.pdf
    [8] Isobe T, Shibutani K. All subkeys recovery attack on block ciphers: Extending meet-in-the-middle approach. In: Knudsen LR, Wu H, eds. Selected Areas in Cryptography. Berlin: Springer, 2013. 202-221.
    [9] Isobe T, Shibutani K. Generic key recovery attack on Feistel scheme. In: Sako K, Sarkar P, eds. Proc. of the 19th Int’l Conf. on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2013). Berlin: Springer, 2013. 464-485.
    [10] Dinur I, Dunkelman O, Keller N, Shamir A. New attacks on Feistel structures with improved memory complexities. In: Gennaro R, Robshaw M, eds. Proc. of the 35th Annual Cryptology Conf. Advances in Cryptology (CRYPTO 2015). Berlin: Springer, 2015. 433-454.
    [11] Zhao SB, Duan XH, Deng YH, Peng ZN, Zhu JH. Improved meet-in-the-middle attacks on generic Feistel constructions. IEEE Access, 2019, 7: 34416-34424. [doi: 10.1109/ACCESS.2019.2900765]
    [12] Guo J, Jean J, Nikolic I, Sasaki Y. Meet-in-the-middle attacks on classes of contracting and expanding Feistel constructions. IACR Transactions on Symmetric Cryptology, 2017, 2016(2): 307-337. [doi: 10.13154/tosc.v2016.i2.307-337]
    [13] Yang D, Qi WF, Tian T. All-subkeys-recovery attacks on a variation of Feistel-2 block ciphers. IET Information Security, 2017, 11(5): 230-234. [doi: 10.1049/iet-ifs.2016.0014]
    [14] Guo J, Jean J, Nikolic I, Sasaki Y. Meet-in-the-middle attacks on generic Feistel constructions. In: Sarkar P, Iwata T, eds. Proc. of the 20th Int’l Conf. on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2014). Berlin: Springer, 2014. 458-477.
    [15] Grover LK. A fast quantum mechanical algorithm for database search. In: Proc. of the 28th Annual ACM Symp. on Theory of Computing. Philadelphia: ACM, 1996. 212-219.
    [16] Simon DR. On the power of quantum computation. SIAM Journal on Computing, 1997, 26(5): 1474-1483. [doi: 10.1137/S0097539796298637]
    [17] Kuwakado H, Morii M. Quantum distinguisher between the 3-round Feistel cipher and the random permutation. In: Proc. of the 2010 IEEE Int’l Symp. on Information Theory. Austin: IEEE, 2010. 2682-2685.
    [18] Leander G, May A. Grover meets Simon-quantumly attacking the FX-construction. In: Takagi T, Peyrin T, eds. Proc. of the 23rd Int’l Conf. on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2017). Cham: Springer, 2017. 161-178.
    [19] Dong XY, Wang XY. Quantum key-recovery attack on Feistel structures. Science China Information Sciences, 2018, 61(10): 102501. [doi: 10.1007/s11432-017-9468-y]
    [20] Ito G, Hosoyamada A, Matsumoto R, Sasaki Y, Iwata T. Quantum chosen-ciphertext attacks against Feistel ciphers. In: Matsui M, ed. Proc. of the 2019 Cryptographers’ Track at the RSA Conf. (CT-RSA 2019). Cham: Springer, 2019. 391-411.
    [21] 罗宜元, 闫海伦, 王磊, 胡红钢, 来学嘉. 分组密码结构抗Simon量子算法攻击研究. 密码学报, 2019, 6(5): 561-573. [doi: 10.13868/j.cnki.jcr.000322]
    Luo YY, Yan HL, Wang L, Hu HG, Lai XJ. Study on block cipher structures against Simon’s quantum algorithm. Journal of Cryptologic Research, 2019, 6(5): 561-573 (in Chinese with English abstract). [doi: 10.13868/j.cnki.jcr.000322]
    [22] Gouget A, Patarin J, Toulemonde A. (Quantum) cryptanalysis of misty schemes. In: Hong D, ed. Proc. of the 23rd Int’l Conf. on Information Security and Cryptology (ICISC 2020). Cham: Springer, 2021. 43-57.
    [23] Cui JY, Guo JS, Ding SZ. Applications of Simon's algorithm in quantum attacks on Feistel variants. Quantum Information Processing, 2021, 20(3): 117. [doi: 10.1007/S11128-021-03027-X]
    [24] Deng YH, Jin CH, Li RJ. Meet in the middle attack on type-1 Feistel construction. In: Chen X, Lin D, Yung M, eds. Proc. of the 13th Int’l Conf. on Information Security and Cryptology. Cham: Springer, 2018. 427-444.
    [25] Dong XY, Li Z, Wang XY. Quantum cryptanalysis on some generalized Feistel schemes. Science China Information Sciences, 2019, 62(2): 22501. [doi: 10.1007/s11432-017-9436-7]
    [26] Ni BY, Ito G, Dong XY, Iwata T. Quantum attacks against type-1 generalized Feistel ciphers and applications to CAST-256. In: Hao F, Ruj S, Sen Gupta S, eds. Proc. of the 2019 Int’l Conf. on Cryptology in India, Progress in Cryptology (INDOCRYPT 2019). Cham: Springer, 2019. 433-455.
    [27] 邓元豪. 三类广义Feistel结构的中间相遇攻击 [硕士学位论文]. 郑州: 战略支援部队信息工程大学, 2018.
    Deng YH. Meet-in-the-middle attacks on three types of generalized Feistel constructions [MS. Thesis]. Zhengzhou: Information Engineering University, 2018 (in Chinese with English abstract).
    [28] Kaplan M, Leurent G, Leverrier A, Naya-Plasencia M. Breaking symmetric cryptosystems using quantum period finding. In: Robshaw M, Katz J, eds. Proc. of the 2016 Annual Int’l Cryptology Conf. Advances in Cryptology (CRYPTO 2016). Berlin: Springer, 2016. 207-237.
    [29] Even S, Mansour Y. A construction of a cipher from a single pseudorandom permutation. Journal of Cryptology, 1997, 10(3): 151-161. [doi: 10.1007/s001459900025]
    [30] Biryukov A, Wagner D. Advanced slide attacks. In: Preneel B, ed. Proc. of the 2000 Int’l Conf. on the Theory and Applications of Cryptographic Techniques, Advances in Cryptology (EUROCRYPT 2000). Berlin: Springer, 2000. 589-606.
    Related
    Cited by
Get Citation

邹剑,邹宏楷,董晓阳,吴文玲,罗宜元.基于周期性质的新型密钥恢复攻击方法.软件学报,2023,34(9):4239-4255

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:November 01,2021
  • Revised:December 02,2021
  • Online: March 24,2022
  • Published: September 06,2023
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2044083Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063