Rijndael中若干关键问题的研究
|
摘要
Rijndael于2000年10月2日被美国国家标准与技术研究所(NIST)选为美国高级加密标准,现在已成为商业数据加密的国际标准。Rijndael的密码分析与密码优化已越来越受到人们的重视。解决Rijndael密码的安全性不足问题,寻找不同密码分析技术下,更加高效的密码攻击方案,是近几年密码学的热点研究方向。
本文对高级加密标准Rijndael密码进行了深入的研究,内容包括:Rijndael密码的基本原理,S-box代数性质,新S-box构造方案,密钥相关攻击,Rijndael密码的方程系统以及基于Grobner基的代数攻击问题,主要成果有:
1.提出新的Rijndael S-box设计方案。针对Rijndael S-box在代数复杂度、雪崩效应、仿射变换周期、迭代周期等方面的不足,提出了新的S-box构造方案以解决Rijndael S-box性能不足的问题,新S-box在平衡性、差分均匀度、抗代数攻击阻力、雪崩效应、非线性度、代数复杂度、仿射变换周期、迭代周期等方面具有近乎最优的性质。
2.提出对减少轮数的Rijndael-128/192的密钥相关攻击改进方案。通过改变轮变换的次序,采用轮密钥的变形形式,利用密钥的相关性和设计合理的密钥差分模式,提出了两种7轮密钥相关攻击改进方案,攻击的时间复杂度和数据复杂度都大大降低。
3.提出对减少轮数的Rijndael-128/256的密钥相关攻击改进方案。利用Rijndael-128/256实现的灵活性和密钥的相关性,提出了两种7轮密钥相关攻击改进方案和一种8轮密钥相关攻击改进方案,攻击的时间复杂度和数据复杂度都大大降低;并给出了Rijndael-128/256的9轮密钥相关攻击方案。
4.提出一种Rijndael S-box方程系统的生成方法。基于S-box的构造原理和分量表示方法,提出了一种Rijndael S-box方程系统的生成方法,并给出了其详细的生成过程。
5.研究Rijndael密码的三种方程系统。基于Rijndael密码的工作原理,给出了Rijndael密码在域GF(28)和域GF(2)上的方程系统,并给出将其嵌入BES后的方程系统。对这些方程系统的深入研究为Rijndael的代数攻击打下了坚实的基础。
6.提出了Rijndael-192/192零维Grobner基的构造方法。基于Grobner基理论,探索提高Rijndael代数攻击效率的方法,通过选择合理的项序,提出了一种构造Rijndael-192/192零维Grobner基的方法,并给出了相关结论的理论证明。
The Rijndael algorithm was chosen by NIST (National Institute of Standard and Technology) as advanced encryption standard(AES) on October2,2010, and it has become the international standard in commerce field. The cryptanalysis and optimization study of Rijndael are becoming more and more important. At present, solving the insecurity problem of Rijndael and seeking efficient attack methods for specific cryptanalysis technology are interesting topics of cryptology.
An investigation of the Rijndael algorithm is taken in this thesis. We have focused on developing the basic principle of Rijndael, on developing the algebraic property of the Rijndael S-box, on the new S-box construction scheme, on the related-key attacks against the reduced variants of Rijndael, on the equation systems of the Rijndael algorithm, and on the algebraic cryptanalysis problem based on Grobner basis. The key contributions are as follows:
1. The new S-box scheme is proposed. Aiming at the weaknesses in algebraic complexity, avalanche effect, affine transformation period and iterative period, the new S-box scheme is proposed to solve the problem that the performance of the Rijndael S-box is bad. The new S-box has almost the best properties in balance criteria, differential uniformity, Resistance of algebraic attacks, avalanche effect, Nonlinearity, algebraic complexity, affine transformation period and iterative period.
2. The improved related-key attacks against the reduced variants of Rijndael-128/192are proposed. Two attacks against7-round Rijndael-128/192are proposed to improve the known cryptanalysis by changing the order of round transformation, using the alternative representation of the round keys, exploiting the relationship of keys, and designing the key difference pattern properly.
3. The improved related-key attacks against the reduced variants of Rijndael-128/256are proposed. Two attacks against7-round Rijndael-128/256are proposed to improve the known cryptanalysis by using the implementation flexibility and the key relevance. Furthermore, an attack against8-round Rijndael-128/256is proposed to improve the known cryptanalysis. And an attack against9-round Rijndael-128/256is presented too.
4. The approach to generating the equation system of the Rijndael S-box is proposed. Based on the construction principle of the Rijndael S-box and the component expression method, a new approach to generating the multivariate quadratic equation system over GF(2) is proposed, and the generation process is given explicitly.
5. The three equation systems of the Rijndael algorithm are studied. Based on the basic principle of Rijndael, the equation systems over GF(2) and GF(28) are presented, and the equation system of Rijndael as an embedding in BES is also presented. The investigation of the three equation systems lay a solid foundation for the algebraic attack against Rijndael.
6. The construction method of Rijndael-192/192zero-dimensional Grobner basis is proposed. Based on the Grobner basis theory, the method to improve algebraic attack against Rijndael is explored. A construction method of Rijndael-192/192zero-dimensional Grobner basis is proposed through choosing suitable term order and variable order, and the necessary theorical proves are given.
本文对高级加密标准Rijndael密码进行了深入的研究,内容包括:Rijndael密码的基本原理,S-box代数性质,新S-box构造方案,密钥相关攻击,Rijndael密码的方程系统以及基于Grobner基的代数攻击问题,主要成果有:
1.提出新的Rijndael S-box设计方案。针对Rijndael S-box在代数复杂度、雪崩效应、仿射变换周期、迭代周期等方面的不足,提出了新的S-box构造方案以解决Rijndael S-box性能不足的问题,新S-box在平衡性、差分均匀度、抗代数攻击阻力、雪崩效应、非线性度、代数复杂度、仿射变换周期、迭代周期等方面具有近乎最优的性质。
2.提出对减少轮数的Rijndael-128/192的密钥相关攻击改进方案。通过改变轮变换的次序,采用轮密钥的变形形式,利用密钥的相关性和设计合理的密钥差分模式,提出了两种7轮密钥相关攻击改进方案,攻击的时间复杂度和数据复杂度都大大降低。
3.提出对减少轮数的Rijndael-128/256的密钥相关攻击改进方案。利用Rijndael-128/256实现的灵活性和密钥的相关性,提出了两种7轮密钥相关攻击改进方案和一种8轮密钥相关攻击改进方案,攻击的时间复杂度和数据复杂度都大大降低;并给出了Rijndael-128/256的9轮密钥相关攻击方案。
4.提出一种Rijndael S-box方程系统的生成方法。基于S-box的构造原理和分量表示方法,提出了一种Rijndael S-box方程系统的生成方法,并给出了其详细的生成过程。
5.研究Rijndael密码的三种方程系统。基于Rijndael密码的工作原理,给出了Rijndael密码在域GF(28)和域GF(2)上的方程系统,并给出将其嵌入BES后的方程系统。对这些方程系统的深入研究为Rijndael的代数攻击打下了坚实的基础。
6.提出了Rijndael-192/192零维Grobner基的构造方法。基于Grobner基理论,探索提高Rijndael代数攻击效率的方法,通过选择合理的项序,提出了一种构造Rijndael-192/192零维Grobner基的方法,并给出了相关结论的理论证明。
The Rijndael algorithm was chosen by NIST (National Institute of Standard and Technology) as advanced encryption standard(AES) on October2,2010, and it has become the international standard in commerce field. The cryptanalysis and optimization study of Rijndael are becoming more and more important. At present, solving the insecurity problem of Rijndael and seeking efficient attack methods for specific cryptanalysis technology are interesting topics of cryptology.
