• Journal of IKEEE
• /
• v.24 no.4
• /
• pp.961-968
• /
• 2020

This paper describes a design of high performance modular multiplier that is essentially used for elliptic curve cryptography. Our modular multiplier supports modular multiplications for five field sizes over GF(p), including 192, 224, 256, 384 and 521 bits as defined in NIST FIPS 186-2, and it calculates modular multiplication in two steps with integer multiplication and reduction. The Karatsuba-Ofman multiplication algorithm was used for fast integer multiplication, and the Lazy reduction algorithm was adopted for reduction operation. In addition, the Nikhilam division algorithm was used for the division operation included in the Lazy reduction. The division operation is performed only once for a given modulo value, and it was designed to skip division operation when continuous modular multiplications with the same modulo value are calculated. It was estimated that our modular multiplier can perform 6.4 million modular multiplications per second when operating at a clock frequency of 32 MHz. It occupied 456,400 gate equivalents (GEs), and the estimated clock frequency was 67 MHz when synthesized with a 180-nm CMOS cell library.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.12
• /
• pp.2333-2340
• /
• 2016

A LEA (Lightweight Encryption Algorithm) crypto-processor was designed, which supports three master key lengths of 128/ 192/256-bit, ECB and CTR modes of operation. To achieve high throughput rate, the round transformation block was designed with 128 bits datapath and a pipelined structure of 16 stages. Encryption/decryption is carried out through 12/14/16 pipelined stages according to the master key length, and each pipelined stage performs round transformation twice. The key scheduler block was optimized to share hardware resources that are required for encryption, decryption, and three master key lengths. The round keys generated by key scheduler are stored in 32 round key registers, and are repeatedly used in round transformation until master key is updated. The pipelined LEA processor was verified by FPGA implementation, and the estimated performance is about 8.3 Gbps at the maximum clock frequency of 130 MHz.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.63-65
• /
• 2021

This paper describes an integrated H/W-S/W implementation of elliptic curve digital signature algorithm (EC-DSA) using a security system-on-chip (SoC). The security SoC uses the Cortex-A53 APU as CPU, and the hardware IPs of high-performance elliptic curve cryptography (HP-ECC) core and SHA3 (secure hash algorithm 3) hash function core are interfaced via AXI4-Lite bus protocol. The signature generation and verification processes of EC-DSA were verified by the implementation of the security SoC on a Zynq UltraScale+ MPSoC device.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.5
• /
• pp.1082-1088
• /
• 2005

Generating fast round key in AES Rijndael algorithm using three key sizes, such as 128, 192, and 256-bit keys is a critical factor to develop high throughput AES processors. In this paper, we propose on-the-fly round key generator which is applicable to the pipelined and non-pipelined AES processor in which cipher and decipher nodes must be implemented on a chip. The proposed round key generator has modular and area-and-time efficient structure implemented with simple connection of two key expander modules, such as key_exp_m and key_exp_s module. The round key generator for non-pipelined AES processor with support of three key lengths and cipher/decipher modes has about 7.8-ns delay time under 0.25um 2.5V CMOS standard cell library and consists of about 17,700 gates.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.2
• /
• pp.338-343
• /
• 2006

This paper describes about the design concept and the architecture of an economic VPN system which can perform fast crypto operations with cheap cost. The essence of the proposed system architecture is consisting of the system with two companion chips dedicated to VPN: one chip is a multi-purpose network processor for security machine and the other is a crypto acceleration chip which encrypt and decrypt network packets in a high speed. This study also addresses about some realizations that is required for fast prototyping such as the porting of an operating system, the establishment of compiler tool chain, the implementation of device drivers and the design of IPSec security engine. Especially, the second chip supports the most time consuming block cipher algorithms including 3DES, AES, and SEED and its performance was evaluated.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.12
• /
• pp.453-460
• /
• 2022

