Query:
学者姓名:邹剑
Refining:
Year
Type
Indexed by
Source
Complex
Former Name
Co-
Language
Clean All
Abstract :
祖冲之密码算法(ZUC-128)是我国发布的商用密码算法中的序列密码算法,在4G移动通信领域发挥重要作用,本文主要研究如何以较少的量子比特实现ZUC-128算法的完整量子电路.S盒是ZUC-128算法非线性组件的重要组成部分,因此本文详细研究S盒量子电路的优化实现.32比特S盒是由4个8 × 8 S盒组成,即S=(S0,S1,S2,S3),其中S0=S2,S1=S3.首先通过穷搜剪枝的策略非就地实现了 S0;其次重点研究通过同构映射将S1的主要部分F28乘法求逆转换为F24上的乘法求逆运算,完成了只需要8个辅助量子位的S1就地实现量子电路.S1电路总共需要16个量子比特、96个Toffoli门、224个CNOT门、4个NOT门,Toffoli深度为78.最后探索出以较少的量子比特实现ZUC-128算法整个流程的量子电路构造,当工作步骤中轮数L=32时,该量子电路需要6244个量子比特、85 843个Toffoli 门、245 304 个 CNOT 门和 66 512 个 NOT 门,Toffoli 深度为 52 074.
Keyword :
ZUC-128 ZUC-128 同构映射 同构映射 量子电路 量子电路
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 向思明 , 邹剑 , 黄倩 et al. 低量子比特条件下祖冲之密码的高效线路实现 [J]. | 密码学报(中英文) , 2025 , 12 (1) : 180-199 . |
| MLA | 向思明 et al. "低量子比特条件下祖冲之密码的高效线路实现" . | 密码学报(中英文) 12 . 1 (2025) : 180-199 . |
| APA | 向思明 , 邹剑 , 黄倩 , 罗宜元 , 吴文玲 . 低量子比特条件下祖冲之密码的高效线路实现 . | 密码学报(中英文) , 2025 , 12 (1) , 180-199 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
Currently, no efficient implementation scheme for the ZUC algorithm S-box has been found. In general, it is implemented through lookup tables, while such operation consumes a large amount of hardware resources and is not suitable for using the ZUC algorithm in limited environments. In response to these shortcomings, the complete circuit implementation of S-box of ZUC algorithm and the in-place implementation of linear transformation are raised in this study, designated to effectively reduce the resource cost of the ZUC algorithm circuit implementation. ZUC’s S-box is composed of four 8×8 S-boxes, i.e., S = (S0,S1,S2,S3), where S0 = S2, S1 = S3. Firstly, this study uses the search strategy of exhaustive pruning and the SAT-based S-box optimization technique to give the efficient implementation of three P transforms in the S0, and then obtains an S0 compact circuit implementation for the first time. Secondly, according to the algebraic expression of S1, by applying several advanced combinatorial logic minimization techniques, 720 cases of the tower field representations for inverse of F28 field under normal basis are studied, and the compact circuit implementation of S1 is obtained. Compared to previous implementation methods based on composite field, it saves 25.48% of hardware overhead. Finally, the linear transformation in ZUC algorithm is converted into matrix form, and its in-place implementation is obtained by using the heuristic algorithm of optimizing linear matrix. It reduces XOR gates by 34.77% and does not require the use of additional auxiliary bits. The research is of a positive impact on the circuit implementation of ZUC algorithm in traditional environment and quantum environment. © 2024 Chinese Association for Cryptologic Research. All rights reserved.
Keyword :
circuit implementation circuit implementation linear permutation linear permutation S-box S-box ZUC ZUC
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Zou, J. , Huang, Q. , Wei, Z.-H. et al. Optimization of Circuit Implementation for ZUC Algorithm; [ZUC 算法的线路优化实现] [J]. | Journal of Cryptologic Research , 2024 , 11 (5) : 1108-1125 . |
| MLA | Zou, J. et al. "Optimization of Circuit Implementation for ZUC Algorithm; [ZUC 算法的线路优化实现]" . | Journal of Cryptologic Research 11 . 5 (2024) : 1108-1125 . |
| APA | Zou, J. , Huang, Q. , Wei, Z.-H. , Li, L.-J. , Wu, W.-L. . Optimization of Circuit Implementation for ZUC Algorithm; [ZUC 算法的线路优化实现] . | Journal of Cryptologic Research , 2024 , 11 (5) , 1108-1125 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
In this paper, we promote Trojan message attacks against Merkle-Damg & aring;rd hash functions and their concatenation combiner in quantum settings for the first time. Two main quantum scenarios are considered, involving the scenarios where a substantial amount of cheap quantum random access memory (qRAM) is available and where qRAM is limited and expensive to access. We first discuss the construction of diamond structures and analyze the corresponding time complexity in both of these quantum scenarios. Secondly, we propose quantum versions of the generic Trojan message attacks on Merkle-Damg & aring;rd hash functions as well as their improved versions by combining with diamond structures and expandable messages, and then determine their cost. Finally, we propose Trojan message attack against Merkle-Damg & aring;rd hash concatenation combiner in quantum setting. The results show that Trojan message attacks can be improved significantly with quantum computers under both scenarios, so the security of hash constructions in classical setting requires careful re-evaluation before being deployed to the post-quantum cryptography schemes.