An investigation of the Rijndael algorithm is taken in this thesis. We have focused on developing the basic principle of Rijndael, on developing the algebraic property of the Rijndael S-box, on the new S-box construction scheme, on the related-key attacks against the reduced variants of Rijndael, on the equation systems of the Rijndael algorithm, and on the algebraic cryptanalysis problem based on Grobner basis. The key contributions are as follows:
1. The new S-box scheme is proposed. Aiming at the weaknesses in algebraic complexity, avalanche effect, affine transformation period and iterative period, the new S-box scheme is proposed to solve the problem that the performance of the Rijndael S-box is bad. The new S-box has almost the best properties in balance criteria, differential uniformity, Resistance of algebraic attacks, avalanche effect, Nonlinearity, algebraic complexity, affine transformation period and iterative period.
2. The improved related-key attacks against the reduced variants of Rijndael-128/192are proposed. Two attacks against7-round Rijndael-128/192are proposed to improve the known cryptanalysis by changing the order of round transformation, using the alternative representation of the round keys, exploiting the relationship of keys, and designing the key difference pattern properly.
3. The improved related-key attacks against the reduced variants of Rijndael-128/256are proposed. Two attacks against7-round Rijndael-128/256are proposed to improve the known cryptanalysis by using the implementation flexibility and the key relevance. Furthermore, an attack against8-round Rijndael-128/256is proposed to improve the known cryptanalysis. And an attack against9-round Rijndael-128/256is presented too.
4. The approach to generating the equation system of the Rijndael S-box is proposed. Based on the construction principle of the Rijndael S-box and the component expression method, a new approach to generating the multivariate quadratic equation system over GF(2) is proposed, and the generation process is given explicitly.
5. The three equation systems of the Rijndael algorithm are studied. Based on the basic principle of Rijndael, the equation systems over GF(2) and GF(28) are presented, and the equation system of Rijndael as an embedding in BES is also presented. The investigation of the three equation systems lay a solid foundation for the algebraic attack against Rijndael.
6. The construction method of Rijndael-192/192zero-dimensional Grobner basis is proposed. Based on the Grobner basis theory, the method to improve algebraic attack against Rijndael is explored. A construction method of Rijndael-192/192zero-dimensional Grobner basis is proposed through choosing suitable term order and variable order, and the necessary theorical proves are given.
引文
[1]J Daemen,V Rijmen. AES proposal:Rijndael (Version 2)[EB/OL]. Available NIST AES website csrc.nist.gov/encryption/aes.
[2]Marie A. Wright. The Advanced Encryption Standard[J]. Network Security,2001, (10):11-13.
[3]S. Murphy. The Advanced Encryption Standard (AES)[J]. Information Security Technical Report,1999,4 (4):12-17.
[4]卢开澄.计算机密码学——计算机网络中的数据保密与安全(第三版)[M].北京:清华大学出版社,2003.
[5]N. Penchalaiah. Effective Comparison and evaluation of DES and Rijndael Algorithm (AES)[J]. International Journal on Computer Science and Engineering,2010,2 (5):1641-1645.
[6]刘景伟.分组密码中关键问题的研究[D]:[硕士学位论文].西安:西安电子科技大学,2004.
[7]冯登国.国内外密码学研究现状及发展趋势[J].通信学报,2002,23(5):18-26.
[8]胡予濮.分组密码的设计与安全性分析[D]:[博士学位论文].西安:西安电子科技大学,1999.
[9]刘景美,赵林森,王新梅.一种具有最小实现代价的AES改进方法[J].西安电子科技大学学报(自然科学版),2009,36(1):52-57.
[10]刘连浩,胡志勇.基于AES的十进制加密算法及其在预付费系统中的应用[J].长沙电力学院学报,2005,20(3):61-65.
[11]刘连浩.基于十进制的加密技术研究[J].小型微型计算机系统,2006,27(7):1229-1231.
[12]韦宝典.高级加密标准AES中若干问题的研究[D]:[博士学位论文].西安:西安电子科技大学,2003.
[13]B.D.C.N.Prasad,P E S N Krishna Prasad. A Performance Study on AES algorithms [J]. International Journal of Computer Science and Information Security,2010,8 (6):128-132.
[14]S. Murphy,Robshaw, M. New observations on Rijndael[EB/OL]. Available http://csrc.nist.gov/ encryption/aes,2000.
[15]曹立.高级加密标准的指数域性质[J].计算机研究与发展,2004,41(8):1404-1409.
[16]N Courtois,A Klimov,J Patarin,A Shamir. Efficient algorithms for solving overdefined systems of multivariate polynomial equations[A]. Proceedings of Eurocrypt 2000, LNCS 1807[C]. Springer-Verlag,2000:392-407.
[17]Susan Landau. Using Algebra to Design the Advanced Encryption Standard[J]. American Mathematical Monthly,2004,89 (2):89-117.
[18]N Courtois,J Pieprzyk. Cryptanalysis of block ciphers with overdefined systems of equations[A]. In Asiacrypt 2002, Volume 2501 of Lecture Notes in Computer Science[C]. Springer-Verlag:267-287.
[19]Robshaw M J B,Murphy S. Comments on the Security of the AES and the XSLTechnique[EB/OL]. Available http://www.cosic.esat.kuleuven.ac.be/nessie/reports/,2007.
[20]N Courtois.L Goubin,W Meier,Tacier, J. Solving underdefined systems of multivariate quadratic equations[A]. Proceedings of Public Key Cryptography 2002, LNCS 2274[C]. Springer-Verlag,2002:211-227.
[21]S. Murphy,Robshaw, M. J. B. Essential algebraic structure within the AES[A]. Advances in Cryrtology-CRYPTO 2002[C]. Amsterdam, Netherlands:Springer-Verlag,2002:1-16.
[22]Mr Z'aba,K Wong,E Dawson. Algebraic analysis of small scale LEX-BES [A], the 2nd International Cryptology Conference[C]. Penerbit Universiti, Universiti Teknikal Malaysia Melaka, Melaka, Malaysia:QUT ePrints,2010:77-82.
[23]Johannes Buchmann,Andrei Pyshkin,Ralf-Philipp Weinmann. Block ciphers sensitive to Grobner basis attacks [A]. CT-RSA 2006, LNCS 3860[C]. Springer-Verlag,2006:313-331.
[24]Johannes Buchmann,Andrei Pyshkin,Ralf-Philipp Weinmann. A zero-dimensional Grobner basis for AES-128[A]. FSE 2006, LNCS 4047[C]. Springer-Verlag,2006:78-88.
[25]Makoto Sugita,Mitsuru Kawazoe.Hideki Imai. Relation between XL algorithm and Grobner Bases Algorithms[EB/OL]. Available http://eprint.iacr.org/2004/112.pdf.
[26]肖国镇,白恩健,刘晓娟.AES密码分析的若干新进展[J].电子学报,2003,31(10):1549-1554.
[27]E Biham,A Shamir. Differential cryptanalysis of DES-like cryptosystems[J]. Journal of Cryptology,1991,4(1):3-72.
[28]陈勤,周律Rijndael分组密码与差分攻击[J].小型微型计算机系统,2003,24(4):676-679.
