Practical Related-Key Forgery Attacks on Full-Round TinyJAMBU-192/256

Research output: Contribution to journalArticlepeer-review


TinyJAMBU is one of the finalists in the NIST lightweight cryptography competition. It is considered to be one of the more efficient ciphers in the competition and has undergone extensive analysis in recent years as both the keyed permutation as well as the mode are new designs. In this paper we present a related-key forgery attack on the updated TinyJAMBU-v2 scheme with 256-and 192-bit keys. We introduce a high probability related-key differential attack where the differences are only introduced into the key state. Therefore, the characteristic is applicable to the TinyJAMBU mode and can be used to mount a forgery attack. The time and data complexity of the forgery are 233 using 214 related-keys for the 256-bit key version, and 243 using 216 related-keys for the 192-bit key version. For the 128-bit key we construct a related-key differential characteristic on the full keyed permutation of TinyJAMBU with a probability of 2−16 . We extend the related-key differential characteristics on TinyJAMBU to practical-time key-recovery attacks that extract the full key from the keyed permutation with a time and data complexity of 224, 221, and 219 for respectively the 128-, 192-, and 256-bit key variants. All characteristics are experimentally verified and we provide key nonce pairs that produce the same tag to show the feasibility of the forgery attack. We note that the designers do not claim related-key security, however, the attacks proposed in this paper suggest that the scheme is not key-commiting, which has been recently identified as a favorable property for AEAD schemes.

Original languageEnglish
Pages (from-to)176-188
Number of pages13
JournalIACR Transactions on Symmetric Cryptology
Issue number2
StatePublished - 2023

Bibliographical note

Publisher Copyright:
© 2023, Ruhr-University of Bochum. All rights reserved.


  • Differential cryptanalysis
  • Forgery
  • Related-Key
  • TinyJAMBU

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Computational Mathematics
  • Applied Mathematics


Dive into the research topics of 'Practical Related-Key Forgery Attacks on Full-Round TinyJAMBU-192/256'. Together they form a unique fingerprint.

Cite this