关于三个流密码的安全性.pdfVIP

1000-9825/2005/16(07) 1344 ©2005 Journal of Software 软 件 学 报 Vol.16, No.7 关于三个流密码的安全性 1+ 2 1 2 张 斌 , 伍宏军 , 冯登国 , 鲍 丰 1(信息安全国家重点实验室( 中国科学院 研究生院),北京 100049) 2 (Institute for Infocomm Research, 1 19613, Singapore) On the Security of Three Stream Ciphers 1+ 2 1 2 ZHANG Bin , WU Hong-Jun , FENG Deng-Guo , BAO Feng 1(State Key Laboratory of Information Security (Graduate School, The Chinese Academy of Sciences), Beijing 100049 , China) 2 (Institute for Infocomm Research, 1 19613, Singapore) + Corresponding author: Phn : +86- 10 Fax: +86- 10 E-mail : mzb_123@, Received 2004-02-13; Accepted 2004-10-09 Zhang B, Wu HJ, Feng DG, Bao F. On the security of three stream ciphers. Journal of Software, 2005,16(7): 1344- 1351. DOI: 10.1360/jos161344 Abstract : In this paper three newly proposed stream ciphers S1, S2 and S3 are analyzed. These stream ciphers are designed with respect to different levels of GSM security. The results show that both S1 and S2 are vulnerable t o the known plaintext attacks and S3 can not decrypt correctly. With negligible amount of computation and few known keystream bytes, S1 and S2 can be broken completely. Furthermore, simulation results show that S3 cannot work correctly. The conclusion is that these stream ciphers are either extremely weak or poorly designed so that they cannot play the role as the designers hope in GSM network security. Key words : stream cipher; security; GSM network; linear feedback shift register; bytes 摘 要: 对3 个新近提出的流密码S1,S2 及S3 进行了分析.这3 个流密码被设计用于GSM 网络加密,且分别对应 于不同的安全性等级.结果表明,S1 和 S2 都易受已知明文攻击,而 S3 不能正确解密.只需少量的密文字节和可以忽 略的计算量就能够完全破解S1 和S2.模拟实验结果表明,S3 不能正确工作.结论是这3 个流密码要么及其脆弱,要么 就是不