|
| 作者 | 杨笑
|
| 学位类别 | 博士
|
| 答辩日期 | 2011-05-30
|
| 授予单位 | 中国科学院研究生院
|
| 授予地点 | 北京
|
| 导师 | 武传坤
|
| 关键词 | 流密码
T-函数
布尔函数
ZUC算法
Loiss算法
|
| 学位专业 | 信息安全
|
| 中文摘要 | 流密码算法是保密通信中一类重要的对称加密算法,对流密码算法的设计与分析是密码学界的热点研究问题。本文重点关注流密码算法中部分的非线性模块,研究了部分非线性模块的自身的密码学性质以及对算法整体安全性的影响,此外也给出了一些具有良好密码学性质的非线性模块的设计方案。主要结果有:(1).对布尔函数旋转对称性质的研究。滤波生成器的安全性主要由滤波函数提供。为抵抗代数攻击应该选取代数免疫函数作为滤波函数,但目前密码学界发现的几类代数免疫函数具有较强的旋转对称性。我们给出了一种对针对滤波函数的旋转对称性质攻击方法,并讨论了布尔函数旋转对称性质以及旋转对称性质对上述攻击的影响,分析了最优代数免疫函数对旋转对称攻击的脆弱性,指出滤波函数的选择应该适当远离旋转对称函数。(2).对单圈T-函数的构造及应用的研究。T-函数的概念是Klimov和Shamir在2002年提出的,在密码学中有广泛的应用,但是如何快速有效地构造一大批具有单圈性质的T-函数是T-函数应用的一个瓶颈。本文主要关注单圈T-函数的构造,我们给出了两类一元单圈T-函数,这两类T-函数软件实现速度快、效率高,而且所生成的序列线性复杂度高、稳定性强。此外,我们还研究了参数与单圈T-函数的关系,给出了一个由已有的一元单圈T-函数和一个偶参数来构造新的一元单圈T-函数的方法。2005年J.Hong提出了一类多元单圈T-函数,参数是这类单圈T-函数的关键组件。本文讨论了如何判断给定参数奇偶性,并给出了一类多元奇参数的构造方法,研究了多元奇参数和一类J.Hong函数的计数问题。基于上述工作,本文结合线性反馈移位寄存器和多元T-函数构造了一个新的伪随机序列生成器,所生成的序列周期长且具备良好的伪随机性质。(3).对BOMM组件密码学性质的研究。BOMM组件是一种基于字节操作的混合型带记忆的序列扰乱算法。因具备良好的密码学性质,一个新的流密码算法Loiss使用了它作为主要组件。我们建立了BOMM组件的布尔方程系统,在此基础上,讨论了针对Loiss算法的代数攻击的复杂度。此外,我们还发现了BOMM组件的一个统计弱点,并分析了Loiss算法在一类的弱密钥下的安全性。(4).对ZUC算法代数性质和比特重组部件的研究。ZUC算法是一个基于线性反馈移位寄存器(LFSR)的面向32比特字的流密码算法,我们讨论了该算法抵抗代数攻击的能力。研究了ZUC算法定义在GF(2)上的代数方程系统,讨论了求解的复杂度。由于ZUC算法使用了定义在Z/(2^{31}−1)上的线性反馈移位寄存器,我们还给出了为ZUC算法建立定义在有限域Z/(2^{31}−1)上的方程系统的方法。比特重组部件是连接ZUC算法的线性反馈寄存器和非线性函数部件的纽带,我们分析比特重组部件中抽头的选择对算法某些密码学性质的影响,给出了更优的抽头选择方案。 |
| 英文摘要 | | The stream cipher algorithm is an important class of symmetric encryption algorithms using in secure communications, the cryptanalysis and design of Stream ciphers is one of the hot academic research problems. In this dissertation, we focus on some nonlinear primitives in stream ciphers. We make a survey and research of cryptanalysis of some non-linear cryptographic primitives and the impact on the overall security of stream cipher algorithms. In addition, we propose some of the non-linear primitive designs with good cryptographic properties. The main results of this dissertation are as follows:(1). The security of filter generators is provided by the filter function. For the resistance to algebraic attacks, functions with maximum algebraic immunity should be selected for use in the design of filter functions. However, the algebraic immune functions found so far have a strong property of rotation symmetry. In this dissertation, we introduce an attack on the rotation-symmetric nature of the filter functions, and discuss the rotation-symmetric property of filter functions and its influence on the rotation-symmetric attack. After the survey of the vulnerability of algebraic immunity function to the rotation-symmetric attack, we point out that the choice of filter function should be far away from rotation-symmetric functions properly.(2). In 2002, the notation of T-functions was introduced by Klimov and Shamir. T-functions are widely used in cryptographic designs, however, the efficient construction of large variety of such T-functions possessing single cycle property is a bottleneck for their applications. In this dissertation, we focus on the construction of single cycle T-functions. Two classes of single cycle T-functions on single-word are presented, and they can be efficiently implemented in software environment and produce sequences with high linear complexity and being stable. Moreover, we study the relationship between parameters and single cycle T-functions and give a method to construct new single cycle T-functions from given single cycle T-functions and even parameters. In 2005, J. Hong presented a class of multi-word single cycle T-functions with parameters as critical components. In this dissertation, we discuss how to determine whether a given parameter is even or odd, and present a class of odd parameters for multi-word T-functions and their enumeration. Based on that, we propose a construction of pseudo-random sequence generator which is composed of a Linear Feedback Shift Register (LFSR) and a multi-word T-function. It is proved that the generator can generate sequences with very large period and possess good pseudo-random properties. (3). BOMM is a byte-oriented mixed type algorithm with memory which is used to disorder a given byte sequence. It has been used as a main component in a new stream cipher called Loiss for having many good cryptographic properties. In this dissertation, we build an algebraic equation system with degree 5 for BOMM, and based on this equation system, we discuss the complexity of algebraic attack on Loiss. In addition, we also find a statistic weakness of BOMM and give an analysis of the security of Loiss under a specific class of weak keys. (4). ZUC algorithm is a word-oriented stream cipher algorithm based on LFSR. We investigate the resistance of ZUC algorithm against algebraic attacks. We study an algebraic system of equations over GF(2) for ZUC and valuate the complexity of solving the algebraic system. As the LFSR of ZUC is defined over Z/(2^{31}-1), we also give an attempt at constructing a system of equations over Z/(2^{31}− 1) for ZUC algorithm. The bit-reorganization connects the linear feedback registers and the nonlinear function in ZUC, we analyze impact of the choice of taps for the bit-reorganization to some cryptographic properties of ZUC, and give a better choice of taps for the bit-reorganization. |
|
| 学科主题 | 数据安全与计算机安全
|
| 语种 | 中文
|
| 公开日期 | 2011-06-15
|
| 源URL | [http://124.16.136.157/handle/311060/10804]  |
| 专题 | 软件研究所_信息安全国家重点实验室_学位论文
|
推荐引用方式
GB/T 7714 |
杨笑. 流密码中非线性部件的分析与设计[D]. 北京. 中国科学院研究生院. 2011.
|