[29]Kilsoo Chun,Seungjoo Kim,Sangjin Lee. Differential and linear cryptanalysis for 2-round SPNs[J]. Information Processing Letters,2003, (87):277-282.
[30]Raphael C.-W. Phan. Impossible differential cryptanalysis of 7-round Advanced Encryption Standard (AES)[J]. Information Processing Letters,2004, (91):33-38.
[31]Hamid Mala,Mohammad Dakhilalian,Vincent Rijmen,Mahmoud Modarres-Hashemi. Improved Impossible Differential Cryptanalysis of 7-Round AES-128[A]. LNCS 6498[C]. Springer-Verlag,2010:282-291.
[32]王小云,冯登国,于秀源HAVAL-128的碰撞攻击[J].中国科学e辑信息科学,2005,35(4):405-416.
[33]郑世慧,王小云,王美琴等.SAFER++的差分分析[J].计算机工程与应用,2005,32(30):21-23.
[34]P Kocher,J Jaffe,B Jun. Differential Power Analysis[A]. Advanced in Cryptology-CRYPTO1 99[C]. California, USA:Springer Verlag,1999:388-397.
[35]P Kocher,J Jaffe,B Jun. Introduction to Differential Power Analysis and Related Attacks[EB/OL]. Available http://www.cryptography.com/dpa/technical/,1998.
[36]赵新杰,王韬,郭世泽,郑嫒媛.AES访问驱动Cache计时攻击[J].软件学报,2011,22(3):572-591.
[37]E Trichina,T Korkishko,K H Lee. Small Size, Low Power, Side Channel-Immune AES Coprocessor:Design and Synthesis Results[A].4th AES Conference, LNCS 3373[C]. Berlin: Springer-Verlag,2005.
[38]E Oswald,S Mangard,N Pramstaller,Rijmen, V. A Side-Channel Analysis Resistant Description of the AES S-box[A]. FSE 2005, LNCS[C]. Berlin:Springer-Verlag,2005.
[39]S B Ors,F Gurkaynak,E Oswald,B Preneel. Power-Analysis Attack on an ASIC AES Implementation[A]. In Proceedings of the 2004 International Symposium on Information Technology[C]. LasVegas NV, USA:IEEE Computer Society,2004.
[40]Emmanuel Prouff. DPA Attacks and S-Boxes[A]. Fast Software Encryption:12th International Workshop[C]. Paris:Springer Berlin/Heidelberg,2005:424-441.
[41]Christophe Clavier Eri Brier, Francis Olivier. Optimal Statistical Power Analysis[EB/OL]. Available http://ePrint.iacr.org./2003/152,2003.
[42]Wu Wen-Ling,He Ye-Ping,Feng Deng-Guo,Qing Si-Han. Power Attack of MARS and Rijndael[J]. Journal of Software,2002,13 (4):532-536.
[43]吴文玲,冯登国,卿斯汉.简评美国公布的15个AES候选算法[J].软件学报,1999,10(3):225-230.
[44]刘政林,韩煜,邹雪城,陈毅成.一种基于最大偏差的AES功耗分析攻击方法[J].计算机研究与发展,2009,46(3):370-376.
[45]E Oswald,S Mangard,N Pramstaller. Secure and Efficient Masking of AES——A Mission Impossible? [R]. Graz, Austria:Institute for Applied Information Processing and Communication,University of Technology Graz,2004.
[46]J-S Coron,L Goubin. On Boolean and arithmetic masking against differential power analysis[A]. Cryptographic Hardware and Embedded Systems-CHES 2000, LNCS 1965[C]. Berlin: Springer-Verlag,2000:231-237.
[47]Kai Schramm,Christof Paar. Higher Order Masking of the AES[A]. CT-RSA 2006[C]. Berlin: Springer-Verlag Berlin Heidelberg,2006:208-225.
[48]J Daemen,V Rijmen. Resistance Against Implementation Attacks:A Comparative Study of the AES Proposals[A]. In Proceedings of the Second AES Candidate Conference (AES2)[C]. Rome, Italy:1999. http://csrc.nist.gov/encryption/aes/aes_home.htm.
[49]M-L Akkar,C Giraud. An Implementation of DES and AES, Secure against Some Attacks[A]. Workshop on Cryptographic Hardware and Embedded Systems-CHES 2001, LNCS 2162[C]. Berlin:Springer-Verlag,2001:309-318.
[50]J D.Golic,C Tymen. Multiplicative Masking and Power Analysis of AES[A]. B.S.Kaliski Jr., C.K.Koc, C.Paar(Ed). Cryptographic Hardware and Embedded Systems-CHES 2002, LNCS 2523[C]. Berlin:Springer-Verlag,2003:198-212.
[51]J Blomer,J G Merchan,V Krummel. Provably Secure Masking of AES[EB/OL]. SAC 2004, LNCS 3357:69-83, Springer-Verlag.Available http://eprint.iacr.org/2004/101,2005.
[52]N Courtois,L Goubin. An Algebraic Masking Method to Protect AES Against Power Attacks [EB/OL]. Available http://eprint.iacr.org/2005,2005.
[53]E.Trichina. Combinational logic design for aes subbyte transformation on masked data[EB/OL]. IACR.Available http://eprint.iacr.org/2003/236,2003.
[54]J Daemen,L Knudsen,V Rijnmen. The block cipher Square[A]. Fast Software Encryption,4'th International Workshop[C]. Haifa, Israel:Springer-Verlag,1997:149-165.
[55]曾游,戚文峰.AES算法攻击方法的改进[J].信息工程大学学报,2003,4(2):14-17.
[56]韦宝典,刘东苏,王新梅Square-6攻击的修正方案[J].西安电子科技大学学报(自然科学版),2004,31(1):67-71.
[57]多磊,李超.Rijndael密码的逆序Square攻击[J].电子与信息学报,2004,26(1):65-71.
[58]Yu Sasaki. Known-Key Attacks on Rijndael with Large Blocks and Strengthening ShiftRow Parameter[J]. IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences,2012, E95-A(1):21-28.
[59]Yi-Shiung Yeh,Chen-Yu Lee,Ting-Yu Huang,Chu-Hsing Lin. A Transpositional Advanced Encryption Standard (AES) Resists 3-round Square Attack[J]. International Journal of Innovative Computing, Information and Control,2009,5 (5):1253-1264.
[60]魏悦川,孙兵,李超.对Rijndael-256算法新的积分攻击[J].电子学报,2011,39(2):476-480.
[61]Marine Minier,Raphael C.-W. Phan,Benjamin Pousse. On integral distinguishers of Rijndael family of ciphers[J]. Cryptologia,2012,36 (2):104-118.
[62]S Galice,M Minier. Improving Integral Attacks Against Rijndael-256 Up to 9 RoundsfA]. LNCS 5023[C]. Springer-Verlag,2008:1-15.
[63]J Kim,S Hong,B Preneel. Related-key rectangle attacks on reduced AES-192 and AES-256[A]. FSE2007, LNCS 4593 [C]. Springer-Verlag,2007:225-241.
[64]Eli Biham,Orr Dunkelman,Nathan Keller. Related-key boomerang and rectangle attacks[A]. EUROCRYPT'05, LNCS 3494[C]. Springer-Verlag,2005:507-525.
[65]Alex Biryukov,Dmitry Khovratovich,Ivica Nikolid. Distinguisher and Related-Key Attack on the Full AES-256 [A]. Fast Software Encryption, Advances in Cryptology-CRYPTO 2009, LNCS 5677[C]. Springer-Verlag,2009:231-249.