As high-performance quantum computers are expected to be developed, studies are being actively conducted to build a post-quantum security system that is safe from potential quantum computer attacks. When the Grover's algorithm, a representative quantum algorithm, is used to search for a secret key in a symmetric key cryptography, there may be a safety problem in that the security strength of the cipher is reduced to the square root. NIST presents the post-quantum security strength estimated based on the cost of the Grover's algorithm required for an attack of the cryptographic algorithm as a post-quantum security requirement for symmetric key cryptography. The estimated cost of Grover's algorithm for the attack of symmetric key cryptography is determined by the quantum circuit complexity of the corresponding encryption algorithm. In this paper, the quantum circuit of the SCHWAEMM algorithm, AEAD family of SPARKLE, which was a finalist in NIST's lightweight cryptography competition, is efficiently implemented, and the quantum cost to apply the Grover's algorithm is analyzed. At this time, the cost according to the CDKM ripple-carry adder and the unbounded Fan-Out adder is compared together. Finally, we evaluate the post-quantum security strength of the lightweight cryptography SPARKLE SCHWAEMM algorithm based on the analyzed cost and NIST's post-quantum security requirements. A quantum programming tool, ProjectQ, is used to implement the quantum circuit and analyze its cost.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.10-12
• /
• 2005

[$n\timesn$] 불리언 행렬의 집합에서 동치관계를 이용하여 정의된 D-클래스는 개인키나 공개키 암호기술에 사용될 수 있는 가능성을 가지고 있다. 그러나 NP-완전 문제인 계산 복잡도로 인해 D-클래스의 효율적인 계산이 어려워 극히 제한된 크기의 행렬에 대한 D-클래스만이 알려져 있다. D-클래스를 효율적으로 계산하기 위해서는 수식변환, 병렬처리, 순환문 개선 등을 통해 알고리즘을 개선하여야 한다. 본 논문은 D-클래스의 효율적 계산을 위해 공유메모리 기반의 병렬 처리에 적합하도록 수식의 대수적 변환을 이용한 알고리즘의 설계라 실행 결과에 대해 논한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.7
• /
• pp.875-880
• /
• 2019

A RC4 stream cipher is widely used for security applications such as IEEE 802.11 WEP, IEEE 802.11i TKIP and so on, because it can be simply implemented to dedicated circuits and achieve a high-speed encryption. RC4 is also used for systems with limited resources like IoT, but there are performance limitations. RC4 consists of two stages, KSA and PRGA. KSA performs initialization and randomization of S-box and K-box and PRGA produces cipher texts using the randomized S-box. In this paper, we initialize the S-box and K-box in the randomization of the KSA stage to reduce the initialization delay. In the randomization, we use clusters to process swap operation between elements of S-box in parallel and can generate two cipher texts per clock. The proposed RC4 cipher hardware can initialize S-box and K-box without any delay and achieves about 2 times to 6 times improvement in KSA randomization and key stream generation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.2
• /
• pp.293-298
• /
• 2009

In this contribution, a 193-bit elliptic curve cryptography coprocessor was implemented on an FPGA board. Optimized algorithms and numerical expressions which had been verified through C program simulation, should be analyzed again with HDL (hardware description language) such as Verilog, so that the verified ones could be modified to be applied directly to hardware implementation. The reason is that the characteristics of C programming language design is intrinsically different from the hardware design structure. The hardware IP which was double-checked in view of hardware structure together with algoritunic verification, was implemented on the Altera CycloneII FPGA device equipped with ARM9 microprocessor core, to a real chip prototype, using Altera embedded system development tool kit. The implemented finite field calculation IPs can be used as library modules as Elliptic Curve Cryptography finite field operations which has more than 193 bit key length.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.2C
• /
• pp.208-218
• /
• 2008

We are sure that RFID system should be a widely used automatic identification system because of its various advantages and applications. However, many people know that invasions of privacy in RFID system is still critical problem that makes it difficult to be used. Many works for solving this problem have focused on light-weight cryptographic functioning in the RFID tag. An agent scheme is another approach that an agent device controls communications between the tag and the reader for protecting privacy. Generally an agent device has strong security modules and enough capability to process high-level cryptographic protocols and can guarantees consumer privacy. In this paper, we present an enhanced mobile agent for RFID privacy protection. In enhanced MARP, we modified some phases of the original MARP to reduce the probability of successful eavesdropping and to reduce the number of tag's protocol participation. And back-end server can authenticate mobile agents more easily using public key cryptography in this scheme. It guarantees not only privacy protection but also preventing forgery.