流密码框架下的SM4专用认证加密算法  被引量：2

作　　者：李胡 彭长根 侯金秋[1,2] LI Hu;PENG Changgen;HOU Jinqiu(State Key Laboratory of Public Big Data,Guizhou University,Guiyang 550025,China;College of Computer Science and Technology,Guizhou University,Guiyang 550025,China)

机构地区：[1]公共大数据国家重点实验室,贵阳550025 [2]贵州大学计算机科学与技术学院,贵阳550025

出　　处：《计算机工程与应用》2024年第2期272-278,共7页Computer Engineering and Applications

基　　金：国家自然科学基金(U1836205,62272124);贵州省科技计划基金(黔科合重大专项字([2018]3001);黔科合支撑([2018]2159);黔科合平台人才([2020]5017))。

摘　　要：认证加密算法是能同时满足数据机密性与完整性的对称密码算法,在数据安全领域具有广泛应用。针对基于分组密码的认证加密算法的安全性以及效率需求,提出一种基于SM4轮函数的专用认证加密算法SMRAE。算法采用流密码思想,从SM4底层部件出发,结合Feistel结构设计状态更新函数用于轮变换,处理256 bit消息只需调用4个SM4轮函数指令。在初始化阶段将初始向量和密钥经过16轮迭代,使差分充分随机化;利用SM4加密消息,将生成的密文参与轮变换,实现状态更新和加密并行;解密时先进行消息认证,降低时间消耗,提高算法安全性。安全性分析与实验结果表明SMRAE能够抵抗伪造攻击、差分攻击和猜测攻击等主流攻击,效率高于AES-GCM,与SM4效率相当,具备一定的实用性。As a symmetric cryptographic primitive,authenticated encryption algorithm can satisfy data privacy and integ-rity simultaneously,which is widely used in the field of data security.Aiming at the security and efficiency requirements of the authenticated encryption algorithm based on block cipher,a specific authenticated encryption algorithm SMRAE based on SM4 is designed.The algorithm adopts the idea of stream cipher,starts from the bottom part of SM4,and com-bines the Feistel structure to design the state update function for round transformation.It only needs to call four SM4 round function instructions to process 256 bit messages.First,in the initialization phase,the initial vector and key are iter-ated for 16 rounds to fully randomize the difference.Second,the generated ciphertext by SM4 is involved in the round transformation to realize the state update and encryption parallel.Finally,the message authentication is performed before decryption to reduce the time consumption and improve the security of the algorithm.The security analysis and experi-mental results show that SMRAE can resist the mainstream attacks such as forgery attack,differential attack and guess attack.The efficiency of SMRAE is higher than AES-GCM,and it is equivalent to SM4,so SMRAE has certain practicability.

关 键 词：SM4 认证加密 分组密码 FEISTEL结构 流密码 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]