• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

计算机工程与科学 ›› 2022, Vol. 44 ›› Issue (12): 2140-2145.

• 计算机网络与信息安全 • 上一篇    下一篇

对认证加密算法Pyjamask的伪造攻击

贺水喻1,魏悦川1,2,潘峰1,2,畅利鹏1   

  1. (1.中国人民武装警察部队工程大学密码工程学院,陕西 西安 710086;
    2.中国人民武装警察部队网络与信息安全重点实验室,陕西 西安 710086)

  • 收稿日期:2021-12-10 修回日期:2022-04-11 接受日期:2022-12-25 出版日期:2022-12-25 发布日期:2023-01-04
  • 基金资助:
    陕西省基础基金面上项目(2021JM-254)

Forgery attack on the authenticated encryption algorithm Pyjamask

HE Shui-yu1,WEI Yue-chuan1,2,PAN Feng1,2,CHANG Li-peng1   

  1. (1.School of Cryptography Engineering,Engineering University of PAP,Xi’an 710086;
    2.Key Laboratory of Network and Information Security of PAP,Xi’an 710086,China)
  • Received:2021-12-10 Revised:2022-04-11 Accepted:2022-12-25 Online:2022-12-25 Published:2023-01-04

摘要: Pyjamask算法是入围LWC竞赛第2轮的竞选算法之一。该算法结构简单、轻量高效,具有良好的非线性部件并行运算能力,引起了大量密码学者的高度关注。目前该算法的安全性问题研究相对较少,迫切需要新一轮的安全性评估。基于Pyjamask的结构与参数的特点,提出了一种对明文进行伪造的方法,可以准确伪造出认证标签。理论分析表明:选择1组明文时成功概率为1,数据复杂度和时间复杂度可忽略不计;选择s+1组明文时成功概率也为1,但对所选数据要求较高。

关键词: Pyjamask算法, 伪造攻击, 认证加密

Abstract: Pyjamask algorithm is one of the campaign algorithms shortlisted in the second round of LWC competition. This algorithm has the advantages of simple structure, light weight and high efficiency, and good parallel computing ability of nonlinear components, which has attracted the attention of many cryptographers. At present, there are relatively few researches on the security of this algorithm, and a new round of security evaluation is urgently needed. Based on the characteristics of Pyjamasks structure and adjustment parameters, this paper proposes a method for forging plaintexts, which can accurately forge authentication tags. Theoretical analysis shows that the success probability is 1 with negligible data complexity and time complexity when selecting a set of plaintexts, and the success probability is also 1 with high selected data requirements when selecting s+1 sets of plaintexts.


Key words: Pyjamask algorithm, forgery attack, authenticated encryption