[66]Alex Biryukov,Dmitry Khovratovich. Related-Key Cryptanalysis of the Full AES-192 and AES-256[A]. ASIACRYPT 2009, LNCS 5912[C]. Springer-Verlag,2009:1-18.
[67]N Ferguson,R Shroeppel,D Whiting. A simple algebraric representation of Rijndael[A]. Proceedings of Selected Areas in Cryptography[C]. Las Vegas,USA:Springer-Verlag,2001: 103-111.
[68]韦宝典,刘东苏,王新梅.一种新的Square攻击[J].西安电子科技大学学报(自然科学版),2003,30(7):473-476.
[69]Stefan Lucks. Attacking Seven Rounds of Rijndael under 192-bit and 256-bit Keys[A]. AES3 Proceedings[C].2000:215-229.
[70]Huseyin Demirci,Ali Aydin Selcuk. A Meet-in-the-Middle Attack on 8-Round AES[A]. Proceedings of Fast Software Encryption 2008, LNCS 5086[C]. Springer-Verlag,2008: 116-126.
[71]N. Ferguson,J. Kelsey,B. Schneier. Improved Cryptanalysis of Rijndael[A]. Fast Software Encryption 2000[C]. Springer LNCS,2000.
[72]刘建东,关杰,刘亚斌,马军Rijndael-128/1927圈的密钥相关攻击[J].通信学报,2003,24(6):144-150.
[73]Orr Dunkelman,Nathan Keller,Adi Shamir. Improved single-key attacks on 8-round AES-192 and AES-256[A]. ASIACRYPT 2010, LNCS 6477[C]. Springer-Verlag,2010:158-176.
[74]Cui Jie,Huang Liusheng,Zhong Hong,Yang Wei. Improved related-key attack on 7-round AES-128/256[A]. ICCSE 2010[C]. IEEE Computer Society,2010:462-466.
[75]Jie Cui,Hong Zhong,Runhua Shi. New related-key attack on 7-round Rijndael-128/256[J]. Journal of computational information systems,2012,8 (14):5893-5900.
[76]L. Jingmei,W. Baodian,C. Xiangguo,Et Al. An AES S-Box to Increase Complexity and Cryptographic Analysis[A].19th International Conference on Advanced Information Networking and Applications[C]. Taiwan, China:2005:724-728.
[77]韦宝典,刘景伟,王新梅.求S盒布尔函数表达式的一种新算法[J].通信学报,2003,24(11a):106-111.
[78]王衍波.AES的结构及其S-box分析[J].解放军理工大学学报(自然科学版),2002,3(3):13-17.
[79]王衍波.AES的S-盒中仿射变换的性质[J].解放军理工大学学报(自然科学版),2003,4(2):5-9.
[80]刘景伟,韦宝典等.AES S盒的密码特性分析[J]..西安电子科技大学学报(自然科学版),2004,31(2):255-259.
[81]郎荣玲,夏煜,戴冠中.高级加密标准(AES)算法的研究[J].小型微型计算机系统,2003,24(5):905-908.
[82]曾祥勇,张焕国.高级加密标准Mixcolumn变换设计分析[J].武汉大学学报,2003,49(5):597-600.
[83]曾祥勇,张焕国,刘合国.高级加密标准的差分特征[J].武汉大学学报,2004,50(1):60-64.
[84]李娜,陈卫红.一类S盒密码学性质的研究[A].第八届中国密码学学术会议3023号稿件.
[85]Ling-Guo Cui. A New S-box Structure Named Affine-Power-Affine[J]. International Journal of Innovative Computing, Information and Control,2007,3 (3):751-759.
[86]Jie Cui,Liusheng Huang,Hong Zhong,Chinchen Chang,Wei Yang. An improved AES S-box and its performance analysis [J]. International Journal of Innovative Computing, Information and Control,2011,7 (5):2291-2302.
[87]R.Elumalai,Dr.A.R.Reddy. Improving Diffusion Power of AES Rijndael with 8x8 MDS Matrix[J]. International Journal of Scientific & Engineering Research,2011,2 (3):1-6.
[88]贺金鑫,李文印.IC卡数据加密的研究与实现[J].吉林大学学报,2003,21(4):403-407.
[89]Mohan H.S,A. Raji Reddy. Revised AES and Its Modes of Operation[J]. International Journal of Information Technology and Knowledge Management,2012,5 (1):31-36.
[90]Dino Oliva,Rainer Buchty,Nevin Heintze. AES and The Cryptonite Crypto Processor[A]. Proceedings of the 2003 international conference on Compilers, architectures and synthesis for embedded systems[C].2003 (10):198-209.
[91]Cristian Chitu,Manfred Glesner. An FPGA implementation of the AES-Rijndael in OCB/ECB modes of operation[J]. Microelectronics Journal,2005, (36):139-146.
[92]I. Hussain,T. Shah,H. Mahmood. A New Algorithm to Construct Secure Keys for AES[J]. Int. J. Contemp. Math. Sciences,2010,5 (26):1263-1270.
[93]曹华平,杨义先.AES算法轮密钥与种子密钥之间的关系研究[J].北京邮电大学学报,2002,25(4):47-50.
[94]胡亮,刘傅超,袁巍,贾旭,林海群,贺瑞莲.Rijndael密钥生成算法存在的问题与改进[J].吉林大学学报:理学版,2009,47(6):1202-1210.
[95]Christopher Caltagirone,Kasi Anantha. High Throughput, Parallelized 128-bit AES Encryption in a Resource-Limited FPGA [A]. Proceedings of the 2003 international conference on Compilers, architectures and synthesis for embedded systems[C].2003 (7):240-241.
[96]方瑜,李声沛.IC卡预付费产品系统数据安全性的研究[J].电子与信息学报,2002,24(6):781-788.
[97]Douglas Frey. On Adaptive Chaotic Encoding[J]. IEEE Trans Circuits & System I,1998,45 (11):1200-1205.
[98]Geza Kolumban,Michael Peter Kennedy. The Role of Synchronization in Digital Communications Using Chaos-Part Ⅰ:Fundamentals of Digital Communications[J]. IEEE Trans Circuits & System Ⅰ,1997,44 (10):927-936.
[99]Geza Kolumban,Michael Peter Kennedy. The Role of Synchronization in Digital Communications Using Chaos-Part Ⅲ:Performance Bounds for Correlation Receivers[J]. IEEE Trans Circuits & System Ⅰ,2000,47 (12):1673-1683.
[100]K.Li,Y.C.Soh,Z.G.Li. Chaotic Cryptosystem With High Sensitivity to Parameter Mismatch[J]. IEEE Trans Circuits & System Ⅰ,2003,50 (4):579-583.
[101]Chang-Doo Lee,Bong-Jun Choi,Kyoo-Seok Park. Design and evaluation of a block encryption algorithm using dynamic-key mechanism[J]. Future Generation Computer Systems,2004,20 (1):327-338.
[102]Zhiqiang Liu,De Han. Dynamic encryption algorithm based on Rijndael[J]. Advanced Materials Research,2012, Mechatronics and Intelligent Materials Ⅱ490-495.
[103]王新房,马安光Rijndael算法代数性质及其七轮攻击[J].计算机工程与应用,2005,41(21):86-88.
