不可能差分分析是评估密码算法安全性的重要手段之一，本文从三个方面阐述了不可能差分分析及其相关技术在分组密码、轻量级分组密码以及 Hash 函数上的改进和应用。首先，本文对不可能差分路线的自动化搜索技术做了改进。我们探索了三个基本操作的输入输出差分之间的关联，将以字为单位的搜索策略在局部扩展到比特级。我们的算法还能兼容带弱密钥或输入输出差分满足一定条件的情况。本文以国际标准化算法 Camellia 为例，进行自动化搜索。对于7轮 Camellia 算法，该搜索方案共获得120条不可能差分路线。对于FL/FL-1层带弱密钥或输入输出差分满足一定限制条件的情况，该方案搜索到了124条7轮不可能差分路线和16条8轮不可能差分路线，结果包含之前文章中出现过的所有路线和大量新路线。我们基于一条新搜索到的路线对14轮Camellia-256进行了密钥恢复攻击，时间复杂度为2^{205.7}次加密，数据复杂度为2^{120.4}个选择明文，存储复杂度为2^{117}字节，攻击复杂度优于之前的不可能差分分析结果。其次，本文对轻量级分组密码PRINCE进行了不可能差分分析，并且通过建立详细的S盒差分分布表改进了时间复杂度。PRINCE算法是比较有代表性的算法之一，我们利用该算法中间对称的特点，基于线性操作分支结构的性质构造了一组4轮不可能差分特征，对6轮和7轮的PRINCE_core和PRINCE进行了不可能差分分析。之后，我们探究了PRINCE算法中S盒的性质，通过查表解密钥降低计算复杂度，进一步改进了6轮和7轮的分析结果，攻击复杂度低于之前同等轮数下其他方法的分析结果。并且，我们利用这一技巧成功实现了8轮PRINCE和PRINCE_core的不可能差分分析。最后，本文给出了不可能差分分析在海绵结构密码Hash函数区分攻击中的应用。密码Hash函数的区分攻击多采用零和法、飞去来器或反弹攻击等。而在海绵结构Hash函数中，置换函数的输入不完全可控，且输出只有截取为摘要的部分是已知的，常规的分析方法并不适用。考虑到Hash函数的置换函数与分组密码有一定的相似性，我们对典型海绵结构Hash函数Keccak算法进行不可能差分分析，通过分析轮函数中线性层的性质，获得了一组4轮置换函数的不可能差分特征。我们结合SHA3-512版本消息及摘要长度的限制，深入研究了非线性层的逆运算的性质，构造了一条可用的不可能差分特征并给出了4轮SHA3-512的不可能差分区分攻击。当数据量达到2^{8.21}个消息时，将4轮约减版的SHA3-512与随机函数区分开的成功率达到99%。

In the big data era, privacy security is attracting much attention. How to ensure the security of data in the process of transmission and storage is a critical factor to that problem. Modern cryptography is the foundation of information security. Virous mature cryptography systems are widely used in electronic communication equipment, internet transmission protocol and the technologies of cloud storage and big data.The security evaluation of cryptographic algorithm is an important part of cryptography, which is also a critical factor to promote the design and update of cryptographic standards. Cryptanalytic techniques among which the impossible differential analysis is an important one, is dominant in the security evaluation, and the optimal analysis results of virous block ciphers are based on the impossible differential analysis. There are plenty of applications and improvements of this technique since its presentation.This paper explore the applications and improvements of the impossible differential analysis and its related techniques on the block cipher, lightweight block cipher and Hash function, in order to promote the optimization and application of this technique.Firstly, This dissertation improves the techniques of automatically searching impossible differentials ( IDs ) for block ciphers. We explore the relations between the input and output differences of three operations, i.e., key-AND, key-OR and ROTATION, in order to extend the word-oriented searching techniques to partial-bit-oriented ones, and improves Wu \textit{et al.}'s work. The improvement technique enhances the searching capability, while ensuring the searching efficiency.Besides, since the searching algorithm on key-AND and key-OR is extended to bit-level, it is applicable for searching impossible differentials with restrictions on the subkeys or the input/output differences.Taking Camellia, an international standard adopted by ISO/IEC, as an example, we extend the automatic search of $FL/FL^{-1}$ layers to bit-level. The improved algorithm finds 120 IDs for 7-round Camellia with one $FL/FL^{-1}$ layer after the 6-th round.For impossible differentials with restrictions on the subkeys or the input/output differences of the $FL/FL^{-1}$ layers, our algorithm can also be adjusted to work, and detect 124 IDs for 7-round and 16 IDs for 8-round Camellia, including all the published impossible differentials and some new ones. Based on a new impossible differential, we perform an impossible differential attack on 14-round Camellia-256 with time complexity of $2^{205.7}$ encryptions, data complexity of $2^{120.4}$ chosen plaintexts and memory complexity of about $2^{117}$ bytes. The result is better than the previous impossible differential attacks on Camellia-256.The efforts that we make to improve the techniques of automatically searching to get more impossible differentials, play a positive role in improving the analysis results and the security evaluation of the ciphers.Secondly, we perform an impossible differential analysis on PRINCE, a lightweight block cipher, and reduce the time complexity of the key recovery stage by establishing a detailed differential distribution table of its S-box.The concept of lightweight block cipher is proposed in order to adapt to the limited computing resources. By simplifying operation and using special structures to reduce resource occupancy, lightweight block ciphers have a wide application prospect in the terminal equipments of the internet of things.PRINCE is a representative algorithm, whose core cipher called $\text{PRINCE}_{core}$ is symmetry and with a linear operation in the middle. We take advantage of its symmetrical characteristic and some observations on the linear operation $M'$ to construct a group of 4-round impossible differential characteristics. Based on these characteristics, impossible differential attacks on 6-round and 7-round $\text{PRINCE}_{core}$ and PRINCE are launched. The complexity of these attacks are better than the previous ones with the same rounds. Besides, we study the property of the Sbox in PRINCE. A table of input/output differences and the corresponding values of the Sbox is built, and looked up when the input and output differences of the Sbox are known, in order to reduce the time complexity. With this technique, the complexity of attacks on 6- and 7-round primitives is further reduced. Moreover, impossible differential analysis on 8-round PRINCE and $\text{PRINCE}_{core}$ are successfully performed with the complexity being less than the exhaustive search.At present, this is the optimal and result of impossible differential analysis for PRINCE.Finally, we tries to apply impossible differential analysis to the distinguisher attack on Hash function. The distinguish attack techniques on Hash function include Zero-sum, Boomerang and Second-order difference. However, for Hash functions with sponge construction, these techniques are usually applicable to analyze the permutation function instead of the Hash function. Considering the similarity of the sponge construction and the SPN construction of block cipher, we try to apply impossible differential analysis on Keccak, a typical sponge Hash function, which is selected as the winner of the SHA3 competition in 2012.In this dissertation, we presents a 4-round impossible differential characteristic of Keccak, basing on the property of the linear operation $\theta$ in the round function. Considering the size of the message and the digest of SHA3-512, we study the non-linear operation $\chi$ and find a property of its inverse operation. Based on the characteristic and the property, an impossible differential distinguish attack on 4-round SHA3-512 is performed. The success rate of this attack is $99\%$, when the data complexity is $2^{8.21}$. At present, this is an analysis with the lowest complexity under the same round number.