分组密码工作模式的研究现状_吴文玲.pdf

吴文玲 冯登国 ( 中国科学院软件研究所信息安全国家重点实验室 北京 100080) 分组密码工作模式是利用分组密码解决实际问题的密码方案. 好的工作模式可以弥补分组密码的某些缺 憾; 相反, 不好的工作模式可能带来安全隐患. 工作模式的研究始终伴随着分组密码的研究历史, 新的分组密码标 准的推出, 都会伴随着相应工作模式的研究. 从针对 DES 的 ECB、CBC、CFB 和 OFB, 到针对 AES 的 CTR、CCM、 CMAC、GCM 和 AESKW, 作者以各种模式标准为主线, 介绍分组密码工作模式的设计理念、安全模型、二十多年的 研究成果以及发展现状. 工作模式; 分组密码; 加密; 认证; H ash函数 TP 09 The State-of-Th e-A rt of Research on B lock C iph erM ode of Op eration WU W en-L ing FENG Deng-Guo (S tateK ey Laboratory of Inf orm ation Security, Institute of Sof tw are, Ch inese A cademy of S ciences, Bejiing 100080) Abs tract A mode of operation, ormode, for short, is an algorithm that features the use of a symm etric key block cipher algorithm to provide an inform ation service, such as confidentiality or authentication. A good mode can rem edy somew eaknesses of block cipher, on the other hand, a poorly designedmodem ay be insecure even though the underlying block cipher is good. The research ofmode alw ays goesw ith the developm ent of block cipher. W ith the advent of new block ciphers, there is a need to update long-stand- ing modes of operation and an opportun ity to consider the development of new modes. From the ECB, CBC, CFB and OFB modes of DES to CTR, CCM, CMAC, GCM andAESKW modes of AES, the authors introduce the design rationales, security model, research resu lts and the state-of-the-art of research on block cipher mode of operation in th is paper. K eyw ord s mode of operation; block cipher; encryption; authentication; hash function