分组密码FBC的截断差分分析OA北大核心CSTPCD

In order to promote the design and implementation of cryptographic algorithms,the Chinese Association for Cryptologic Research(CACR)held a national cryptographic algorithm design competition in 2018,where the FBC algorithm was one of ten candidate algorithms that advanced to the second round.There are three versions of FBC,namely FBC128-128,FBC128-256,and FBC256-256,which support 128-bit and 256-bit plaintexts and keys respectively.The FBC algorithm adopts a 4-way dual Feistel structure,making it well-suited for implement in hardware.This paper uses the meet-in-the-middle method to construct the truncated differential,and obtains an 11-round truncated differential with a probability of 2-108 for FBC-128 with 128-bit block,and mounts a 15-round key recovery attack with 299 chosen ciphertexts and 2100 encryptions,which has three more rounds than previous cryptanalysis results.For the FBC-256 with 256-bit block,a 15-round truncated differential with a probability of 2-236 is constructed,which is used for 20-round key recovery attack with 2227 chosen ciphertexts and 2222.6 encryptions.