Chosen Message Attack Against Mukherjee-Ganguly-Chaudhuri’s Message Authentication Scheme

摘要

Since Wolfram proposed to use cellular automata as pseudorandom sequence generators, many cryptographic applications using cellular automata have been introduced. One of the recent one is Mukherjee, Ganguly, and Chaudhuri’s message authentication scheme using a special class of cellular automata called Single Attractor Cellular Automata (SACA). In this paper, we show that their scheme is vulnerable to a chosen-message attack, i.e., the secret key can be recovered by an attacker using only several chosen message-MAC pairs. The weakness of the scheme results from the regularity of SACA.