电子学报2017,Vol.45Issue(6):1456-1461,6.DOI:10.3969/j.issn.0372-2112.2017.06.025
对288轮Trivium算法的线性分析
Linear Cryptanalysis of 288-Round Trivium
摘要
Abstract
In the previous linear cryptanalysis of 288-round Trivium,it is problematic to treat the key as a random and changing value in the process of analysis.In this way the attackers actually cannot attack the cipher with the inaccurate linear bias.For the problem above,we present the linear cryptanalysis of 288-round Trivium afresh under chosen initialization vector (IV) condition.Because the key bits are fixed,the nonlinear term which consists of key bits should be constant and does not produce a linear bias,and we find a linear approximation with the linear bias of 1.9E-6 on the condition that 10 bits of the IV are fixed.关键词
密码分析/线性分析/Trivium算法/线性偏差Key words
cryptanalysis/linear cryptanalysis/Trivium/linear bias分类
信息技术与安全科学引用本文复制引用
魏长河,李俊志,张少武..对288轮Trivium算法的线性分析[J].电子学报,2017,45(6):1456-1461,6.基金项目
国家自然科学基金(No.61272041) (No.61272041)
