• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제20권2호
• /
• pp.351-358
• /
• 2016

This paper describes an efficient hardware implementation of lightweight block cipher algorithm CLEFIA. The CLEFIA crypto-processor supports for three master key lengths of 128/192/256-bit, and it is based on the modified generalized Feistel network (GFN). To minimize hardware complexity, a unified processing unit with 8 bits data-path is designed for implementing GFN that computes intermediate keys to be used in round key scheduling, as well as carries out round transformation. The GFN block in our design is reconfigured not only for performing 4-branch GFN used for round transformation and intermediate round key generation of 128-bit, but also for performing 8-branch GFN used for intermediate round key generation of 256-bit. The CLEFIA crypto-processor designed in Verilog HDL was verified by using Virtex5 XC5VSX50T FPGA device. The estimated throughput is 81.5 ~ 60 Mbps with 112 MHz clock frequency.

• Review of KIISC
• /
• 제16권4호
• /
• pp.34-46
• /
• 2006

정보보호 시스템에 사용되고 있는 암호적 난수발생기의 현황을 조사하고 안전성 분석에 대한 최신 기술 동향을 살펴본다. 하드웨어를 기반으로 하는 난수발생기의 종류 및 사용 실태와 안전성 분석 기술을 조사 분석하며, 소프트웨어 기반 난수발생기에 대한 최신 설계 기술을 정리해 본다. 또한, 난수발생기의 출력 수열에 대한 통계적 안전성 평가 방법과 난수발생기 알고리즘에 대한 이론적 안전성 분석 기술에 대해서 논한다.

• Journal of the Korea Society for Simulation
• /
• 제29권2호
• /
• pp.73-81
• /
• 2020

HCCL stands for Heterogenous Container Class Library. HCCL is a library that allows heterogeneous types of data to be stored in a container as a single record and to be constructed as a list of the records to be stored in database. With HCCL, encryption/decryption can be done based on the unified data type. Recently, IoT sensor which is embedded in smartphone enables developers to provide various convenient services to users. However, it is also true that infringement of personal information may occur in the process of transmitting sensor information to API and users need to be prepared for this situation in some sense. In this study, we developed a data model that enhances existing security using SEED cryptographic algorithms while managing information of sensors based on HCCL. Due to the fact that the Android environment does not provide permission management function for sensors, this study decided whether or not to encrypt sensor information based on the user's choice so that the user can determine the creation and storage of safe data. For verification of this work, we have presented the performance evaluation by comparing with the situation of storing the sensor data in plaintext.

• Journal of Internet of Things and Convergence
• /
• 제8권1호
• /
• pp.79-85
• /
• 2022

Internet of Things (IoT) connects devices with various platforms, computing power, and functions. Due to the diversity of networks and the ubiquity of IoT devices, demands for security and privacy are increasing. Therefore, cryptographic mechanisms must be strong enough to meet these increased requirements, while at the same time effective enough to be implemented in devices with long-range specifications. In this paper, we present the performance and memory limitations of modern cryptographic primitives and schemes for different types of devices that can be used in IoT. In addition, detailed performance evaluation of the performance of the most commonly used encryption algorithms in low-spec devices frequently used in IoT networks is performed. To provide data protection, the binary ring uses encryption asymmetric fully homomorphic encryption and symmetric encryption AES 128-bit. As a result of the experiment, it can be seen that the IoT device had sufficient performance to implement a symmetric encryption, but the performance deteriorated in the asymmetric encryption implementation.

• Convergence Security Journal
• /
• 제14권4호
• /
• pp.55-60
• /
• 2014

In this study, we propose a cryptographic module quality evaluation system referenced by ISO/IEC 9000 quality system with Quality, Quality Factor, Quality Subfactor, Metric. Practical application process encryption algorithm based on the encryption algorithm to encrypt the pros and cons valuation of diagnosis, point selection algorithm, analysis, and quality items(quality factor), eliciting constraints derived, such as the cryptographic module design quality evaluation system is set to step 5. The five steps are examples of field-based diagnostic tool for cryptographic operations, the most essential work to be done in order to derive one will work. 2-Factor encryption module for connection between indicator items(quality factor) to identify and ensure the quality of the item the constraints of the environment are two kinds of cryptographic operations. This study is an encryption module and a practical field application system, it presents the standardized model. We have to meet the rapid changes in information technology. The environment, development and the encryption algorithm applied to model a wide variety of on-site development encryption will be able to expect the efficiency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제14권8호
• /
• pp.1843-1848
• /
• 2010

