密码学报2018,Vol.5Issue(1):83-93,11.DOI:10.13868/j.cnki.jcr.000221
认证加密算法FASER的安全性分析
Research on Cryptanalysis on Authenticated Cipher FASER
摘要
Abstract
CAESAR is a worldwide cryptography competition launched by Japan in 2013,aiming at collecting symmetrical encryption algorithms with authentication. FASER is a family of authenticated ciphers submitted to the CAESAR competition, which contains two ciphers: FASER128 and FAS-ER256. Both the two ciphers are based on stream cipher cryptosystem,they generate pseudo-random key streams according to the initial keys and initial random vectors as the inputs. The pseudo-random stream used in the encryption has the same length as that of plaintext stream, and the ciphertext stream is obtained by the XOR operation of the pseudo-random stream and the plaintext stream. This study reveals that the bits in pseudo-random word generated by any time in FASER are strong-ly correlated. With this correlation property, we induce an effective algebraic attack on FASER128 and FASER256. We first present a state recovery attack on the encryption of FASER128 with time complexity of about 229operations and data complexity of about 64 key words. The attack can be executed in an ordinary personal computer,and the algorithm costs only a few minutes to recover the secret state of FASER128. Moreover,a key recovery attack is deduced with time complexity of about 236operations, which can be done easily by parallel computing in multi-core PCs. For instance, in a 32-core computer,the secret key can be recovered in a few minutes. The result shows that FASER128 is very insecure. It is also shown that our attack can be easily applied to FASER256 and a practical state recovery attack on FASER256 is presented, and the time complexity is no more than 248. Our work caused FASER to be withdrawn in 2014.关键词
CAESAR/流密码/FASER/密钥恢复攻击Key words
CAESAR/stream ciphers/FASER/key recovery attack分类
信息技术与安全科学引用本文复制引用
冯秀涛,张凡..认证加密算法FASER的安全性分析[J].密码学报,2018,5(1):83-93,11.基金项目
国家自然科学基金项目 (61572491) 和基础学科中心项目 (11688101) (61572491)
国家重点研发计划资助项目 (2016YF-B0800401) (2016YF-B0800401)
信息安全国家重点实验室开放课题 (2015-MS-03) National Natural Science Foundation of China (61572491) (2015-MS-03)
Basic Subject Center Fund (11688101) (11688101)
National Key Research and Development Program of China (2016YFB0800401) (2016YFB0800401)
Open Fund of State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences (2015-MS-03) (2015-MS-03)
