计算机工程与应用 ›› 2024, Vol. 60 ›› Issue (2): 272-278.DOI: 10.3778/j.issn.1002-8331.2210-0261

• 网络、通信与安全 • 上一篇    下一篇

流密码框架下的SM4专用认证加密算法

李胡,彭长根,侯金秋   

  1. 1.公共大数据国家重点实验室,贵阳 550025
    2.贵州大学 计算机科学与技术学院,贵阳 550025
  • 出版日期:2024-01-15 发布日期:2024-01-15

Specific Authenticated Encryption Algorithm Based on SM4 Under Framework of Stream Cipher

LI Hu, PENG Changgen, HOU Jinqiu   

  1. 1.State Key Laboratory of Public Big Data, Guizhou University, Guiyang 550025, China 2.College of Computer Science and Technology, Guizhou University, Guiyang 550025, China
  • Online:2024-01-15 Published:2024-01-15

摘要: 认证加密算法是能同时满足数据机密性与完整性的对称密码算法,在数据安全领域具有广泛应用。针对基于分组密码的认证加密算法的安全性以及效率需求,提出一种基于SM4轮函数的专用认证加密算法SMRAE。算法采用流密码思想,从SM4底层部件出发,结合Feistel结构设计状态更新函数用于轮变换,处理256?bit消息只需调用4个SM4轮函数指令。在初始化阶段将初始向量和密钥经过16轮迭代,使差分充分随机化;利用SM4加密消息,将生成的密文参与轮变换,实现状态更新和加密并行;解密时先进行消息认证,降低时间消耗,提高算法安全性。安全性分析与实验结果表明SMRAE能够抵抗伪造攻击、差分攻击和猜测攻击等主流攻击,效率高于AES-GCM,与SM4效率相当,具备一定的实用性。

关键词: SM4, 认证加密, 分组密码, Feistel结构, 流密码

Abstract: As a symmetric cryptographic primitive, authenticated encryption algorithm can satisfy data privacy and integrity simultaneously, which is widely used in the field of data security. Aiming at the security and efficiency requirements of the authenticated encryption algorithm based on block cipher, a specific authenticated encryption algorithm SMRAE based on SM4 is designed. The algorithm adopts the idea of stream cipher, starts from the bottom part of SM4, and combines the Feistel structure to design the state update function for round transformation. It only needs to call four SM4 round function instructions to process 256 bit messages. First, in the initialization phase, the initial vector and key are iterated for 16 rounds to fully randomize the difference. Second, the generated ciphertext by SM4 is involved in the round transformation to realize the state update and encryption parallel. Finally, the message authentication is performed before decryption to reduce the time consumption and improve the security of the algorithm. The security analysis and experimental results show that SMRAE can resist the mainstream attacks such as forgery attack, differential attack and guess attack. The efficiency of SMRAE is higher than AES-GCM, and it is equivalent to SM4, so SMRAE has certain practicability.

Key words: SM4, authenticated encryption, block cipher, Feistel structure, stream cipher