Keyword :
Collision attack Collision attack Herding attack Herding attack qRAM qRAM Quantum computation Quantum computation Quantum cryptography Quantum cryptography Trojan message Trojan message
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Xu, Ying , Du, Xiaoni , Zou, Jian . Quantum security of Trojan message attacks on Merkle-Damgård hash construction [J]. | DESIGNS CODES AND CRYPTOGRAPHY , 2024 , 93 (3) : 737-768 . |
| MLA | Xu, Ying et al. "Quantum security of Trojan message attacks on Merkle-Damgård hash construction" . | DESIGNS CODES AND CRYPTOGRAPHY 93 . 3 (2024) : 737-768 . |
| APA | Xu, Ying , Du, Xiaoni , Zou, Jian . Quantum security of Trojan message attacks on Merkle-Damgård hash construction . | DESIGNS CODES AND CRYPTOGRAPHY , 2024 , 93 (3) , 737-768 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
当前还未发现ZUC算法S盒的高效线路实现方案,一般以查找表的方式进行实现.该操作将消耗大量的硬件资源,非常不适用于在受限环境下使用ZUC算法.针对上述不足,本文首次给出ZUC算法S盒的完整线路实现以及线性变换的in-place实现,可以有效地降低ZUC算法线路实现的资源开销.ZUC算法中的S盒由4个大小为8×8的S盒组合而成,即S=(S0,S1,S2,S3),其中S0=S2,S1=S3.首先,使用穷举剪枝的搜索策略以及基于SAT的S盒优化技术给出S0中3个P变换的高效线路实现,进而首次得到S0的紧凑线路实现.其次,根据S1的代数表达式,通过应用几种最先进的组合逻辑最小化技术,对正规基下F28域上求逆运算的720种塔域表示进行全面的研究,得到S1的紧凑线路实现.相较于以往基于复合域的实现方法,节省了25.48%的硬件开销.最后,将ZUC算法中的线性变换转换成矩阵形式,并使用优化线性矩阵的启发式算法得到其in-place实现,减少了34.77%的XOR门数,且不需要使用额外的辅助比特.本文研究将会对传统环境下以及量子环境下ZUC算法的线路实现产生积极的影响.
Keyword :
S盒 S盒 ZUC ZUC 线性变换 线性变换 线路实现 线路实现
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 邹剑 , 黄倩 , 魏子豪 et al. ZUC算法的线路优化实现 [J]. | 密码学报(中英文) , 2024 , 11 (5) : 1108-1125 . |
| MLA | 邹剑 et al. "ZUC算法的线路优化实现" . | 密码学报(中英文) 11 . 5 (2024) : 1108-1125 . |
| APA | 邹剑 , 黄倩 , 魏子豪 , 李立基 , 吴文玲 . ZUC算法的线路优化实现 . | 密码学报(中英文) , 2024 , 11 (5) , 1108-1125 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
The Zu Chongzhi cryptographic algorithm (ZUC) is a stream cipher algorithm published in China. This paper focuses on the realization of the complete quantum circuit for the ZUC-128 algorithm with low T-depth. The S-box is a crucial component of the nonlinear aspect of the ZUC-128 algorithm. Initially, we derive the classical circuit implementations of S0 and S1 using an exhaustive pruning strategy and tower domain decomposition technology. Subsequently, we develop quantum circuits for S0 and S1 in two steps: first by reducing the AND-depth of the classical circuit, and then by ensuring that the T-depth of the quantum circuit equals the AND-depth of the classical circuit. Our new S0 and S1 quantum circuits both have a T-depth of 7. We are currently researching the quantum circuit implementation of the adder and L function in order to minimize the T-depth of the entire circuit. Finally, we propose the construction of quantum circuit to realize the whole process of ZUC-128 algorithm with low T-depth. When the number of rounds L = 32 in the working step, this quantum circuit requires 46008 qubits, 682340 T gates, 2008535 CNOT gates and 42680 NOT gates, with the T-depth of 11341, and the number of qubits multiplied by T-depth is 5.22 × 108 © 2024 Chinese Academy of Sciences. All rights reserved.