[104]冯国柱,李超,多磊等.变形的Rijndael及其差分和统计特性[J].电子学报,2002,30(10):1544。1546.
[105]Jiqiang Lu,Orr Dunkelman,Nathan Keller,Jongsung Kim. Impossible Differential Attacks on AES[A]. INDOCRYPT 2008, LNCS 5365[C]. Springer-Verlag,2008:279-293.
[106]J Daemen,V Rijmen. The Wide Trail Design Strategy [A]. Cryptography and Coding[C]. Berlin:Springer-Verlag,2001:222-238.
[107]Joan Daemen,Vincent Rijmen. Security of a Wide Trail Design[EB/OL]. Available http://www.iaik.tugraz.at/aboutus/people/rijmen/indo.pdf,2002.
[108]Joan Daemen,Vincent Rijmen. AES and the wide trail design staregy[A]. Eurocrypt 2002[C]. Berlin:Spring-Verlag,2002:108-109.
[109]张国基,肖皇培.S盒的二次方程及一个新的设计准则[J].华南理工大学学报(自然科学版),2008,36(8):140-144.
[110]师军,张福泰,王耀燕,张永铂.高级加密标准Rijndael算法中的S盒及其实现[J].小型微型计算机系统,2003,24(7):1207-1209.
[111]T. Shah,I. Hussain,M.A. Gondal,H.Mahmood. Statistical analysis of S-box in Image encryption applications based on majority logic criterion[J]. International Journal of the Physical Sciences, 2011,6 (16):4110-4127.
[112]K Nyberg. Perfect Nonlinear S-boxes[A]. Advances in Cryptology-EUROCRYPT'91 Proceedings[C].1991:378-386.
[113]Iqtadar Hussain,Tariq Shah,Muhammad Asif Gondal,Waqar Ahmad Khan. Construction of Cryptographically Strong 8x8 S-boxes[J]. World Applied Sciences Journal 2011,13 (11): 2389-2395.
[114]马虹博,刘连浩.AES的S盒和逆S盒的代数表达式[J].计算机工程,2006,32(18):149-151.
[115]韦宝典,马文平,王新梅.AES S盒的代数表达式[J].西安电子科技大学学报(自然科学版),2003,30(1):29-32.
[116]温巧燕,钮心忻,杨义先.现代密码学中的布尔函数[M].北京:科学出版社,2000.
[117]Jung Hee,Dong Hoon Lee. Resistance of S-boxes against Algebraic Attacks [EB/OL]. Available http://www.math.snu.ac.kr/jhcheon/Published/2004_FSE/FSE04_CL.pdf,2004.
[118]Stanislav Bulygin,Michael Brickenstein. Obtaining and solving systems of equations in key variables only for the small variants of AES[J]. Mathematics in Computer Science,2010,3 (2): 185-200.
[119]肖皇培,张国基.Rijndael算法的代数方程系统改进[J].电子与信息学报,2008,30(10):2459-2463.
[120]Carlos Cid,Gaetan Leurent. An analysis of the XSL algorithm[A]. ASIACRYPT 2005, LNCS 3788[C]. Springer-Verlag,2005:333-345.
[121]Faugere J C,Gianni P,Lazard D,T, Mora. Efficient Computation of Zero-dimensional Grobner Bases by Change of Ordering[J]. Journal of Symbolic Computation,1993,16 (4):329-344.
[122]Faugere,Jean-Charles. A new efficient algorithm for computing Grobner bases without reduction to 0 F5[A]. Proceeding of ISSAC[C].:ACM press,2002:75-83.
[123]B. Buchberger. A Criterion for Detecting Unnecessary Reductions in the Construction of Grobner Bases [A]. Lecture Note in Computer Science[C].:Springer-Verlag,1979:84-90.
[124]Ajwa I A,Liu Zhoujun,Wang Paul. Grobner bases algorithm[EB/OL]. Available http://www.cm.mcs.kent.edu/reports/1995/gb.pdf,2007.
[125]Thomas Becker,Volker Weispfenning. Grobner bases-A computational approach to commutative algebra[M]. New York/Berlin:Springer-Verlag,1991.
[126]Satrajit Ghosh,Abhijit Das. An improvement of linearization-based algebraic attacks[A]. First International Conference InfoSecHiComNet 2011, LNCS 7011[C]. Springer-Verlag,2011: 157-167.
[127]David A. Cox,John B. Little,O'shea, Don. Ideals, Varieties, and Algorithms[M]. NY: Springer-Verlag,1996.
[128]刘木兰.Grobner基理论及其应用[M].北京:科学出版社,2000.
[129]J.Little D.Cox, and D.O'shea. Ideals, Varieties, and Algorithms:An Introduction to Computational Algebraic Geometry and Commutative Algebra[J]. Springer-verlag,1991.
[130]Jean-Charles Faugere,Joux, Antoine. Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Grobner Bases[A]. Advances in Cryptology-CRYPTO 2003 [C]. California:Springer-Verlag,2003 (LNCS 2729):44-60.
[131]S Bulygin, M Brickenstein. Obtaining and Solving Systems of Equations in Key Variables Only for the Small Variants of AES[J]. Mathematics in Computer Science,2010,3(2):185-200.
[2]Marie A. Wright. The Advanced Encryption Standard[J]. Network Security,2001, (10):11-13.
[3]S. Murphy. The Advanced Encryption Standard (AES)[J]. Information Security Technical Report,1999,4 (4):12-17.
[4]卢开澄.计算机密码学——计算机网络中的数据保密与安全(第三版)[M].北京:清华大学出版社,2003.
[5]N. Penchalaiah. Effective Comparison and evaluation of DES and Rijndael Algorithm (AES)[J]. International Journal on Computer Science and Engineering,2010,2 (5):1641-1645.
[6]刘景伟.分组密码中关键问题的研究[D]:[硕士学位论文].西安:西安电子科技大学,2004.
[7]冯登国.国内外密码学研究现状及发展趋势[J].通信学报,2002,23(5):18-26.
[8]胡予濮.分组密码的设计与安全性分析[D]:[博士学位论文].西安:西安电子科技大学,1999.
[9]刘景美,赵林森,王新梅.一种具有最小实现代价的AES改进方法[J].西安电子科技大学学报(自然科学版),2009,36(1):52-57.
[10]刘连浩,胡志勇.基于AES的十进制加密算法及其在预付费系统中的应用[J].长沙电力学院学报,2005,20(3):61-65.
[11]刘连浩.基于十进制的加密技术研究[J].小型微型计算机系统,2006,27(7):1229-1231.
[12]韦宝典.高级加密标准AES中若干问题的研究[D]:[博士学位论文].西安:西安电子科技大学,2003.
[13]B.D.C.N.Prasad,P E S N Krishna Prasad. A Performance Study on AES algorithms [J]. International Journal of Computer Science and Information Security,2010,8 (6):128-132.
[14]S. Murphy,Robshaw, M. New observations on Rijndael[EB/OL]. Available http://csrc.nist.gov/ encryption/aes,2000.
[15]曹立.高级加密标准的指数域性质[J].计算机研究与发展,2004,41(8):1404-1409.
[16]N Courtois,A Klimov,J Patarin,A Shamir. Efficient algorithms for solving overdefined systems of multivariate polynomial equations[A]. Proceedings of Eurocrypt 2000, LNCS 1807[C]. Springer-Verlag,2000:392-407.
[17]Susan Landau. Using Algebra to Design the Advanced Encryption Standard[J]. American Mathematical Monthly,2004,89 (2):89-117.
