对SHA-3计划候选算法ARIRANG采用的分组密码组件进行了安全性分析,利用初始密钥的一个线性变换和轮函数的全1差分特征,给出了一个完整40轮ARIRANG加密模式的相关密钥矩形攻击,该攻击是第一个对ARIRANG加密模式的密码分析结果.攻击结果表明:ARIRANG加密模式作为分组密码是不抵抗相关密钥矩形攻击的.%The security of the block cipher used in the compression function of ARIRANG, which was one of the SHA-3 candidates, was revaluated. Based on a linear transformation of the master key and the all-one differentia] of the round function, a full 40-round related-key rectangle attack of the ARIRANG encryption mode was presented, which was the first cryptanalytic result of the ARIRANG encryption mode. The result shows that the ARIRANG encryption mode as a block cipher is not immune to the related-key rectangle attack.
展开▼