This paper designs Z cipher scheme to satisfy the security requirements for mobile ends, including the identity authentication and key exchange. The design of Z cipher is dynamic in the way that the algorithm structure depends on the user's key, which is different from known ciphers with static structure and different keys for different users. This means that different users have different encryption logic which appears not only in different cipher parameters, but also in different logic layers, different operations, different components, and different data processing. This dynamic feature makes the Z cipher algorithm secure against static attacks. We call this Z's characteristics as `different user, different algorithm'. Some new security concepts are proposed, such as instance security, system security and distance security, which expands the security measures of traditional block ciphers. The users can update their keys and hence the cipher structures periodically or occasionally. Furthermore, the encryption algorithms in Z cipher scheme can be provided in the form of executable code, so it is easy to use and manage in software.
郑建华, 任盛, 靖青, 宋若虎. Z密码算法设计方案[J]. 密码学报, 2018, 5(6): 579-590.
ZHENG J H, REN S, JING Q, SONG R H. Z Cipher Scheme. Journal of Cryptologic Research, 2018, 5(6): 579-590.
[1] Internet Society of China. Investigation report on the rights and interests of Chinese netizens (2015)[OL]. http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057724/n3057732/c355530/part/3555531.pdf.
中国互联网协会. 中国网民权益调查报告(2015)[OL]. http://www.miit.gov.cn/n1146285/n1146352 /n3054355/n3057724/n3057732/c355530/part/3555531.pdf.
[2] The Central Bank with Ministries and Commissions. Guiding opinions on promoting the healthy developmant of Internet finance[OL]. 2015. http://www.gov.cn/xinwen/2015-07/18/content-2899360.htm.
人民银行等十部委. 关于促进互联网金融健康发展的指导意见[OL]. 2015. http://www.gov.cn/xinwen/2015-07/18/content-2899360.htm.
[3] Ministy of Industry and Information Technology. Guidance on strenthening network security work in elecommunication and Internet industries[OL]. 2015. http://www.miit.gov.cn/n1146295/n165285n/n1652930/n3757020/c3764760/content.html.
工业和信息化部. 工业和信息化部关于加强电信和互联网行业网络安全工作的指导意见[OL]. 2015.
http://www.miit.gov.cn/n1146295/n165285n/n1652930/n3757020/c3764760/content.html.
[4] CRYPTREC: Specifications of E-Government Recommended Ciphers (2013)[OL].http://www.cryptrec.go.jp/english/method.html.
[5] International Organization for Standardization (ISO). International Standard-ISO/IEC 18033-3: Information technology-Security techniques-Encryption algorithms-Part 3: Block Ciphers[S]. 2010.
[6] NESSIE: New European Schemes for Signatures, Integrity, and Encryption[R]. Final Report of European Project IST-1999-12324.
[7] BIHAM E, SHAMIR A. Differential cryptanalysis of DES-like cryptosystems[J]. Journal of Cryptology, 1991, 4(1): 3–72. [DOI: 10.1007/BF00630563]
[8] SELUK A A, BICAK A. On probability of success in linear and differential cryptanalysis[C]. In: Security in Communication Networks—SCN 2002. Springer Berlin Heidelberg, 2002: 174–185. [DOI: 10.1007/3-540-36413-7_13]