[18]N Courtois,J Pieprzyk. Cryptanalysis of block ciphers with overdefined systems of equations[A]. In Asiacrypt 2002, Volume 2501 of Lecture Notes in Computer Science[C]. Springer-Verlag:267-287.
[19]Robshaw M J B,Murphy S. Comments on the Security of the AES and the XSLTechnique[EB/OL]. Available http://www.cosic.esat.kuleuven.ac.be/nessie/reports/,2007.
[20]N Courtois.L Goubin,W Meier,Tacier, J. Solving underdefined systems of multivariate quadratic equations[A]. Proceedings of Public Key Cryptography 2002, LNCS 2274[C]. Springer-Verlag,2002:211-227.
[21]S. Murphy,Robshaw, M. J. B. Essential algebraic structure within the AES[A]. Advances in Cryrtology-CRYPTO 2002[C]. Amsterdam, Netherlands:Springer-Verlag,2002:1-16.
[22]Mr Z'aba,K Wong,E Dawson. Algebraic analysis of small scale LEX-BES [A], the 2nd International Cryptology Conference[C]. Penerbit Universiti, Universiti Teknikal Malaysia Melaka, Melaka, Malaysia:QUT ePrints,2010:77-82.
[23]Johannes Buchmann,Andrei Pyshkin,Ralf-Philipp Weinmann. Block ciphers sensitive to Grobner basis attacks [A]. CT-RSA 2006, LNCS 3860[C]. Springer-Verlag,2006:313-331.
[24]Johannes Buchmann,Andrei Pyshkin,Ralf-Philipp Weinmann. A zero-dimensional Grobner basis for AES-128[A]. FSE 2006, LNCS 4047[C]. Springer-Verlag,2006:78-88.
[25]Makoto Sugita,Mitsuru Kawazoe.Hideki Imai. Relation between XL algorithm and Grobner Bases Algorithms[EB/OL]. Available http://eprint.iacr.org/2004/112.pdf.
[26]肖国镇,白恩健,刘晓娟.AES密码分析的若干新进展[J].电子学报,2003,31(10):1549-1554.
[27]E Biham,A Shamir. Differential cryptanalysis of DES-like cryptosystems[J]. Journal of Cryptology,1991,4(1):3-72.
[28]陈勤,周律Rijndael分组密码与差分攻击[J].小型微型计算机系统,2003,24(4):676-679.
[29]Kilsoo Chun,Seungjoo Kim,Sangjin Lee. Differential and linear cryptanalysis for 2-round SPNs[J]. Information Processing Letters,2003, (87):277-282.
[30]Raphael C.-W. Phan. Impossible differential cryptanalysis of 7-round Advanced Encryption Standard (AES)[J]. Information Processing Letters,2004, (91):33-38.
[31]Hamid Mala,Mohammad Dakhilalian,Vincent Rijmen,Mahmoud Modarres-Hashemi. Improved Impossible Differential Cryptanalysis of 7-Round AES-128[A]. LNCS 6498[C]. Springer-Verlag,2010:282-291.
[32]王小云,冯登国,于秀源HAVAL-128的碰撞攻击[J].中国科学e辑信息科学,2005,35(4):405-416.
[33]郑世慧,王小云,王美琴等.SAFER++的差分分析[J].计算机工程与应用,2005,32(30):21-23.
[34]P Kocher,J Jaffe,B Jun. Differential Power Analysis[A]. Advanced in Cryptology-CRYPTO1 99[C]. California, USA:Springer Verlag,1999:388-397.
[35]P Kocher,J Jaffe,B Jun. Introduction to Differential Power Analysis and Related Attacks[EB/OL]. Available http://www.cryptography.com/dpa/technical/,1998.
[36]赵新杰,王韬,郭世泽,郑嫒媛.AES访问驱动Cache计时攻击[J].软件学报,2011,22(3):572-591.
[37]E Trichina,T Korkishko,K H Lee. Small Size, Low Power, Side Channel-Immune AES Coprocessor:Design and Synthesis Results[A].4th AES Conference, LNCS 3373[C]. Berlin: Springer-Verlag,2005.
[38]E Oswald,S Mangard,N Pramstaller,Rijmen, V. A Side-Channel Analysis Resistant Description of the AES S-box[A]. FSE 2005, LNCS[C]. Berlin:Springer-Verlag,2005.
[39]S B Ors,F Gurkaynak,E Oswald,B Preneel. Power-Analysis Attack on an ASIC AES Implementation[A]. In Proceedings of the 2004 International Symposium on Information Technology[C]. LasVegas NV, USA:IEEE Computer Society,2004.
[40]Emmanuel Prouff. DPA Attacks and S-Boxes[A]. Fast Software Encryption:12th International Workshop[C]. Paris:Springer Berlin/Heidelberg,2005:424-441.
[41]Christophe Clavier Eri Brier, Francis Olivier. Optimal Statistical Power Analysis[EB/OL]. Available http://ePrint.iacr.org./2003/152,2003.
[42]Wu Wen-Ling,He Ye-Ping,Feng Deng-Guo,Qing Si-Han. Power Attack of MARS and Rijndael[J]. Journal of Software,2002,13 (4):532-536.
[43]吴文玲,冯登国,卿斯汉.简评美国公布的15个AES候选算法[J].软件学报,1999,10(3):225-230.
[44]刘政林,韩煜,邹雪城,陈毅成.一种基于最大偏差的AES功耗分析攻击方法[J].计算机研究与发展,2009,46(3):370-376.
[45]E Oswald,S Mangard,N Pramstaller. Secure and Efficient Masking of AES——A Mission Impossible? [R]. Graz, Austria:Institute for Applied Information Processing and Communication,University of Technology Graz,2004.
[46]J-S Coron,L Goubin. On Boolean and arithmetic masking against differential power analysis[A]. Cryptographic Hardware and Embedded Systems-CHES 2000, LNCS 1965[C]. Berlin: Springer-Verlag,2000:231-237.
[47]Kai Schramm,Christof Paar. Higher Order Masking of the AES[A]. CT-RSA 2006[C]. Berlin: Springer-Verlag Berlin Heidelberg,2006:208-225.
[48]J Daemen,V Rijmen. Resistance Against Implementation Attacks:A Comparative Study of the AES Proposals[A]. In Proceedings of the Second AES Candidate Conference (AES2)[C]. Rome, Italy:1999. http://csrc.nist.gov/encryption/aes/aes_home.htm.
[49]M-L Akkar,C Giraud. An Implementation of DES and AES, Secure against Some Attacks[A]. Workshop on Cryptographic Hardware and Embedded Systems-CHES 2001, LNCS 2162[C]. Berlin:Springer-Verlag,2001:309-318.
[50]J D.Golic,C Tymen. Multiplicative Masking and Power Analysis of AES[A]. B.S.Kaliski Jr., C.K.Koc, C.Paar(Ed). Cryptographic Hardware and Embedded Systems-CHES 2002, LNCS 2523[C]. Berlin:Springer-Verlag,2003:198-212.
[51]J Blomer,J G Merchan,V Krummel. Provably Secure Masking of AES[EB/OL]. SAC 2004, LNCS 3357:69-83, Springer-Verlag.Available http://eprint.iacr.org/2004/101,2005.
[52]N Courtois,L Goubin. An Algebraic Masking Method to Protect AES Against Power Attacks [EB/OL]. Available http://eprint.iacr.org/2005,2005.
