Security of the SMS4 Block Cipher Against Differential Cryptanalysis

被引：15

作者：

苏波展 ^{[1
,2
]}

吴文玲 ^{[1
]}

张文涛 ^{[1
]}

机构：

[1] State Key Laboratory of Information Security,Institute of Software,Chinese Academy of Sciences

[2] State Key Laboratory of Information Security,Graduate University of Chinese Academy of Sciences

来源：

JournalofComputerScience&Technology | 2011年 / 26卷 / 01期

关键词：

block cipher; SMS4; differential cryptanalysis;

D O I：

暂无

中图分类号：

TN918.1 [理论];

学科分类号：

070104 ;

摘要：

<正>SMS4 is a 128-bit block cipher used in the WAPI standard for wireless networks in China.In this paper,we analyze the security of the SMS4 block cipher against differential cryptanalysis.Firstly,we prove three theorems and one corollary that reflect relationships of 5- and 6-round SMS4.Next,by these relationships,we clarify the minimum number of active S-boxes in 6-,7- and 12-round SMS4 respectively.Finally,based on the above results,we present a family of about 214 differential characteristics for 19-round SMS4,which leads to an attack on 23-round SMS4 with 2118 chosen plaintexts and 2126.7 encryptions.

引用

页码：130 / 138

页数：9