• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.15-24
• /
• 2006

Recently, the importance of the area efficient implementation of cryptographic algorithm for the portable device is increasing. Previous ARIA(Academy, Research Institute, Agency) implementation styles that usually concentrate upon speed, we not suitable for mobile devices in area and power aspects. Thus in this paper, we present an area efficient AR processor which use 32-bit architecture. Using new implementation technique of diffusion layer, the proposed processor has 11301 gates chip area. For 128-bit master key, the ARIA processor needs 87 clock cycles to generate initial round keys, n8 clock cycles to encrypt, and 256 clock cycles to decrypt a 128-bit block of data. Also the processor supports 192-bit and 256-bit master keys. These performances are 7% in area and 13% in speed improved results from previous cases.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.4
• /
• pp.860-868
• /
• 2011

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. In this paper, we propose a SPN block cipher so called SSB which has a symmetric structure in encryption and decryption. The proposed SSB is composed of the even numbers of N rounds. Each round consists of a round key addition layer, a subsitution layer, a byte exchange layer and a diffusion layer. The subsitution layer of the odd round is inverse function of one of the even round. And the diffusion layer is a MDS involution matrix. The differential and linear attack probability of SSB is $2^{-306}$ which is same with AES. The proposed symmetric SPN block cipher SSB is believed to construct a safe and efficient cipher in Smart Card and RFID environments which is in limited hardware and software resources.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.340-344
• /
• 2008

In the block cipher, DPA-resistant masking methods make an appropriation of extremely high cost for the non-linear part. Block ciphers like AES and ARIA use the inversion operation as this non-linear part. This make various countermeasures be proposed for reducing the cost of masking inversion. In this paper, we propose the efficient masking inverter by rearranging the masking inversion operation over the composite field and finding duplicated multiplications.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.629-630
• /
• 2006

This paper presented a hardware implementation of ARIA, which is Korean standard block ciphering algorithm. In this work, we proposed a improved architecture based on pipeline structure and confirmed that the design operates in a clock frequency of 101.7MHz and in throughput of 957Mbps in Xilinx FPGA XCV-1600E.

• ETRI Journal
• /
• v.34 no.1
• /
• pp.76-86
• /
• 2012

The block cipher ARIA has been threatened by side-channel analysis, and much research on countermeasures of this attack has also been produced. However, studies on countermeasures of ARIA are focused on software implementation, and there are no reports about hardware designs and their performance evaluation. Therefore, this article presents an advanced masking algorithm which is strong against second-order differential power analysis (SODPA) and implements a secure ARIA hardware. As there is no comparable report, the proposed masking algorithm used in our hardware module is evaluated using a comparison result of software implementations. Furthermore, we implement the proposed algorithm in three types of hardware architectures and compare them. The smallest module is 10,740 gates in size and consumes an average of 47.47 ${\mu}W$ in power consumption. Finally, we make ASIC chips with the proposed design, and then perform security verification. As a result, the proposed module is small, energy efficient, and secure against SODPA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.15-29
• /
• 2014

Increasing the smart instrument based social and economical activity, problems of electronic business's safety, reliability and user's privacy are be on the rise. so variety standard cryptography algorithms for information security have been developed in korea and How to efficiently implement them in a variety of environments is issued. ARIA and SEED, developed in Korea, are standard block cipher algorithm to encrypt the 128-bit plaintext, are each configured Feistel, SPN structure. In this paper, SEED and ARIA were implemented using the GEZEL language that can be used easily in the software designer because grammar is simple compared to other hardware description language. In particular, in this paper, will be described in detail the characteristics and design method using GEZEL as the first paper that implements 128bits ARIA and SEED and it showed the flexibility and efficiency of development using GEZEL. SEED designed GEZEL is occupied 69043 slice, is operating Maximum frequency 146.25Mhz and ARIA is occupied 7282 slice, is operating Maximum frequency 286.172Mhz. Also, Speed of SEED designed and implemented signal flow method is improved 296%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.39-49
• /
• 2008

AEA and ARIA are next generation standard block cipher of US and Korea, respectively, and these algorithms are used in various fields including smart cards, electronic passport, and etc. This paper addresses the first efficient unified hardware architecture of AES and ARIA, and shows the implementation results with 0.25um CMOS library. We designed shared S-boxes based on composite filed arithmetic for both algorithms, and also extracted common terms of the permutation matrices of both algorithms. With the $0.25-{\mu}m$ CMOS technology, our processor occupies 19,056 gate counts which is 32% decreased size from discrete implementations, and it uses 11 clock cycles and 16 cycles for AES and ARIA encryption, which shows 720 and 1,047 Mbps, respectively.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.2
• /
• pp.171-179
• /
• 2011

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. Encrypt round function and decrypt round function in SPN structure have three parts, round key addition and substitution layer with S-box for confusion and permutation layer for defusion. Most SPN structure for example ARIA and AES uses 8 bit S-Box at substitution layer, which is vulnerable to Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. In this paper, we propose a SPN which has a symmetric structure in encryption and decryption. The whole operations of proposed algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2 round, applies a right function and the last half of them, (N+1)/2 to N round, employs an inverse function. And a symmetry layer is located in between the right function layer and the inverse function layer. The symmetric layer is composed with a multiple simple bit slice involution S-Boxes. The bit slice involution S-Box symmetric layer increases difficult to attack cipher by Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. The proposed symmetric SPN block cipher with bit slice involution S-Box is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.17-24
• /
• 2010

A differential fault attack(DFA) is one of the most efficient side channel attacks on block ciphers. Almost all block ciphers, such as DES, AES, ARIA, SEED and so on., have been analysed by this attack. In the case of the known DFAs on SEED, the attacker induces permanent faults on a whole left register of round 16. In this paper, we analyse SEED against DFA with differential characteristics and addition-XOR characteristics of the round function of SEED. The fault assumption of our attack is that the attacker induces 1-bit faults on a particular register. By using our attack, we can recover last round keys and the master key with about $2^{32}$ simple arithmetic operations. It can be simulated on general PC within about a couple of second.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.4
• /
• pp.795-803
• /
• 2017

This paper describes a dual-standard cryptographic processor that efficiently integrates two block ciphers ARIA and AES into a unified hardware. The ARIA-AES crypto-processor was designed to support 128-b and 256-b key sizes, as well as four modes of operation including ECB, CBC, OFB, and CTR. Based on the common characteristics of ARIA and AES algorithms, our design was optimized by sharing hardware resources in substitution layer and in diffusion layer. It has on-the-fly key scheduler to process consecutive blocks of plaintext/ciphertext without reloading key. The ARIA-AES crypto-processor that was implemented with a $0.18{\mu}m$ CMOS cell library occupies 54,658 gate equivalents (GEs), and it can operate up to 95 MHz clock frequency. The estimated throughputs at 80 MHz clock frequency are 787 Mbps, 602 Mbps for ARIA with key size of 128-b, 256-b, respectively. In AES mode, it has throughputs of 930 Mbps, 682 Mbps for key size of 128-b, 256-b, respectively. The dual-standard crypto-processor was verified by FPGA implementation using Virtex5 device.