• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.285-287
• /
• 2014

This paper describes a design of area-efficient/low-power cryptographic processor for lightweight block cipher algorithm HIGHT which was approved as a cryptographic standard by KATS and ISO/IEC. The HIGHT algorithm which is suitable for the security of IoT(Internet of Things), encrypts a 64-bit plain text with a 128-bit cipher key to make a 64-bit cipher text, and vice versa. For area-efficient and low-power implementation, we adopt 32-bit data path and optimize round transform block and key scheduler to share hardware resources for encryption and decryption.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.339-340
• /
• 2018

본 논문에서는 경량 블록암호 알고리듬 TWINE의 하드웨어 설계에 대해 기술한다. TWINE은 80-비트 또는 128-비트의 마스터키를 사용하여 64-비트의 평문(암호문)을 암호(복호)하여 64-비트의 암호문(평문)을 만드는 대칭키 블록암호이며, s-box와 XOR만 사용하므로 경량 하드웨어 구현에 적합하다는 특징을 갖는다. 암호화 연산과 복호화 연산의 하드웨어 공유를 통해 게이트 수가 최소화 되도록 구현하였으며, 설계된 TWINE 크립토 코어는 RTL 시뮬레이션을 통해 기능을 검증하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1071-1078
• /
• 2018

Recently, a family of lightweight block ciphers CHAM that has effective performance on resource-constrained devices is proposed. The CHAM uses a stateless-on-the-fly key schedule method which can reduce the key storage areas. Furthermore, the core design of CHAM is based on ARX(Addition, Rotation and XOR) operations which can enhance the computational performance. Nevertheless, we point out that the CHAM algorithm may be vulnerable to the fault injection attack which can reveal 4 round keys and derive the secret key from them. As a simulation result, the proposed fault injection attack can extract the secret key of CHAM-128/128 block cipher using about 24 correct-faulty cipher text pairs.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.39-46
• /
• 2015

This paper describes hardware implementation of the encryption block of the '128 bit block cipher LEA' among various lightweight encryption algorithms for IoT (Internet of Things) security. Round function blocks and key-schedule blocks are designed by parallel circuits for high throughput. The encryption blocks support secret-key of 128 bits, and are designed by FSM method and 24/n stage(n=1, 2, 3, 4, 8, 12) pipeline methods. The LEA-128 encryption blocks are modeled using Verilog-HDL and implemented on FPGA, and according to the synthesis results, minimum area and maximum throughput are provided.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.888-894
• /
• 2015

This paper describes an efficient hardware design of Lightweight Encryption Algorithm (LEA) developed by National Security Research Institute(NSRI). The LEA crypto-processor supports for master key of 128-bit. To achieve small-area and low-power implementation, an efficient hardware sharing is employed, which shares hardware resources for encryption and decryption in round transformation block and key scheduler. The designed LEA crypto-processor was verified by FPGA implementation. The LEA core synthesized with Xilinx ISE has 1,498 slice elements, and the estimated throughput is 216.24 Mbps with 135.15 MHz.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.229-231
• /
• 2021

In this paper, we describe a hardware design of the SIMECK block cipher algorithm that can be implemented in lightweight hardware with appropriate security strength. To achieve fast encryption and decryption operations, it was designed using two-step method that reduces the number of operation rounds. The designed SIMECK cryptographic core was implemented in Arty S7-50 FPGA device and its hardware operation was verified with a GUI using Python.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1163-1170
• /
• 2016

A hardware implementation of ultra-lightweight block cipher algorithm PRESENT which was specified as a standard for lightweight cryptography ISO/IEC 29192-2 is described. The PRESENT crypto-processor supports two key lengths of 80 and 128 bits, as well as four modes of operation including ECB, CBC, OFB, and CTR. The PRESENT crypto-processor has on-the-fly key scheduler with master key register, and it can process consecutive blocks of plaintext/ciphertext without reloading master key. In order to achieve a lightweight implementation, the key scheduler was optimized to share circuits for key lengths of 80 bits and 128 bits. The round block was designed with a data-path of 64 bits, so that one round transformation for encryption/decryption is processed in a clock cycle. The PRESENT crypto-processor was verified using Virtex5 FPGA device. The crypto-processor that was synthesized using a $0.18{\mu}m$ CMOS cell library has 8,100 gate equivalents(GE), and the estimated throughput is about 908 Mbps with a maximum operating clock frequency of 454 MHz.

• Smart Media Journal
• /
• v.6 no.3
• /
• pp.9-14
• /
• 2017

This paper is a study on the hardware implementation of the encryption and decryption block of the lightweight block cipher algorithm LEA which can be used for tiny devices in IoT environment. It accepts all secret keys with 128 bit, 192 bit, and 256 bit sizes and aims at the integrated implementation of encryption and decryption functions. It describes design results of applying pipeline method for performance enhancement. When a decryption function is executed, round keys are used in reverse order of encryption function. An efficient hardware implementation method for minimizing performance degradation are suggested. Considering the number of rounds are 24, 28, or 32 times according to the size of secret keys, pipeline of LEA is implemented so that 4 round function operations are executed in each pipeline stage.

• Journal of IKEEE
• /
• v.22 no.2
• /
• pp.233-241
• /
• 2018

This paper describes a lightweight implementation of a cryptographic processor supporting GCM (Galois/Counter Mode) authenticated encryption (AE) that is based on the two block cipher algorithms of ARIA and AES. It also provides five modes of operation (ECB, CBC, OFB, CFB, CTR) for confidentiality as well as the key lengths of 128-bit and 256-bit. The ARIA and AES are integrated into a single hardware structure, which is based on their algorithm characteristics, and a $128{\times}12-b$ partially parallel GF (Galois field) multiplier is adopted to efficiently perform concurrent processing of CTR encryption and GHASH operation to achieve overall performance optimization. The hardware operation of the ARIA/AES-GCM AE processor was verified by FPGA implementation, and it occupied 60,800 gate equivalents (GEs) with a 180 nm CMOS cell library. The estimated throughput with the maximum clock frequency of 95 MHz are 1,105 Mbps and 810 Mbps in AES mode, 935 Mbps and 715 Mbps in ARIA mode, and 138~184 Mbps in GCM AE mode according to the key length.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.7
• /
• pp.1296-1302
• /
• 2016

A hardware implementation of ultra-lightweight block cipher algorithm PRESENT that was specified as a block cipher standard for lightweight cryptography ISO/IEC 29192-2 is described in this paper. Two types of crypto-core that support master key size of 80-bit are designed, one is for encryption-only function, and the other is for encryption and decryption functions. The designed PR80 crypto-cores implement the basic cipher mode of operation ECB (electronic code book), and it can process consecutive blocks of plaintext/ciphertext without reloading master key. The PR80 crypto-cores were designed in soft IP with Verilog HDL, and they were verified using Virtex5 FPGA device. The synthesis results using $0.18{\mu}m$ CMOS cell library show that the encryption-only core has 2,990 GE and the encryption/decryption core has 3,687 GE, so they are very suitable for IoT security applications requiring small gate count. The estimated maximum clock frequency is 500 MHz for the encryption-only core and 444 MHz for the encryption/decryption core.