中文摘要：

消息认证码（MAC）是与密钥相关的单向Hash函数，不同的密钥会产生不同的Hash函数．因此接收者能在验证发送者的消息是否被篡改的同时，验证消息是由谁发送的．PMAC是由Black和Rogaway在2002年欧密会上提出的一种基于分组密码的可并行工作的MAC．2005年Mitchell在TMAC的基础上进行了改进提出了TMAC-V．文章利用模式的局部差分恒等原理，针对PMAC和TMAC-V两种工作模式，给出一种新的随机消息伪造攻击．该攻击可对随机消息的PMAC和TMAC-V进行伪造，伪造的成功概率均为86．5％，高于已有分析结果的概率63％．新方法对PMAC输出没有截断时的攻击复杂度为[0，2^n/2＋1,1，0]，PMAC输出有截断时的攻击复杂度为[0，2n/2＋1，[n／τ，2^n-τ]；对TMAC-V的伪造攻击复杂度为[0，2^n/2＋1，0]．

英文摘要：

A Message Authentication Code （ MAC ） is a hash function with secret key, which satisfies that different keys can induce different hash functions. Therefore, receiver can verify whether the message is forged from sender. At the same time, receiver can also verify who send the message. PMAC, a fully parallelizable MAC scheme based on block cipher, is proposed by Black and Rogaway in Eurocrypt 2002. In 2005, Mitchell presented TMAC-V to improve the security of TMAC. This paper presents a new forgery attack on PMAC and TMAC-V with random message, which make use of the principle of differential identical in part of the mode. The new attack can forge the PMAC and TMAC-V of random message, with a probability of 86.5% higher than 63% in the known reference. The complexity of this new attack is [-0,2n/z＋1, 1,0] for PMAC where no truncation is performed. For PMAC where truncation is performed, the complexity of this attack is [0,2^n/2＋1,1,0] , 2^n-τ]. And the complexity of this attack is [-0,2n/2＋1, 1,0] for TMAC- V.