The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, we propose Two authenticated key exchange protocols Two Pass EKE-E(Encrypted Key Exchange-Efficient) and Two Pass EKE-S(Encrypted Key Exchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$ The Two Pass EKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The Two Pass EKE-S is a slight modification of the Two Pass EKE-E. The Two Pass EKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the Two Pass EKE-E.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제32권6호
• /
• pp.1045-1057
• /
• 2022

Recently, the National Institute of Standards and Technology (NIST) announced four cryptographic algorithms as a standard candidates of Post-Quantum Cryptography (PQC). In this paper, we show that private key can be exposed by a non-profiling-based power analysis attack such as Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) on CRYSTALS-KYBER algorithm, which is decided as a standard in the PKE/KEM field. As a result of experiments, it was successful in recovering the linear polynomial coefficient of the private key. Furthermore, the private key can be sufficiently recovered with a 13.0 Normalized Maximum Margin (NMM) value when Hamming Weight of intermediate values is used as a label in DDLA. In addition, these non-profiling attacks can be prevented by applying countermeasures that randomly divides the ciphertext during the decryption process and randomizes the starting point of the coefficient-wise multiplication operation.

• Journal of KIISE:Computing Practices and Letters
• /
• 제16권4호
• /
• pp.415-420
• /
• 2010

Cryptographic keys for security should be generated by true random number generators that apply irreversible hashing algorithms to initial values taken from a random source. As DRAM shows randomness in its access latency, it can be used as a random source. However, systems with synchronous DRAM (SDRAM) do not easily expose such randomness resulting in highly clustered random numbers. We resolved this problem by using the xor instruction. Statistical testing shows that the generated random bits have the quality comparable to true random bit sequences. The performance of bit generation is at the order of 100 Kbits/sec. Since the proposed random number generation requires neither external devices nor any special circuits, this method may be used in any computing device that employs DRAM.

• Journal of KIISE:Information Networking
• /
• 제27권4호
• /
• pp.465-475
• /
• 2000

초고속 통신망에서의 정보 침해는 짧은 시간에 많은 데이터의 손실을 초래할 수 있기 때문에 정보보호의 필요성이 제기되고 있다. ATM 망에서의 정보보안을 위해 보안 서비스를 ATM계층과 AAL 계층에 적용시킬 수도 있고 이 계층들 사이에도 적용시킬수 있으며 보안 계층을 따로 두어 보안 서비스를 하나의 계층에서 다양하고 투명하게 적용할 수 있다. 그러나 이러한 연구들의 결과가 이론에 그치고 있고 실제로 암호 알고리즘 등의 보안 서비스를 적용한 망에서의 성능을 평가하는 부분에 대해서는 연구가 부족한 상황이다. 본 논문에서는 사용자 평면에서 데이터의 비밀성, 무결성, 데이터 원천 인증 등의 보안 서비스를 적용한 보안 계층을 구현하고 SDL이라는 모델링 툴을 이용하여 망에서의 메시지 전달 지연 시간 등을 측정한후 그 성능을 비교.분석하였다 모델링하는 세가지 종류의 망은 첫 번째는 보안 서비스가 적용되지 않은 ATM망이고 두 번째는 보안계층이 CS 부계층과 SAR 부계층 사이에 삽입된 망이며 세 번째는 보안 계층이 ATM계층과 AAL계층 사이에 삽입된 망이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제33권3호
• /
• pp.363-374
• /
• 2023

A white-box environment refers to a situation where the internal information of an algorithm is disclosed. The AES white-box encryption was first announced in 2002, and in 2016, a side-channel analysis for white-box encryption called Differential Computation Analysis (DCA) was proposed. DCA analysis is a powerful side-channel attack technique that uses the memory information of white-box encryption as side-channel information to find the key. Although various countermeasure studies against DCA have been published domestically and internationally, there were no evaluated or analyzed results from experiments applying the hiding technique using dummy operations to DCA analysis. Therefore, in this paper, we insert LU T-shaped dummy operations into the WBC-AES algorithm proposed by S. Chow in 2002 and quantitatively evaluate the degree of change in DCA analysis response depending on the size of the dummy. Compared to the DCA analysis proposed in 2016, which recovers a total of 16 bytes of the key, the countermeasure proposed in this paper was unable to recover up to 11 bytes of the key as the size of the dummy decreased, resulting in a maximum decrease in attack performance of about 68.8%, which is about 31.2% lower than the existing attack performance. The countermeasure proposed in this paper confirms that the attack performance significantly decreases as smaller dummy sizes are inserted and can be applied in various fields.