密码杂凑函数与分组密码分析技术的交叉组合应用

The security analyses of hash functions and block ciphers have always been the hot topics of the symmetric cryptography research. In recent years, there were some cross and combined applications of analysis techniques aiming to hash functions and block ciphers, but they are still in the primary stage. We have successfully applied the analysis techniques of block ciphers such as the integral attack and the higher-order difference cryptanalysis to hash algorithms, and the analysis technique of hash functions, rebound attack, to block ciphers. We have combined the integral attack and the higher-order difference cryptanalysis to build a new analysis method. This study further explores the theoretical basis of the integral attack and the higher-order difference cryptanalysis to reveal the relationship between them, and improve the model of higher-order differential cryptanalysis by analyzing local bits to make the higher-order difference attack more flexible and effective. Expand the scope of the higher-order differential cryptanalysis in order to attack the ARX hash functions. Focus on the differential properties of PRESENT-like block ciphers and generalized Feistel-SP structures, and improve the rebound attack basing on these properties. Then apply the improved attack to the two classes of block ciphers, and obtain their pseudo- random results. Conclude characteristics of some analysis techniques, and combine them by making full use of properties to build some new cryptanalysis tools, such as the higher-order impossible differential cryptanalysis, related-known-key attack, and so on.

密码杂凑函数与分组密码的安全性分析一直是对称密码研究的热点。近年出现了对二者分析技术的交叉组合应用研究，但都还停留在初级阶段。我们已经将积分攻击、高阶差分分析等分组密码分析技术成功应用于密码杂凑算法，并将反弹攻击这一密码杂凑函数分析技术成功应用于分组密码算法，还将积分攻击与高阶差分分析组合应用，构建了新的分析方法。本研究进一步挖掘积分攻击与高阶差分分析的理论基础，揭示二者之间的关系，利用局部比特分析改进攻击模型，使高阶差分攻击更加灵活有效；并扩大其适用范围，实现对ARX类密码杂凑函数的高阶差分分析。针对PRESENT类分组密码与广义Feistel-SP结构的差分性质进行研究，根据研究结果改进反弹攻击技术，并应用于这两类分组密码，得到它们的伪随机性结果。归纳分析技术本身特点，充分利用其性质将不同分析技术进行组合，得到高阶不可能差分分析、相关已知密钥攻击等新的分析工具。

密码杂凑函数与分组密码的安全性是关系到国计民生的重要问题，对二者的分析技术进行交叉组合应用可以起到意想不到的效果。项目组对第二类广义Feistel-SP结构、第二类广义Feistel-SPS结构和一般的Feistel-SPS结构实施反弹攻击，得到迄今为止最多轮数的区分器和近似碰撞。对第二、第三类广义Feistel结构，将高阶积分路径与一般积分路径串联，得到了两种结构的零和区分器。此外，我们还研究了ARX类算法的代数次数增加规律、可分性与不可能差分的融合性和一些布尔函数的特点。