This presentation is the property of its rightful owner.
Sponsored Links
1 / 25

Криптоанализ блочных шифров PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on
  • Presentation posted in: General

Криптоанализ блочных шифров. Дмитрий Ширяев СПбГУ, 2005 г.

Download Presentation

Криптоанализ блочных шифров

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


1828623

, 2005 .


1828623

--- . . . , , . (Bruce Schneier)


1828623

1:

2:

3:


1828623

1:

  • .

    :

  • (diffusion) - . , ;

  • (confusion) - , .


1828623

  • :- - - -


Des d ata e ncryption s tandard

DESDataEncryptionStandard

1974-2000 ..

64 56 48

16


1828623

DES:


S boxes

(S-boxes)

  • S-boxes ,

  • DES S-boxes c 6- 4- , 48 32

  • S-boxes

DES S-boxes


1828623

2:

, , .

  • : ?


1828623

2:

  • Ciphertext Only

  • Known Plaintext

  • Chosen Plaintext

  • Chosen Ciphertext


1828623

2:

:


Complementation property

(Complementation property)

  • -

  • , DES:


1828623

2:

  • Brutal-Force Attack , ..

  • Brutal-Force Attack, /

  • Key-recovery , .


1828623

3:

  • ,


1828623

1990 (Eli Biham) (Ali Shamir)

:


1828623

:

  • Chosen-plaintext

  • , , X= X1X2 Y= Y1Y2

  • ,


1828623

:

  • S-box c n- m-

  • :

  • Q - , , p=Q/2n

  • 1 , Key-recovery .

  • DES 247

  • p, S-boxes


1828623

:

  • (Mitsuru Matsui) 1992 .


1828623

:

  • Known plaintext attack

  • ,

  • key-recovery


1828623

,

, ,

= (Piling-Up Lemma)

Key-recovery DES 243

(bias), S-boxes,

:


1828623

  • - - chosen plaintext- - 10 8- DES 512 - ( 2-3 )

  • (truncated) -

  • - - , f(x)=(x+k)^2 mod p- ,

  • - (Miss-in-the-middle attack)- , ,

  • - 2 . , ( chosen-ciphertext)


1828623

  • . ., 1997

  • Known-text attack

  • , . , - .


1828623

,

  • (Meet-in-the-middle)- , 1 )

  • (weak) - (semi-weak)- , - ,

  • - Chosen-plaintext attack- ,


1828623

AES (Rijndael)

, , : Square-saturation-integral-multiset attacks

Square attack, Square . Chosen plaintext attack, - - - :

Vincent Rijmen

J. Daemen


1828623

:

  • Bruce Schneier Self-Study Course in Block Cipher Cryptanalysis, 2000http://www.counterpane.com/self-study.html- , .. ,

  • http://www.distributed.net- RC5 =)

  • Francois-Xavier Standaert & others Cryptanalysis of Block Ciphers: the Survey, 2001http://logic.pdmi.ras.ru/~yura/crypto/01crypto.pdf- ,

  • Dave Rudolf Development and Analysis of Block Ciphers and the DES System, 2002http://www.cs.usask.ca/grads/dtr467/400- , DES

  • . , http://www.cryptography.ru/db/msg.html?mid=1162999&uri=node4.html- , (!)


  • Login