We present some known-key distinguishers for a type-1 Feistel scheme with a permutation as the round function. To be more specific, the 29-round known-key truncated differential distinguishers are given for the 256-bi...We present some known-key distinguishers for a type-1 Feistel scheme with a permutation as the round function. To be more specific, the 29-round known-key truncated differential distinguishers are given for the 256-bit type-1 Feistel scheme with an SP (substitution-permutation) round function by using the rebound attack, where the S-boxes have perfect differential and linear properties and the linear diffusion layer has a maximum branch number. For two 128-bit versions, the distinguishers can be applied on 25- round structures. Based on these distinguishers, we construct near-collision attacks on these schemes with MMO (Matyas- Meyer-Oseas) and MP (Miyaguchi-Preneel) hashing modes, and propose the 26-round and 22-round near-collision attacks for two 256-bit schemes and two 128-bit schemes, respectively. We apply the near-collision attack on MAME and obtain a 26-round near-collision attack. Using the algebraic degree and some integral properties, we prove the correctness of the 31-round known-key integral distinguisher proposed by Sasaki et al. We show that if the round function is a permutation, the integral distinguisher is suitable for a type-1 Feistel scheme of any size.展开更多
In this paper,we propose a hybrid power model that includes the power consumption of not only the registers but also part of the combinational logic.By doing knownkey analysis with this hybrid model,power side-channel...In this paper,we propose a hybrid power model that includes the power consumption of not only the registers but also part of the combinational logic.By doing knownkey analysis with this hybrid model,power side-channel leakage caused by correct keys can be detected.In experiment,PRINTcipher and DES algorithms were chosen as analysis targets and combinational logic s-box unit was selected to build power template.The analysis results showed the signal-to-noise ratio(SNR) power consumption increase of more than 20%after considering s-box's power consumption so that the information of keys can be obtained with just half number of power traces.In addition,the side channel-leakage detection capability of our method also shows better effectiveness that can identify the correct keys.展开更多
基金Acknowledgements This research project was promoted by the Scientific Research Foundation for High Level Talents of Henan Normal University (01016500148) and the National Natural Science Foundation of China (Grant Nos. 61272476, 61232009).
文摘We present some known-key distinguishers for a type-1 Feistel scheme with a permutation as the round function. To be more specific, the 29-round known-key truncated differential distinguishers are given for the 256-bit type-1 Feistel scheme with an SP (substitution-permutation) round function by using the rebound attack, where the S-boxes have perfect differential and linear properties and the linear diffusion layer has a maximum branch number. For two 128-bit versions, the distinguishers can be applied on 25- round structures. Based on these distinguishers, we construct near-collision attacks on these schemes with MMO (Matyas- Meyer-Oseas) and MP (Miyaguchi-Preneel) hashing modes, and propose the 26-round and 22-round near-collision attacks for two 256-bit schemes and two 128-bit schemes, respectively. We apply the near-collision attack on MAME and obtain a 26-round near-collision attack. Using the algebraic degree and some integral properties, we prove the correctness of the 31-round known-key integral distinguisher proposed by Sasaki et al. We show that if the round function is a permutation, the integral distinguisher is suitable for a type-1 Feistel scheme of any size.
基金supported by Major State Basic Research Development Program(No. 2013CB338004)National Natural Science Foundation of China(No.61402286, 61472250,61472249,61202372)+1 种基金National Science and Technology Major Project of the Ministry of Science and Technology of China (No.2014ZX01032401-001)Plan of Action for the Innovation of Science and Technology of Shanghai Municipal Science and Technology Commission(No.14511100300)
文摘In this paper,we propose a hybrid power model that includes the power consumption of not only the registers but also part of the combinational logic.By doing knownkey analysis with this hybrid model,power side-channel leakage caused by correct keys can be detected.In experiment,PRINTcipher and DES algorithms were chosen as analysis targets and combinational logic s-box unit was selected to build power template.The analysis results showed the signal-to-noise ratio(SNR) power consumption increase of more than 20%after considering s-box's power consumption so that the information of keys can be obtained with just half number of power traces.In addition,the side channel-leakage detection capability of our method also shows better effectiveness that can identify the correct keys.