Keyword :
quantum circuit quantum circuit tower domain decomposition tower domain decomposition ZUC-128 ZUC-128
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Zou, J. , Xiang, S. , Zou, C. et al. An efficient quantum circuit implementation of ZUC-128 cipher with low T-depth; [低T深度条件下ZUC-128的高效量子线路实现] [J]. | Scientia Sinica: Physica, Mechanica et Astronomica , 2024 , 54 (12) . |
| MLA | Zou, J. et al. "An efficient quantum circuit implementation of ZUC-128 cipher with low T-depth; [低T深度条件下ZUC-128的高效量子线路实现]" . | Scientia Sinica: Physica, Mechanica et Astronomica 54 . 12 (2024) . |
| APA | Zou, J. , Xiang, S. , Zou, C. , Wu, W. . An efficient quantum circuit implementation of ZUC-128 cipher with low T-depth; [低T深度条件下ZUC-128的高效量子线路实现] . | Scientia Sinica: Physica, Mechanica et Astronomica , 2024 , 54 (12) . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
In MILCOM 2015, Kelly et al. proposed the authentication encryption algorithm MK-3, which applied the 16-bit S-box. This paper aims to implement the 16-bit S-box with less circuit area. First, we classified the irreducible polynomials over F2n\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{2<^>n}$$\end{document} into three kinds. Then we compared the logic gates required for multiplication over the finite field constructed by the three types of irreducible polynomials. According to the comparison result, we constructed the composite fields, F(24)2\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{(2<^>4)<^>2}$$\end{document} and F(28)2\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{(2<^>8)<^>2}$$\end{document}. Based on the isomorphism of finite fields, the operations over F216\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{2<^>{16}}$$\end{document} can be conducted over F(28)2\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{(2<^>8)<^>2}$$\end{document}. Similarly, elements over F28\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{2<^>8}$$\end{document} can be mapped to the corresponding elements over F(24)2\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{(2<^>4)<^>2}$$\end{document}. Next, the SAT solver was used to optimize the operations over smaller field F24\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {F}_{2<^>4}$$\end{document}. At last, the architecture of the optimized MK-3 S-box was worked out. Compared with the implementation proposed by the original designer, the circuit area of the MK-3 S-box in this paper is reduced by at least 55.9%.
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Li, Yanjun , Zhang, Weiguo , Lin, Yiping et al. A circuit area optimization of MK-3 S-box [J]. | CYBERSECURITY , 2024 , 7 (1) . |
| MLA | Li, Yanjun et al. "A circuit area optimization of MK-3 S-box" . | CYBERSECURITY 7 . 1 (2024) . |
| APA | Li, Yanjun , Zhang, Weiguo , Lin, Yiping , Zou, Jian , Liu, Jian . A circuit area optimization of MK-3 S-box . | CYBERSECURITY , 2024 , 7 (1) . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
In this paper, we present some new key-recovery attacks on Misty L-KF, Misty R-KF, and generalized Feistel schemes. Firstly, we propose a new 5-round distinguisher on Misty L-KF structure. Based on our new distinguisher attack, we propose a new6-round Demiric-Sel & ccedil;uk meet-in-the-middle attack (DS-MITM attack) against Misty L-KF structure. Secondly, we extend our classical DS-MITM attack to a new quantum DS-MITM attack on Misty L-KF structure by using the quantum claw finding algorithm. In addition, we apply the above method to attack Misty R-KF and generalized Feistel schemes. To sum up, we construct our classical key-recovery attacks on the 6-round Misty L-KF structure and Misty R-KF structure with O(2(3n/4)) time and O(2(n/2)) memory cost. By using a quantum computer, our new quantum key-recovery attacks on the 6-round Misty L-KF structures and Misty R-KF structures can be constructed with O(2n/2) time and O(2n/2) memory cost. Furthermore, we can construct our new quantum (5d-4)-round key-recovery attacks on the d-branch contracting Feistels with O(2(d-1)n/d) time and O(2(d-1)n/d) memory cost. In the end, we can construct our new quantum(4d-3)-round and (5d-4)-round key-recovery attacks on the two types of d-branch expanding Feistels with O(2(d-1)n/d) time and O(2(d-1)n/d) memory cost.
