• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.05a
• /
• pp.126-128
• /
• 2023

본 논문에서는 2-bit RISC-V 프로세서 상에서의 경량 블록 암호인 SPECK의 CTR 운용 모드에 대한 최적 구현을 제안한다. RISC-V 상에서의 SPECK 단일 평문과 2개의 평문에 대한 최적화와 고정된 논스 값을 사용하는 CTR 운용모드의 특징을 활용하여 일부 값에 대해 사전 연산을 하는 라운드 함수 최적화를 제안한다. 결과적으로, 레퍼런스 대비 제안된 기법은 단일 평문과 2개의 평문에 대해 각각 5.76배 2.24배 성능 향상을 확인하였으며, 사전 연산 기법을 적용하지 않은 최적 구현 대비 사전 연산 기법을 적용하였을 때, 1% 성능 향상을 확인하였다.

• Journal of IKEEE
• /
• v.24 no.2
• /
• pp.468-474
• /
• 2020

This paper describes the hardware implementation of SPECK, a lightweight block cipher algorithm developed for the security of applications with limited resources such as IoT and wireless sensor networks. The block cipher SPECK crypto-core supports 8 block/key sizes, and the internal data-path was designed with 16-bit for small gate counts. The final round key to be used for decryption is pre-generated through the key initialization process and stored with the initial key, enabling the encryption/decryption for consecutive blocks. It was also designed to process round operations and key scheduling independently to increase throughput. The hardware operation of the SPECK crypto-core was validated through FPGA verification, and it was implemented with 1,503 slices on the Virtex-5 FPGA device, and the maximum operating frequency was estimated to be 98 MHz. When it was synthesized with a 180 nm process, the maximum operating frequency was estimated to be 163 MHz, and the estimated throughput was in the range of 154 ~ 238 Mbps depending on the block/key sizes.

• Journal of Advanced Navigation Technology
• /
• v.16 no.3
• /
• pp.510-517
• /
• 2012

Piccolo-80 is a 64-bit ultra-light block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose a differential fault analysis on Piccolo-80. Based on a random byte fault model, our attack can the secret key of Piccolo-80 by using the exhaustive search of $2^{24}$ and six random byte fault injections on average. It can be simulated on a general PC within a few seconds. This result is the first known side-channel attack result on Piccolo-80.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.851-854
• /
• 2015

수중음파통신은 물속에서 지상과는 달리 음파를 사용하여 통신한다. 또한 제한된 전력과 자원을 사용하기 때문에 최소한의 연산으로 본래의 목적을 수행해야만 하는 조건이 따른다. 따라서 수중음파통신에 보안을 적용하기 위해서는 기밀성과 안전성도 중요하지만 무엇보다 가용성을 고려한 보안설계가 중요하다. 본 논문은 제한된 전력과 자원 환경에서 동작하는 수중음파통신용 MAC 프로토콜에 가용성이 부각할 수 있는 LEA 블록암호알고리즘의 적용방안을 논하고자 한다. 또한 기존의 AES(Advanced Encryption Standard)와 ARIA(Academy, Research Institute, Agency) 블록암호알고리즘과의 성능분석을 통해 LEA의 우수성과 수중음파통신에 적합성을 보이고자 한다.

• Smart Media Journal
• /
• v.6 no.3
• /
• pp.9-14
• /
• 2017

This paper is a study on the hardware implementation of the encryption and decryption block of the lightweight block cipher algorithm LEA which can be used for tiny devices in IoT environment. It accepts all secret keys with 128 bit, 192 bit, and 256 bit sizes and aims at the integrated implementation of encryption and decryption functions. It describes design results of applying pipeline method for performance enhancement. When a decryption function is executed, round keys are used in reverse order of encryption function. An efficient hardware implementation method for minimizing performance degradation are suggested. Considering the number of rounds are 24, 28, or 32 times according to the size of secret keys, pipeline of LEA is implemented so that 4 round function operations are executed in each pipeline stage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.253-260
• /
• 2015

The side-channel attack is widely known as an attack on implementations of cryptographic algorithms using additional side-channel information such as power traces, electromagnetic waves and sounds. As a countermeasure of side channel attack, the masking method is usually used, however full-round masking makes the efficiency of ciphers dramatically decreased. In order to avoid such a loss of efficiency, one can use reduced-round masking. In this paper, we describe a side channel attack on the lightweight block cipher LEA with the first one~six rounds masked. Our attack is based on differentials and power traces which provide knowledge of Hamming weight for the intermediate data computed during the enciphering of plaintexts. According to our experimental result, it is possible to recover 25 bits of the first round key in LEA-128.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.391-404
• /
• 2022

Aron Gohr proposed a cryptanalysis method based on deep learning technology for the lightweight block cipher Speck. This is a method that enables a chosen plaintext attack with higher accuracy than the classical differential cryptanalysis. In this paper, by using the probability distribution, we analyze the mechanism of such deep learning based cryptanalysis and propose the results applied to the lightweight block cipher Simon. In addition, we examine that the probability distributions of the predicted values of the neural networks within the cryptanalysis working processes are different depending upon the characteristics of round functions of Speck and Simon, and suggest a direction to improve the efficiency of the neural distinguisher which is the core technology of Aron Gohr's cryptanalysis.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.201-204
• /
• 2021

PIPO 경량 블록암호는 ICISC'20에서 발표된 암호이다. 본 논문에서는 PIPO의 단일 평문 최적화 구현과 4평문 병렬 구현을 제안한다. 단일 평문 최적화 구현은 Rlayer의 최적화와 키스케쥴을 포함하지 않은 구현을 진행하였다. 결과적으로 키스케쥴을 포함하는 기존 연구 대비 70%의 성능 향상을 확인하였다. 4평문의 경우 32-bit 레지스터를 최대한 활용하여, 레지스터 내부 정렬과 Rlayer의 최적화 구현을 진행하였다. 또한 Addroundkey 구현에서 메모리 최적화 구현과 속도 최적화 구현을 나누어 구현하였다. 메모리 사용을 줄인 메모리 최적화 구현은 단일 평문 구현 대비 80%의 성능 향상을 확인하였고, 암호화 속도를 빠르게 구현한 속도 최적화 구현은 단일 평문 구현 대비 157%의 성능 향상을 확인하였다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.6
• /
• pp.181-188
• /
• 2023

Block cipher is not expected to be safe for quantum computer, as Grover's algorithm reduces the security strength by accelerating brute-force attacks on symmetric key ciphers. So it is necessary to check the post-quantum security strength by implementing quantum circuit for the target cipher. In this paper, we propose the optimal quantum circuit implementation result designed as a technique to minimize the use of quantum resources (qubits, quantum gates) for SIMECK lightweight cryptography, and explain the operation of each quantum circuit. The implemented SIMECK quantum circuit is used to check the estimation result of quantum resources and calculate the Grover attack cost. Finally, the post-quantum strength of SIMECK lightweight cryptography is evaluated. As a result of post-quantum security strength evaluation, all SIMECK family cipher failed to reach NIST security strength. Therefore, it is expected that the safety of SIMECK cipher is unclear when large-scale quantum computers appear. About this, it is judged that it would be appropriate to increase the block size, the number of rounds, and the key length to increase the security strength.

• Journal of KIISE
• /
• v.43 no.11
• /
• pp.1245-1258
• /
• 2016

Cryptographic technologies providing confidentiality and integrity such as encryption algorithms and message authentication codes (MACs) are necessary for preventing security threats in the Internet of Things (IoT) where various kinds of devices are interconnected. As a number of encryption schemes that have passed security verification are not necessarily suitable for low-power and low-performance IoT devices, various lightweight cryptographic schemes have been proposed. However, a study of lightweight MACs is not sufficient in comparison to that of lightweight block ciphers. Therefore, in this paper, we reviewed various kinds of MACs for their classification and analysis and then, we presented a new way for future MAC development. We also implemented major MAC algorithms and performed experiments to investigate their performance degradation on low-end micro-controllers.