【作者】 尹毅峰；

【导师】 胡予濮；

【作者基本信息】 西安电子科技大学 ， 密码学， 2009， 博士

【摘要】 S盒是分组密码中重要的非线性组成部分,需要混淆和扩散性能好,高度非线性的算法来构造,和大多数通常已知的对称性加密算法(包括AES的代表算法例如Rijndael和Twofish)相比较,C.B.Roellgen提出的多态密码理论能够有效抵抗差分攻击,主要用于磁盘文件的加密,本文对多态密码理论原有机制进行了改进,提出了构造安全快速S盒的新思路,并且从满足严格雪崩准则、高度非线性以及位独立性准则三个方面进行分析。本文的工作包括以下四个方面:1.基于多态性密码理论,结合P2P网络特点提出对多态性密码的输入序列的信号源进行改进,利用随机迭代单向布尔函数的方法构造满足密码学安全的提出了多态性PRNG的构造方案,为通信双方提供大量安全的会话密钥。并用相关理论和实验数据对其进行了安全性分析。2.提出了多态性Diffie-Hellman密钥交换协议设计方案:本文在C.B.Roellgen的多态性密码理论的基础上,提出16个候选单向函数,利用Hash函数优良特性和自编译系统的不可读特性,对原有的类似Diffie-Hellman存储介质密钥交换协议进行改进,设计出网络通信双方共同构造的多态性Diffie-Hellman密钥交换协议方案,并且弥补了在身份认证、阻塞性拒绝服务攻击和假冒攻击三个方面的不足。3.我们基于多态性Diffie-Hellman密钥交换协议,提出更加安全的半S-盒密钥交换协议设计方案,在交换协议中附加了通信双方的身份信息,可以由通信双方各自的伪随机序列产生器来共同设计快速S-盒,这种多态性S-盒在非正规的场景中可以得到广泛应用。4.我们按照满足严格雪崩准则、高度非线性和输出位独立性三个准则对所构造的多态性S-盒进行安全分析,工作重点在依据严格雪崩准则对改进算法进行安全性分析和性能评价,保证多态性S-盒中的伪随机序列产生器满足严格雪崩准则,保证通信双方利用多态性S-盒所产生大量协商密钥的安全性。更多还原

【Abstract】 An S-box is the important nonlinear component of block cipher algorithms. In f-act, the algorithm of S-box construction enjoys extremely highly nonlinear and h-igh level of confusion and diffusion. In contrast to most or all commonly known symmetric encryption algorithm designs (including the AES candidates such as Rijndael and Twofish), the Polymorphic Cipher (PMC) proposed by C.B.Roellgen can be made immune to Differential Power Attack. The algorithm is mostly us-ed to encrypt disk files. We propose a new method for constructing a Pseudora-ndom Number Generator (PRNG) to construct the security fast S-box. In this di-ssertation, we analyze the security of the S-box with cryptographic test methods such as strict avalanche criteria, high nonlinearity and bit independence criteria. It consists of the following four aspects.1. By combining the characteristics of P2P network with the improved Polymo-rphic Cipher (PMC) theory, we improve on the signal generator to construct the security Polymorphic PRNG with some pseudorandom iterative one-way Boolean functions. The PRNG provides mass-produced session keys for two parties across a communication channel. The security of the function is anal-yzed by some experiment al results and correlated theories.2. We propose a self-compiling-based Polymorphic Diffie-Hellman key excha-nge algorithm. We propose sixteen candidate one-way Boolean functions ba-sed on the Polymorphic Cipher (PMC) proposed by C.B.Roellgen. By combi-ning the characteristics of a perfect hash function and unobtainable self-com-pile system, we improve on the original memory medium oriented Diffie-He-llman key exchange algorithm. We propose the scheme that both commun-ication parties construct a new polymorphic Diffie-Hellman key exchange algorithm. The scheme can plug up the leaks in identity authentication, block DOS and impersonation attack.3. We propose a much more secure scheme of semi-S-box key exchange agree-ment based on the Diffie-Hellman key exchange algorithm. The identity i-nformation of two parties can be appended to the agreement. Its security is dependent upon the length of pseudorandom numbers generated by two com-munication parties. The polymorphic S-box becomes a broad agreement in ir- regular scenes.4. To satisfy a variety of cryptographic test methods, such as strict avalanche criterion (SAC), bit independence criterion (BIC), and nonlinearity, we apply polymorphic cipher (PMC) theory to the permutation function construction. Correlations among the test criteria in a real network environment are also evaluated. The most important work is to optimize the polymorphic ciphers combinational functions. Given that we are able to construct a polymorphic S-box design for a large amount of fast keys between two communication parties.更多还原