轻量密码非线性模块的设计和代数差错攻击

In the design of symmetric cryptographic transformations, nonlinear modle play an important role. One index to show the cipher is security is that these nonlinear modle should possess good cryptographic property..Incidentally,Radio frequency identification(RFID) technology and sensor networks have been used in many aspects of life, given that the future IT-landscape is supposed to be dominated by tiny computing devices such as RFID tags or sensor networks. This need opened up the research field of lightweight cryptography.The very constrained environments require new cryptographic nonlinear boolean function with less gate in hardware application. And the construction of number of cryptography significant S-box for secure communication on extremely constrained devices is important. .In this project,we will construct number of cryptography significant S-box for secure communication on extremely constrained devices.We will analysis some lightweight ciphers such as Hitag2 and KeeLoq which are widely used in remote key-less entry systems and other wireless authentication applications by algebraic fault analysis, the tools in our attack are the methods in the analysis of nonliear boolean functions.Since the lightweight ciphers are applied in the extremely constrained devices, we will avoid plenty of computation in our attack process，we will attack ciphers main by performing algebraic deduction.There will be some primitive results on the analysis of lightweight ciphers, which will offer theory support on the design of nonlinear cryptographic model. This project has both futurities and effective applications.

非线性模块在对称密码体制中起着非常重要的作用。对称密码体制的安全强度通常依赖于非线性模块的密码性质。随着射频识别技术(Radio Frequency Identification RFID)和传感器网络飞速发展及其对轻量加密算法的需求日益旺盛，适用于计算能力受限环境且便于硬件实现的非线性密码模块设计成为一个亟待解决的问题。本项目旨在构造适用于轻量密码的安全S盒；针对非线性模块对汽车远程开锁和无线认证中有广泛应用的KeeLoq，Hitag2 等基于非线性反馈移位寄存器的轻量密码算法进行代数差错攻击，考虑到RFID和无线网络是在资源受限条件下工作,在攻击过程中将力争避免大型计算，主要依靠代数推导。力争在基于非线性反馈移位寄存器的轻量密码分析上取得一些原创性成果并为非线性密码模块的设计提供理论支持。该课题理论前瞻性与实用有效性并重。

非线性模块在对称密码体制中起着非常重要的作用。对称密码体制的安全强度通常依赖于非线性模块的密码性质。随着射频识别技术和传感器网络飞速发展及其对轻量加密算法的需求日益旺盛，适用于计算能力受限环境且便于硬件实现的非线性密码模块设计成为一个亟待解决的问题。本项目主要依靠代数推导针对非线性模块对推导轻量密码算法KTANTAN和KANTAN进行了代数差错攻击； 给出了Printcipher的代数故障攻击；指出了Piccolo密钥编排的弱点，给出了Hash 函数HAVAL-128的1比特差分碰撞攻击。应SM4设计者团队要求，研究了SM4线性模块的是否可以延长到64比特的问题，证明了一类基于移位和模加的分支数达到最大的线性置换的不存在性。并构造了一些旋转对称密码函数。