【作者】 张鹏；

【导师】 胡予濮；

【作者基本信息】 西安电子科技大学 ， 信息安全， 2011， 硕士

【摘要】 Mickey (Mutual Irregular clocking KEY)是E-STREAM工程最终胜选的流密码算法之一。该算法基于硬件实现,是由Steve Babbage和Matthew Dodd设计的,后发展为Mickey2.O和Mickey-128。由于算法设计简单,易于实现,Mickey受到了密码学界的广泛关注。本文通过分析Mickey,密码体系的设计弱点,结合错误攻击方法,提出了一种对Mickey-128的攻击方案。主要工作如下:(1)分析Mickey-128密码体系,找出在错误攻击下暴露出的弱点:寄器S的CONTROL比特对改变寄存器下一时刻的状态起了决定性作用,但对下一时刻输出的密钥流没有影响,这降低了输出函数的安全性;寄存器内部状态转化的布尔函数在一些情况下是可逆的,这降低了内部状念转化的复杂度。(2)对提出的错误攻击方案进行了仿真,证明了方案的可行性和高效性。得出如下结论:当插入640次错误时,需要960个密钥流,可以计算出寄存器的初始状态,恢复密钥流;在此的基础上再捅入416此错误时,最坏的情况下需要12480个密钥流,可以计算出密钥种子K和仞始化变量IV。更多还原

【Abstract】 Mickey (Mutual Irregular Clocking KEY) is one of the final winner algorithms in the project of E-STREAM which was designed by Steve Babbage and Matthew Dodd, and was developed to Mickey2.0 and Mickey-128. As the algorithm is designed to be simple and easy hardware implementation, Mickey has been widely concerned in cryptography.This paper analysis the weakness of Mickey, use the fault attacks, proposes a new scheme of fault attack to Mickey-128. the main contributions are as follows.(l)With analyzing Mickey-128 we find out te weakness when it attacked with fault attack: CONTROL bit of the register R is an instrument in changing state, but it do not affect the stream key, so security of the putout-function is reduced; the boolean-function that can change the internal state meybe reversible, so complexity of changeing the internal state is reduced.(2)We imitate the scheme of fault attack with sofeware, and prove its probability, and efficiency.We have conclusion as follow: When we induct 640 fault and have 960 stream key, we can find the initial state of register R and S, and find the all stream key. When we induct 416 fault and have 12480 stream key, we can find the key-seed K and the initialization variable IV.更多还原