Keyword :
Cryptanalysis Cryptanalysis Generalized Feistel scheme Generalized Feistel scheme Misty structure Misty structure Quantum DS-MITM attack Quantum DS-MITM attack
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Zou, Jian , Huang, Kairong , Zhu, Min et al. New Demiric-Selcuk meet-in-the-middle attacks on Misty and Feistel schemes [J]. | QUANTUM INFORMATION PROCESSING , 2024 , 23 (4) . |
| MLA | Zou, Jian et al. "New Demiric-Selcuk meet-in-the-middle attacks on Misty and Feistel schemes" . | QUANTUM INFORMATION PROCESSING 23 . 4 (2024) . |
| APA | Zou, Jian , Huang, Kairong , Zhu, Min , Zou, Hongkai , Luo, Yiyuan , Liu, Qian . New Demiric-Selcuk meet-in-the-middle attacks on Misty and Feistel schemes . | QUANTUM INFORMATION PROCESSING , 2024 , 23 (4) . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
目前,在非平衡环境下的 r-碰撞问题还没有得到有效的解决.本文提出了一种新的高效算法来对 r 个不同的非平衡函数寻找对应的 r-碰撞.新算法是将现有的 r-碰撞算法、并行碰撞搜索算法与非平衡中间相遇攻击技术进行有机结合.具体攻击过程如下所示:首先,攻击者把 r 个函数分成左右两个集合,当 r 为偶数时,其对应的左右集合分别为{fl1,fl2,…,flr/2}和{ft1,ft2,…,ftr/2},并需要在左右集合中对应位置的两个非平衡函数 fli 和 fti(1≤i≤「r/2」)之间寻找碰撞.以第 i 对为例,攻击者在碰撞-收集阶段可以采用 PCS 算法收集两个非平衡函数 fli 和 fti 的 2mi 个碰撞.注意到,攻击者需要对左右集合中「r/2」个位置对重复上述寻找碰撞的操作.如果 r 是奇数,攻击者还需要对剩下的函数 f 收集 2m0 个函数值.在碰撞-收集阶段之后,攻击者采用中间相遇攻击在 r-「r/2」个列表中寻找 r-碰撞.新算法的主要结果是:(1)与现有的 r-碰撞算法不同,新算法的时间复杂度是由所需存储量和所选择的分组方法决定的.(2)在存储足够的情况下,新的 r-碰撞算法的时间复杂度公式为:当 r = 2k 时,时间复杂度为 O(2(r-1)n+∑r/2 x=1 log2 Rtx/r+log2 Rlj/2);当 r = 2k+1 时,时间复杂度为O(2(r-1)(n+log2Rlj/2)+log2Rc+∑(r-1)/2x=1 log2Rtx/r),其中 Rlj 表示左集合中实现代价最大的函数的实现代价,Rc 表示未配对函数的实现代价,Rtx(1≤x≤(r-1)/2)表示右集合中各函数实现代价.对于 r = 2k(或 r = 2k+1),攻击者首先需要找到 min(∑r/2x=1 log2 Rtx/r+log2 Rlj/2)(或 min(log2 Rc+∑(r-1)/2x=1 log2 Rtx/r+(r-1)log2 Rlj/2r)),从而求出该情况下的最佳分组方法和最佳时间复杂度.(3)在存储有限的情况下,如果不知道所有分组方法所需的时间复杂度,攻击者就无法得到最佳的时间复杂度.
Keyword :
r-碰撞算法 r-碰撞算法 并行碰撞搜索算法 并行碰撞搜索算法 非平衡中间相遇攻击 非平衡中间相遇攻击
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 邹剑 , 李金春 , 董乐 et al. 非平衡r-碰撞问题的高效解决算法 [J]. | 密码学报 , 2023 , 10 (3) : 574-587 . |
| MLA | 邹剑 et al. "非平衡r-碰撞问题的高效解决算法" . | 密码学报 10 . 3 (2023) : 574-587 . |
| APA | 邹剑 , 李金春 , 董乐 , 李灵琛 . 非平衡r-碰撞问题的高效解决算法 . | 密码学报 , 2023 , 10 (3) , 574-587 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
At SAC 2021, Frixons et al. proposed quantum boomerang attacks that can effectively recover the keys of block ciphers in the quantum setting. Based on their work, we further consider how to quantize the generic boomerang attacks proposed by Biham et al. at FSE 2002, so as to obtain more generic quantum boomerang attacks. Similar to Frixons et al.’s work, we only consider quantum key recovery attacks in the single-key setting. With the help of some famous quantum algorithms, this paper presents two methods to convert the attacks of Biham et al. into some new quantum key recovery attacks. In order to proof our methods, we apply our new ideas to attack Serpent-256 and ARIA-196. To sum up, for Serpent-256, we give valid 9-round and 10-round quantum key recovery attacks respectively. The quantum time complexity of 9-round and 10-round of Serpent-256 is 2 115.43 and 2 126.6 respectively. Furthermore, we show a valid quantum key attack on 6-round ARIA-196 which has a time complexity of 2 89.8 with negligible memory. The time complexity of the above quantum attacks are better than the corresponding classical attacks and quantum generic key recovery attack via Grover’s algorithm. © 2023, The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature.
