《计算机应用》唯一官方网站

• •    下一篇

改进的KLEIN算法及其量子分析

李艳俊1,2葛耀东2王琦2张伟国2刘琛1   

  1. 1. 中国电子科技集团公司第十五研究所 信息产业信息安全测评中心 2.北京电子科技学院 密码科学与技术系
  • 收稿日期:2023-09-27 修回日期:2023-11-14 发布日期:2023-12-01 出版日期:2023-12-01
  • 通讯作者: 王琦
  • 作者简介:李艳俊(1979—),女,山西阳城人,副教授,博士,主要研究方向:密码分析与测评;葛耀东(1997—),男,河北邯郸人,硕士研究生,主要研究方向:基于量子模型的分组密码;王琦(2001—),男,安徽淮北人,硕士研究生,主要研究方向:基于量子模型的分组密码;张伟国(1998—),男,陕西渭南人,硕士研究生,主要研究方向:有限域、S盒;刘琛(1990—),男,河北昌黎人,硕士研究生,主要研究方向:密码测评。
  • 基金资助:
    北京市自然科学基金资助项目(4234084);河南省网络密码技术重点实验室研究课题(LNCT2021-A09)

Improved KLEIN algorithm and its quantum analysis

LI Yanjun1,2, GE Yaodong2, WANG Qi2*, ZHANG Weiguo2, LIU Chen1   

  1. 1. Information Industry Information Security Evaluation Center, The 15th Research Institute of China Electronics Technology Group Corporation 2. Department of Cryptographic Science and Technology, Beijing Electronic Science and Technology Institute

  • Received:2023-09-27 Revised:2023-11-14 Online:2023-12-01 Published:2023-12-01
  • About author:LI Yanjun, born in 1979, Ph. D., associate professor. Her research interests include cryptographic evaluation. GE Yaodong, born in 1997, M. S. candidate. His research interests include block ciphers in the quantum model. WANG Qi, born in 2001, M. S. candidate. His research interests include block ciphers in the quantum model. ZHANG Weiguo, born in 1998, M. S. candidate. His research interests include finite fields, S-box. LIU Chen, born in 1990, M. S. candidate. His research interests include cryptographic evaluation.
  • Supported by:
    Beijing Natural Science Foundation (4234084), Henan Key Laboratory of Network Cryptography Technology (LNCT2021-A09)

PDF

摘要: KLEIN自提出之后经历了截断差分分析、积分分析等攻击,加密结构具有实际安全性,但是由于密钥扩展算法的脆弱性导致了全轮密钥恢复攻击。首先,修改密钥扩展算法,提出一种改进后的方案N-KLEIN;然后,采用in-place的方法对S盒进行高效量子电路实现,减少了电路的宽度和深度,提高了量子电路的实现效率;使用LUP分解技术实现了混淆操作的量子化;对新的密钥扩展算法进行量子电路设计,提出全轮N-KLEIN的高效量子电路图和资源评估,并与PRESENT、HIGHT等现有的轻量级分组密码的量子实现占用资源进行了比较,N-KLEIN算法量子实现的成本明显较低;最后,基于Grover算法对密钥搜索攻击所需要的代价进行了深入研究,给出Clifford+T模型下N-KLEIN-{64, 80, 96}使用Grover算法搜索密钥需要的代价,进而评估了N-KLEIN的量子安全性。

关键词: 轻量级分组密码, KLEIN, 量子电路, S盒, Grover算法

Abstract: KLEIN has experienced attacks such as truncated difference cryptanalysis and integral cryptanalysis since it was proposed. The encryption structure had actual security, but the vulnerability of the key expansion algorithm had led to full-round key recovery attacks. Firstly, the key expansion algorithm was modified and an improved scheme N-KLEIN was proposed. Then, an efficient quantum circuit was implemented on the S box using the in-place method, which reduced the width and depth of the circuit and improved the implementation efficiency of the quantum circuit. The quantization of obfuscation operations was achieved using LUP decomposition technology. A quantum circuit design was performed on the new key expansion algorithm. An efficient quantum circuit diagram and resource evaluation of full-round N-KLEIN were proposed and compared with the resources occupied of existing quantum implementations of lightweight block ciphers such as PRESENTand HIGHT. The cost of N-KLEIN algorithm quantum real was significantly lower. Finally, an in-depth study was conducted on the cost of key search attacks based on Grover algorithm, and the cost of N-KLEIN-{64, 80, 96} using Grover algorithm to search for keys under the Clifford+T model was given, and then evaluated Quantum security with N-KLEIN.

Key words: lightweight block cipher, KLEIN, quantum circuit, S-box, Grover algorithm

中图分类号: 

版权所有 © 2021 四川计算机应用杂志社有限公司
蜀ICP备 05010208 号-3 新出网证(川)字026号
技术支持:北京玛格泰克科技发展有限公司
访问总数:
今日访问: