摘要
REESSE3+算法是2014年由苏盛辉教授提出的一个8轮迭代的分组密码算法.由于REESSE3+算法受到了来学嘉教授提出的IDEA算法的启发,采用了混合3个不相容的群运算来保证其安全性,因此对于REESSE3+算法在遇到差分攻击时的安全性问题,本文采用了来学嘉教授提出的马尔可夫密码模型进行论证.马尔可夫密码模型通过马尔可夫密码所对应的概率转移矩阵或其对应的马尔可夫链来得到该马尔可夫密码在面对差分攻击时是否是安全的,或者至少需要多少轮迭代才能安全.在本文中我们首先给出了REESSE3+(m)算法的定义,然后我们证明了REESSE3+(m)是属于马尔可夫密码的,并且我们还给出了REESSE3+(16)算法所对应的概率转移矩阵的生成算法,再通过REESSE3+(16)算法所对应的概率转移矩阵证明了REESSE3+(16)算法需要16轮迭代才能抵抗差分攻击.由于REESSE3+算法只有8轮迭代,所以在分组长度为16位时,该算法是不能抵抗差分攻击的;之后我们证明了REESSE3+算法所对应的概率转移矩阵具有非对称性,并且其对应的马尔可夫链具有非周期性,结合IDEA算法的证明过程,我们推测REESSE3+算法在16轮迭代后是足够抵抗差分攻击的,至于REESSE3+算法中给出的8轮迭代的安全性还有待进一步考证.
REESSE3+ is an 8 rounds block cipher proposed by Su Sheng-Hui in 2014. Because REESSE3+ is inspired by IDEA which is proposed by Lai Xue-Jia, both of the algorithms use three incompatible group operations to insure their security, so we use the Markov model proposed by Lai Xue-Jia to prove the security of REESSE3+ when it comes to differential cryptanalysis. Markov model gives the security of the Markov cipher or the rounds of it by using the transition matrix or the Markov chain. In this paper, we first give the definition of REESSE3+(m). Then we prove that REESSE3+ is a Markov cipher. And we give an algorithm to get the transition matrix of REESSE3+(16). By using the transition matrix of REESSE3+(16), we prove that only after 16 rounds of iteration REESSE3+(16) can be secure against differential cryptanalysis, which means that REESSE3+ is insecure when the plaintext is 16 bits after 8 rounds of iteration. Then we prove that the transition matrix of REESSE3+ is non-symmetric and the Markov chain of it is irreducible. We show that IDEA also has these features, then we draw a conclusion that REESSE3+ is secure against differential cryptanalysis after 16 rounds of iteration. However, the security of REESSE3+ after 8 rounds is still unknown.
出处
《密码学报》
CSCD
2016年第5期-,共11页
Journal of Cryptologic Research
基金
国家自然科学基金项目(61472343)