Keyword :
Block cipher Block cipher Boomerang attack Boomerang attack Key recovery attack Key recovery attack Quantum algorithm Quantum algorithm Quantum search Quantum search
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Zou, H. , Zou, J. , Luo, Y. . New results on quantum boomerang attacks [J]. | Quantum Information Processing , 2023 , 22 (4) . |
| MLA | Zou, H. et al. "New results on quantum boomerang attacks" . | Quantum Information Processing 22 . 4 (2023) . |
| APA | Zou, H. , Zou, J. , Luo, Y. . New results on quantum boomerang attacks . | Quantum Information Processing , 2023 , 22 (4) . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
At present, the problem of r-collision in the unbalanced environment has not yet been effectively solved. In this paper, a new efficient algorithm is proposed to find an unbalanced r-collision of r different and unbalanced functions. The new algorithm adopts the techniques from the previous 3-collision algorithm, the parallel collision search (PCS) algorithm and the unbalanced meet-in-the-middle (UMitM) attack. The attack process of the new algorithm can be described as follows: First, the attacker divides r functions into left and right sets. When r is even, the corresponding left and right sets are {fl1, fl2, · · ·, flr/2} and {ft1, ft2, · · ·, ftr/2} respectively, and it is necessary to find collisions between two unbalanced functions fli and fti (for 1 ≤ i ≤ ⌊r/2⌋) at corresponding positions in the left and right sets. Take the i-th function for example, the attacker adopts the PCS algorithm to collect 2mi collisions of two unbalanced functions fli and fti. Note that the attacker needs to repeat the collection-collision operation for ⌊r/2⌋ pairs of positions in the left and right sets. If r is odd, the attacker also needs to collect 2m0 images of the left function. After the collision-collection phase, the attacker adopts the MitM attack to find a r-collision between these r − ⌊r/2⌋ lists. The main results of the new algorithm are: (1) The time complexity of the new algorithm is determined by the memory and the chosen grouping methods, which is different from the previous r-collision algorithm. (2) With sufficient storage, the time complexity formula of the new r-collision algorithm is as follows: when r = 2k, the time complexity is O(2 (r−1)n+∑r xr /2 =1 log2 Rtx + log2 2 Rlj ). When r = 2k + 1, the time complexity is O(2 (r−1)(n+log2 Rlj/2)+log r 2 Rc+∑(x r =1 −1)/2 log2 Rtx ), where Rlj is the implementation cost of the function with the highest implementation cost in the left set, Rc is the implementation cost of the unpaired function, and Rtx(1 ≤ x ≤ (r − 1)/2) is the implementation cost of each function in the right set. The attacker first needs to find min(∑r x /2 =1 logr2 Rtx + log22Rlj ) for r = 2k (or min(log2 Rc+∑ x (r =1 −r1)/2 log2 Rtx + (r−1)2logr2 Rlj ) for r = 2k + 1) so as to find the best grouping method and the best time complexity in this case. (3) With limited storage, the attacker cannot find the best time complexity without exhausting the time complexity of all grouping methods. © 2023 Authors. All rights reserved.
Keyword :
parallel collision search algorithm parallel collision search algorithm r-collision algorithm r-collision algorithm unbalanced meet-in-the-middle attack unbalanced meet-in-the-middle attack
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Zou, J. , Li, J.-C. , Dong, L. et al. Algorithms for Solving the Unbalanced r-Collision Problem; [非平衡 r-碰撞问题的高效解决算法] [J]. | Journal of Cryptologic Research , 2023 , 10 (3) : 574-587 . |
| MLA | Zou, J. et al. "Algorithms for Solving the Unbalanced r-Collision Problem; [非平衡 r-碰撞问题的高效解决算法]" . | Journal of Cryptologic Research 10 . 3 (2023) : 574-587 . |
| APA | Zou, J. , Li, J.-C. , Dong, L. , Li, L.-C. . Algorithms for Solving the Unbalanced r-Collision Problem; [非平衡 r-碰撞问题的高效解决算法] . | Journal of Cryptologic Research , 2023 , 10 (3) , 574-587 . |
| Export to | NoteExpress RIS BibTex |
Version :
Export
| Results: |
Selected to |
| Format: |