[53]E.Trichina. Combinational logic design for aes subbyte transformation on masked data[EB/OL]. IACR.Available http://eprint.iacr.org/2003/236,2003.
[54]J Daemen,L Knudsen,V Rijnmen. The block cipher Square[A]. Fast Software Encryption,4'th International Workshop[C]. Haifa, Israel:Springer-Verlag,1997:149-165.
[55]曾游,戚文峰.AES算法攻击方法的改进[J].信息工程大学学报,2003,4(2):14-17.
[56]韦宝典,刘东苏,王新梅Square-6攻击的修正方案[J].西安电子科技大学学报(自然科学版),2004,31(1):67-71.
[57]多磊,李超.Rijndael密码的逆序Square攻击[J].电子与信息学报,2004,26(1):65-71.
[58]Yu Sasaki. Known-Key Attacks on Rijndael with Large Blocks and Strengthening ShiftRow Parameter[J]. IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences,2012, E95-A(1):21-28.
[59]Yi-Shiung Yeh,Chen-Yu Lee,Ting-Yu Huang,Chu-Hsing Lin. A Transpositional Advanced Encryption Standard (AES) Resists 3-round Square Attack[J]. International Journal of Innovative Computing, Information and Control,2009,5 (5):1253-1264.
[60]魏悦川,孙兵,李超.对Rijndael-256算法新的积分攻击[J].电子学报,2011,39(2):476-480.
[61]Marine Minier,Raphael C.-W. Phan,Benjamin Pousse. On integral distinguishers of Rijndael family of ciphers[J]. Cryptologia,2012,36 (2):104-118.
[62]S Galice,M Minier. Improving Integral Attacks Against Rijndael-256 Up to 9 RoundsfA]. LNCS 5023[C]. Springer-Verlag,2008:1-15.
[63]J Kim,S Hong,B Preneel. Related-key rectangle attacks on reduced AES-192 and AES-256[A]. FSE2007, LNCS 4593 [C]. Springer-Verlag,2007:225-241.
[64]Eli Biham,Orr Dunkelman,Nathan Keller. Related-key boomerang and rectangle attacks[A]. EUROCRYPT'05, LNCS 3494[C]. Springer-Verlag,2005:507-525.
[65]Alex Biryukov,Dmitry Khovratovich,Ivica Nikolid. Distinguisher and Related-Key Attack on the Full AES-256 [A]. Fast Software Encryption, Advances in Cryptology-CRYPTO 2009, LNCS 5677[C]. Springer-Verlag,2009:231-249.
[66]Alex Biryukov,Dmitry Khovratovich. Related-Key Cryptanalysis of the Full AES-192 and AES-256[A]. ASIACRYPT 2009, LNCS 5912[C]. Springer-Verlag,2009:1-18.
[67]N Ferguson,R Shroeppel,D Whiting. A simple algebraric representation of Rijndael[A]. Proceedings of Selected Areas in Cryptography[C]. Las Vegas,USA:Springer-Verlag,2001: 103-111.
[68]韦宝典,刘东苏,王新梅.一种新的Square攻击[J].西安电子科技大学学报(自然科学版),2003,30(7):473-476.
[69]Stefan Lucks. Attacking Seven Rounds of Rijndael under 192-bit and 256-bit Keys[A]. AES3 Proceedings[C].2000:215-229.
[70]Huseyin Demirci,Ali Aydin Selcuk. A Meet-in-the-Middle Attack on 8-Round AES[A]. Proceedings of Fast Software Encryption 2008, LNCS 5086[C]. Springer-Verlag,2008: 116-126.
[71]N. Ferguson,J. Kelsey,B. Schneier. Improved Cryptanalysis of Rijndael[A]. Fast Software Encryption 2000[C]. Springer LNCS,2000.
[72]刘建东,关杰,刘亚斌,马军Rijndael-128/1927圈的密钥相关攻击[J].通信学报,2003,24(6):144-150.
[73]Orr Dunkelman,Nathan Keller,Adi Shamir. Improved single-key attacks on 8-round AES-192 and AES-256[A]. ASIACRYPT 2010, LNCS 6477[C]. Springer-Verlag,2010:158-176.
[74]Cui Jie,Huang Liusheng,Zhong Hong,Yang Wei. Improved related-key attack on 7-round AES-128/256[A]. ICCSE 2010[C]. IEEE Computer Society,2010:462-466.
[75]Jie Cui,Hong Zhong,Runhua Shi. New related-key attack on 7-round Rijndael-128/256[J]. Journal of computational information systems,2012,8 (14):5893-5900.
[76]L. Jingmei,W. Baodian,C. Xiangguo,Et Al. An AES S-Box to Increase Complexity and Cryptographic Analysis[A].19th International Conference on Advanced Information Networking and Applications[C]. Taiwan, China:2005:724-728.
[77]韦宝典,刘景伟,王新梅.求S盒布尔函数表达式的一种新算法[J].通信学报,2003,24(11a):106-111.
[78]王衍波.AES的结构及其S-box分析[J].解放军理工大学学报(自然科学版),2002,3(3):13-17.
[79]王衍波.AES的S-盒中仿射变换的性质[J].解放军理工大学学报(自然科学版),2003,4(2):5-9.
[80]刘景伟,韦宝典等.AES S盒的密码特性分析[J]..西安电子科技大学学报(自然科学版),2004,31(2):255-259.
[81]郎荣玲,夏煜,戴冠中.高级加密标准(AES)算法的研究[J].小型微型计算机系统,2003,24(5):905-908.
[82]曾祥勇,张焕国.高级加密标准Mixcolumn变换设计分析[J].武汉大学学报,2003,49(5):597-600.
[83]曾祥勇,张焕国,刘合国.高级加密标准的差分特征[J].武汉大学学报,2004,50(1):60-64.
[84]李娜,陈卫红.一类S盒密码学性质的研究[A].第八届中国密码学学术会议3023号稿件.
[85]Ling-Guo Cui. A New S-box Structure Named Affine-Power-Affine[J]. International Journal of Innovative Computing, Information and Control,2007,3 (3):751-759.
[86]Jie Cui,Liusheng Huang,Hong Zhong,Chinchen Chang,Wei Yang. An improved AES S-box and its performance analysis [J]. International Journal of Innovative Computing, Information and Control,2011,7 (5):2291-2302.
[87]R.Elumalai,Dr.A.R.Reddy. Improving Diffusion Power of AES Rijndael with 8x8 MDS Matrix[J]. International Journal of Scientific & Engineering Research,2011,2 (3):1-6.
[88]贺金鑫,李文印.IC卡数据加密的研究与实现[J].吉林大学学报,2003,21(4):403-407.
[89]Mohan H.S,A. Raji Reddy. Revised AES and Its Modes of Operation[J]. International Journal of Information Technology and Knowledge Management,2012,5 (1):31-36.
[90]Dino Oliva,Rainer Buchty,Nevin Heintze. AES and The Cryptonite Crypto Processor[A]. Proceedings of the 2003 international conference on Compilers, architectures and synthesis for embedded systems[C].2003 (10):198-209.
[91]Cristian Chitu,Manfred Glesner. An FPGA implementation of the AES-Rijndael in OCB/ECB modes of operation[J]. Microelectronics Journal,2005, (36):139-146.
[92]I. Hussain,T. Shah,H. Mahmood. A New Algorithm to Construct Secure Keys for AES[J]. Int. J. Contemp. Math. Sciences,2010,5 (26):1263-1270.
