项目名称: 基于流密码架构的认证加密方案设计
项目编号: No.61472415
项目类型: 面上项目
立项/批准年度: 2015
项目学科: 自动化技术、计算机技术
项目作者: 叶顶锋
作者单位: 中国科学院信息工程研究所
项目金额: 80万元
中文摘要: 认证加密方案同时提供保密性和完整性两大安全功能,具有极其广泛的应用前景。2013年启动的CAESAR竞赛为认证加密的研究提供了一个很好的国际性平台。本项目以CAESAR竞赛为直接目标,进行认证加密方案的研究。研究内容分为方案设计、方案实现与方案分析三个部分。本项目确定了流密码架构下的模块化的设计路线,以保证方案在实现效率上的优势和安全性论证上的便利;确定了以活跃S盒个数估计为主线的安全性论证路线,以保证方案对线性攻击、差分攻击等经典攻击的可证明安全性;同时研究方案的bit-slice实现和利用AES-NI指令的实现,以及方案的应用安全和抗生日攻击能力;本项目也将分析CAESAR竞赛中出现的其他认证加密方案,探索未知攻击方法。通过本项目的研究,我们旨在认证加密方案的设计方法和论证方法上有所突破,提出若干设计和分析的创新方法,设计出若干高效、安全、适用于各种应用环境的认证加密方案。
中文关键词: 认证加密方案;流密码;消息认证码;CAESAR竞赛
英文摘要: Authenticated encryption schemes, which provide both privacy and integrity, have wide range of applications. The CAESAR competition beginning at 2013 gives an international platform for the research of the authenticated encryption. We will take this opportunity and conduct a study of the authenticated encryption. This project will focus on the design, implementation and analysis of the authenticated encryption scheme respectively. In order to promote the implementation efficiency and facilitate the security argument, we will adopt the framework of stream cipher and the modular design method for the authenticated encryption scheme. In particular, we shall reduce the provable security argument of the scheme with respect to classical attacks such as the linear attack and the differential attack to the problem of estimating the number of active S-box. Furthermore we will investigate the implementation techniques such as the bit-slice skill and the AES-NI instructions based solution, and consider the security in practical applications as well as the resistance to the birthday attack of our scheme. Meantime we will analysis other proposed schemes in the CAESAR competition and explore new attack methods. The research project aims to make a breakthrough in the design philosophy and the security argument methodology, and propose one authenticated encryption scheme which is efficient, secure and applicable in the most practical environments.
英文关键词: Authenticated encryption scheme;Stream cipher;Message authentication code;CAESAR competition