• The KIPS Transactions:PartC
• /
• v.8C no.3
• /
• pp.277-286
• /
• 2001

본 논문에서는 미국 국립표준기술연구소 차세대 표준 암호 알고리듬으로 선정한 Rijndael 암호 알고리듬과 안정성과 성능에서 인정을 받은 Twofish 암호 알고리듬을 ALTERA FPGA를 사용하여 하드웨어로 구현한다. 두가지 알고리듬에 대해 키스케쥴링과 인터페이스를 하드웨어에 포함시켜 구현한다. 알고리듬의 효율적인 동작을 위해 키스케쥴링을 포함하면서도 구현된 회로의 크기가 크게 증가하지 않으며, 데이터의 암호/복호화 처리 속도가 향상됨을 알 수 있다. 주어진 128-비트 대칭키에 대하여, 구현된 Rijndael 암호 알고리듬은 11개의 클럭 만에 키스케쥴링을 완료하며, 구현된 Twofish 암호 알고리듬은 21개의 클럭 만에 키스케쥴링을 완료한다. 128-비트 입력 데이터가 주어졌을 때, Rijndael의 경우, 10개의 클럭 만에 주어진 데이터의 암호/복호화를 수행하고, Twofish는 16개의 클럭 만에 암호/복호화를 수행한다. 또한, Rijndael은 336.8Mbps의 데이터 처리속도를 보이고, Twofish는 121.2Mbps의 성능을 보임을 알 수 있다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.07a
• /
• pp.71-74
• /
• 2014

스마트폰의 활용 범위가 점점 확장됨에 따라 데이터 통신량도 증가되어 가고 있으며, 데이터 유출을 방지하기 위해 다양한 암 복호화 알고리즘을 필요로 하고 있다. 본 논문에서는 기존의 비대칭 알고리즘과 대칭 알고리즘을 이용한 하이브리드 암 복호화 기반 데이터 교환방법을 제안한다. 비대칭 알고리즘은 RSA방법을 사용하여 상호간에 대칭키의 절반인 반키(Half Key)를 교환할 수 있도록 하였으며, 대칭 알고리즘은 AES를 사용하여 데이터를 암 복호화 할 수 있도록 하였다. 또한 기존의 AES 알고리즘의 S-Box와 키 스케쥴링 과정을 변형하여 무차별 대입 공격에 대해 방어할 수 있도록 하였다. 그 결과 기존의 비대칭 또는 대칭 알고리즘을 단독으로 사용하는 방법보다 안전하고 빠른 보안수준을 보장할 수 있음을 확인하였다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.11
• /
• pp.271-276
• /
• 2019

Conventional ARIA algorithm which is used LUT based-S-Box is fast the processing speed. However, the algorithm is hard to applied to small portable devices. This paper proposes the hardware design of optimized ARIA crypto-processor based on the modified composite field S-Box in order to decrease its hardware area. The Key scheduling in ARIA algorithm, both diffusion and substitution layers are repeatedly used in each round function. In this approach, an advanced key scheduling method is also presented of which two functions are merged into only one function for reducing hardware overhead in scheduling process. The designed ARIA crypto-processor is described in Verilog-HDL, and then a logic synthesis is also performed by using Xilinx ISE 14.7 tool with target the Xilnx FPGA XC3S1500 device. In order to verify the function of the crypto-processor, both logic and timing simulation are also performed by using simulator called ModelSim 10.4a.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.11a
• /
• pp.681-685
• /
• 2001

본 논문에서는 난수 발생기로써 랜덤성이 우수하고 하드웨어 설계시 고속성이 보장되어 LFSR(Linear Feedback Shift register) 대안으로 소개되고 있는 셀룰라 오토마타(CA: Cellular Automata)를 소개하고 이를 이용한 새로운 블록 암호 알고리즘을 제안한다. 제안된 블록 암호 알고리즘은 Fiestel 구조로써 라운드 함수와 키 스케쥴링 모두를 셀룰러 오토마타를 이용하여 구성함으로써 구현의 편이성과 고속성을 추구하였다. 제안 알고리즘에 대한 간단한 통계적 검정과 성능평가를 통해 기존 표준 알고리즘고의 비교를 수행하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.69-77
• /
• 2008

In the recent years, power attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption, and key-schedule) are well-known. Applications of masking methods are able to vary in different block ciphers, therefore suitable masking methods about each ciphers have been researched. Existed methods of ARIA have many revisions of mask value. And because existed masking methods pay no regard for key schedule, secret information can be exposed. In the case of ARIA, this problem is more serious than different block ciphers. Therefore we proposes an efficient masking scheme of ARIA including the key-schedule. Our method reduces time-complexity of ARIA encryption, and solve table-size problem of the general ARIA masking scheme from 256*8 byte to 256*6 byte.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.47 no.1
• /
• pp.159-168
• /
• 2010

In the recent years, power analysis attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption, and key-schedule) are well-known. The type conversion of masking is unavoidable since Boolean operation and Arithmetic operation are performed together in block cipher. Messerges proposed a masking type conversion algorithm resistant general power analysis attack and then it's vulnerability was reported. We present that some of exiting attacks have some practical problems and propose a new power analysis attack on Messerges's algorithm. After we propose the strengthen DPA and CPA attack on the masking type conversion algorithm, we show that our proposed attack is a practical threat as the simulation results.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.2
• /
• pp.1-6
• /
• 2021

In this paper, an efficient implementation of AES encryption algorithm is presented for CCTV image security using C# language. In this approach, an efficient S-Box is first designed for reducing the computation time which is required in each round process of AES algorithm, and then an CCTV image security system is implemented on the basis of this algorithm on a composite field GF(((22)2)2). In addition, the shared S-Box structure is designed for realizing the minimized memory space, which is used in each round transformation and key scheduling processes. Through performance evaluation, it was confirmed that the proposed method is more efficient than the existing method. The proposed CCTV system in C# language using Visual studio 2010.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.47-57
• /
• 2003

In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC) and show that we can attack full-round CIKS-1 with \ulcorner56-bit key through the canonical extension of our attack. A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduling which consist in data dependent transformation of the round subkeys. Taking into accout the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p=3/4 for 16 parallel modulo $2^2$ additions to construct one-round linear approximation and derive one-round linear approximation with the probability P=1/2+$2^{-17}$ by Piling-up lemma. Then we present 3-round linear approximation with 1/2+$2^{-17}$ using this one-round approximation and attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion we present that our attack requires $2^{38}$chosen plaintexts with a probability of success of 99.9% and about $2^{67-7}$encryption times to recover the last round key.(But, for the full-round CIKS-1, our attack requires about $2^{166}$encryption times)

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.1
• /
• pp.1-6
• /
• 2021

The paper proposes the design of AES-based encryption chip for IoT security. ROM based S-Box implementation occurs a number of memory space and some delay problems for its access. In this approach, S-Box is designed by pipeline structure on composite field GF((22)2) to get faster calculation results. In addition, in order to achieve both higher throughput and less delay, shared S-Box are used in each round transformation and the key scheduling process. The proposed AES crypto-processor is described in Veilog-HDL, and Xilinx ISE 14.7 tool is used for logic synthesis by using Xilinx XC6VLX75T FPGA. In order to perform the verification of the crypto-processor, the timing simulator(ModelSim 10.3) is also used.