摘要: Grain算法是欧洲序列密码工程eSTREAM最终入选的面向硬件实现的3个序列密码算法之一,它由2个反馈移存器和前馈函数组成,能有效抵御基于线性反馈移存器的序列密码攻击。针对以Grain算法为特例的Grain型级联反馈移存器的非奇异性判定问题,给出Grain型级联反馈移存器在初始化过程和密钥流生成过程中,状态刷新变换均构成双射的充分条件,并通过反例说明对于有限域上的Grain型级联反馈移存器,即使所使用的2个移存器都是非奇异的,并且前馈函数满足相应性质,其状态刷新变换仍可能不构成双射。利用Grain v1算法验证了该非奇异性判定结果的正确性。
关键词:
序列密码,
Grain算法,
非线性反馈移存器,
非奇异性,
状态刷新变换,
双射性
Abstract: Grain cipher is one of the 3 final hardware-oriented stream ciphers of the eSTREAM project, it is based on two feedback shift registers and a filtering function, and it can effectively resist stream cipher attacks based on linear feedback shift register. In this paper, the nonsingularity of the Grain-like cascade feedback shift registers is investigated, the sufficient conditions of state refresh transformations in initialization phase and key stream generation phase being bijective is given. As a counterexample, for the word-oriented Grain-like cascade feedback shift registers, even if the two feedback shift registers are both nonsingular, and the filtering function satisfies proper conditions, the state update transformation can also be nonbijective. It proves the result of criteria for nonsingularity by using Grain v1 algorithm.
Key words:
stream cipher,
Grain algorithm,
nonlinear feedback shift register,
nonsingularity,
state refresh transformation,
bijectivity
中图分类号: