針對方塊攻擊法之變形 AES 加密設計

Abstract

在1997年由Joan Daemen、Lars R. Knudsen與Vincent Rijmen 提出Square attack之後，改良過的Square attack 已經可以用來攻擊9個回合版本的AES區塊加密法。在這篇論文中，一方面我們分析多種區塊加密法的性質並且試著找出改良AES的方法；另一方面我們也分析多種密碼攻擊法的流程，找出它們藉由哪些性質的存在才能攻擊區塊加密法。最後我們把AES的規格稍做修改，以增加一些記憶體需求做為代價使得安全性更為提高。 我們將介紹一種修改過的AES版本，它在抵抗Square attack 的表現上具有更高的安全性，使得Square attack攻擊128位元密鑰長度的6回合版本的區塊加密法所需複雜度高於使用暴力搜尋法。同時我們也使用differential attack 與 linear attack 對修改前後的AES作分析，證明修改過的AES在這兩方面的抵抗能力都比較好。因此我們宣稱此修改過的AES比原本的AES具有更高的安全性。

Since the ``Square'' attack was introduced by Joan Daemen, Lars R. Knudsen and Vincent Rijmen in 1997, its variants has been reported to go against 9 rounds of AES. On one hand, we analyse the attributes of several block ciphers and try to improve AES. On the other hand, we analyse the features of some cryptanalysis and try to find out what properties are need to attack block ciphers. We propose a modified version of AES in order to have higher security level in prevention from the ``Square'' attack. We also compare the resistance to the ``Square'' attack, the differential attack and the linear attack between AES and the modified AES. Finally we prove that the modified AES provides higher security than AES.