[93]曹华平,杨义先.AES算法轮密钥与种子密钥之间的关系研究[J].北京邮电大学学报,2002,25(4):47-50.
[94]胡亮,刘傅超,袁巍,贾旭,林海群,贺瑞莲.Rijndael密钥生成算法存在的问题与改进[J].吉林大学学报:理学版,2009,47(6):1202-1210.
[95]Christopher Caltagirone,Kasi Anantha. High Throughput, Parallelized 128-bit AES Encryption in a Resource-Limited FPGA [A]. Proceedings of the 2003 international conference on Compilers, architectures and synthesis for embedded systems[C].2003 (7):240-241.
[96]方瑜,李声沛.IC卡预付费产品系统数据安全性的研究[J].电子与信息学报,2002,24(6):781-788.
[97]Douglas Frey. On Adaptive Chaotic Encoding[J]. IEEE Trans Circuits & System I,1998,45 (11):1200-1205.
[98]Geza Kolumban,Michael Peter Kennedy. The Role of Synchronization in Digital Communications Using Chaos-Part Ⅰ:Fundamentals of Digital Communications[J]. IEEE Trans Circuits & System Ⅰ,1997,44 (10):927-936.
[99]Geza Kolumban,Michael Peter Kennedy. The Role of Synchronization in Digital Communications Using Chaos-Part Ⅲ:Performance Bounds for Correlation Receivers[J]. IEEE Trans Circuits & System Ⅰ,2000,47 (12):1673-1683.
[100]K.Li,Y.C.Soh,Z.G.Li. Chaotic Cryptosystem With High Sensitivity to Parameter Mismatch[J]. IEEE Trans Circuits & System Ⅰ,2003,50 (4):579-583.
[101]Chang-Doo Lee,Bong-Jun Choi,Kyoo-Seok Park. Design and evaluation of a block encryption algorithm using dynamic-key mechanism[J]. Future Generation Computer Systems,2004,20 (1):327-338.
[102]Zhiqiang Liu,De Han. Dynamic encryption algorithm based on Rijndael[J]. Advanced Materials Research,2012, Mechatronics and Intelligent Materials Ⅱ490-495.
[103]王新房,马安光Rijndael算法代数性质及其七轮攻击[J].计算机工程与应用,2005,41(21):86-88.
[104]冯国柱,李超,多磊等.变形的Rijndael及其差分和统计特性[J].电子学报,2002,30(10):1544。1546.
[105]Jiqiang Lu,Orr Dunkelman,Nathan Keller,Jongsung Kim. Impossible Differential Attacks on AES[A]. INDOCRYPT 2008, LNCS 5365[C]. Springer-Verlag,2008:279-293.
[106]J Daemen,V Rijmen. The Wide Trail Design Strategy [A]. Cryptography and Coding[C]. Berlin:Springer-Verlag,2001:222-238.
[107]Joan Daemen,Vincent Rijmen. Security of a Wide Trail Design[EB/OL]. Available http://www.iaik.tugraz.at/aboutus/people/rijmen/indo.pdf,2002.
[108]Joan Daemen,Vincent Rijmen. AES and the wide trail design staregy[A]. Eurocrypt 2002[C]. Berlin:Spring-Verlag,2002:108-109.
[109]张国基,肖皇培.S盒的二次方程及一个新的设计准则[J].华南理工大学学报(自然科学版),2008,36(8):140-144.
[110]师军,张福泰,王耀燕,张永铂.高级加密标准Rijndael算法中的S盒及其实现[J].小型微型计算机系统,2003,24(7):1207-1209.
[111]T. Shah,I. Hussain,M.A. Gondal,H.Mahmood. Statistical analysis of S-box in Image encryption applications based on majority logic criterion[J]. International Journal of the Physical Sciences, 2011,6 (16):4110-4127.
[112]K Nyberg. Perfect Nonlinear S-boxes[A]. Advances in Cryptology-EUROCRYPT'91 Proceedings[C].1991:378-386.
[113]Iqtadar Hussain,Tariq Shah,Muhammad Asif Gondal,Waqar Ahmad Khan. Construction of Cryptographically Strong 8x8 S-boxes[J]. World Applied Sciences Journal 2011,13 (11): 2389-2395.
[114]马虹博,刘连浩.AES的S盒和逆S盒的代数表达式[J].计算机工程,2006,32(18):149-151.
[115]韦宝典,马文平,王新梅.AES S盒的代数表达式[J].西安电子科技大学学报(自然科学版),2003,30(1):29-32.
[116]温巧燕,钮心忻,杨义先.现代密码学中的布尔函数[M].北京:科学出版社,2000.
[117]Jung Hee,Dong Hoon Lee. Resistance of S-boxes against Algebraic Attacks [EB/OL]. Available http://www.math.snu.ac.kr/jhcheon/Published/2004_FSE/FSE04_CL.pdf,2004.
[118]Stanislav Bulygin,Michael Brickenstein. Obtaining and solving systems of equations in key variables only for the small variants of AES[J]. Mathematics in Computer Science,2010,3 (2): 185-200.
[119]肖皇培,张国基.Rijndael算法的代数方程系统改进[J].电子与信息学报,2008,30(10):2459-2463.
[120]Carlos Cid,Gaetan Leurent. An analysis of the XSL algorithm[A]. ASIACRYPT 2005, LNCS 3788[C]. Springer-Verlag,2005:333-345.
[121]Faugere J C,Gianni P,Lazard D,T, Mora. Efficient Computation of Zero-dimensional Grobner Bases by Change of Ordering[J]. Journal of Symbolic Computation,1993,16 (4):329-344.
[122]Faugere,Jean-Charles. A new efficient algorithm for computing Grobner bases without reduction to 0 F5[A]. Proceeding of ISSAC[C].:ACM press,2002:75-83.
[123]B. Buchberger. A Criterion for Detecting Unnecessary Reductions in the Construction of Grobner Bases [A]. Lecture Note in Computer Science[C].:Springer-Verlag,1979:84-90.
[124]Ajwa I A,Liu Zhoujun,Wang Paul. Grobner bases algorithm[EB/OL]. Available http://www.cm.mcs.kent.edu/reports/1995/gb.pdf,2007.
[125]Thomas Becker,Volker Weispfenning. Grobner bases-A computational approach to commutative algebra[M]. New York/Berlin:Springer-Verlag,1991.
[126]Satrajit Ghosh,Abhijit Das. An improvement of linearization-based algebraic attacks[A]. First International Conference InfoSecHiComNet 2011, LNCS 7011[C]. Springer-Verlag,2011: 157-167.
[127]David A. Cox,John B. Little,O'shea, Don. Ideals, Varieties, and Algorithms[M]. NY: Springer-Verlag,1996.
[128]刘木兰.Grobner基理论及其应用[M].北京:科学出版社,2000.
[129]J.Little D.Cox, and D.O'shea. Ideals, Varieties, and Algorithms:An Introduction to Computational Algebraic Geometry and Commutative Algebra[J]. Springer-verlag,1991.
[130]Jean-Charles Faugere,Joux, Antoine. Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Grobner Bases[A]. Advances in Cryptology-CRYPTO 2003 [C]. California:Springer-Verlag,2003 (LNCS 2729):44-60.
[131]S Bulygin, M Brickenstein. Obtaining and Solving Systems of Equations in Key Variables Only for the Small Variants of AES[J]. Mathematics in Computer Science,2010,3(2):185-200.