• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.3-10
• /
• 2009

In this paper, we introduce improved differential and linear attacks on the SMS4 block cipher which is used in the Chinese national standard WAPI (WLAN Authentication and Privacy Infrastructure, WLAN - Wireless Local Area Network): First, we introduce how to extend previously known differential attacks on SMS4 from 20 or 21 to 22 out of the full 32 rounds. Second, we improve a previously known linear attack on 22-round reduced SMS4 from $2^{119}$ known plaintexts, $2^{109}$ memory bytes, $2^{117}$ encryptions to $2^{117}$ known plaintexts, $2^{l09}$ memory bytes, $2^{112.24}$ encryptions, by using a new linear approximation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.6
• /
• pp.77-87
• /
• 2001

This paper describes a design of cryptographic processor that implements the Rijndael cipher algorithm, the Advanced Encryption Standard algorithm. It can execute both encryption and decryption, and supports only 128-bit block and 128-bit keys. As the processor is implemented only one round, it must iterate 11 times to perform an encryption/decryption. We implemented the ByteSub and InvByteSub transformation using the algorithm for minimizing the increase of area which is caused by different encryption and decryption. It could reduce the memory size by half than implementing, with only ROM. We estimate that the cryptographic processor consists of about 15,000 gates, 32K-bit ROM and 1408-bit RAM, and has a throughput of 1.28 Gbps at 110 MHz clock based on Samsung 0.5um CMOS standard cell library. To our knowledge, this offers more reduced memory size compared to previously reported implementations with the same performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.607-615
• /
• 2022

The SITM (See-In-The-Middle) proposed in CHES 2020 is a methodology for side-channel assisted differential cryptanalysis. This technique analyzes the power traces of unmasked middle rounds in partial masked SPN block cipher implementation, and performs differential analysis with the side channel information. Blockcipher GIFT is a lightweight blockcipher proposed in CHES 2017, designed to correct the well-known weaknesses of block cipher PRESENT and provide the efficient implementation. In this paper, we propose SITM attacks on partial masked implementation of GIFT-128. This attack targets 4-round and 6-round masked implementation of GIFT-128 and time/data complexity is 2^14.01 /2^14.01, 2¹⁶ /2¹⁶. In this paper, we compare the masterkey recovery logic available in SITM attacks, establishing a criterion for selecting more efficient logic depending on the situation. Finally, We introduce how to apply the this attack to GIFT-COFB, one of the finalist candidates in NIST lightweight cryptography standardization process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.155-162
• /
• 2022

The SITM (See-In-The-Middle) attack proposed in CHES 2020 is a type of analysis technique that combines differential cryptanalysis and side-channel analysis, and can be applied even in a harsh environment with a low SNR (Signal-to-Noise Ratio). This attack targets partial 1^st or higher order masked block cipher, and uses unmasked middle round weakness. PRESENT is a lightweight blockcipher proposed in CHES 2007, designed to be implemented efficiently in a low-power environment. In this paper, we propose SITM attacks on 14-round masked implementation of PRESENT while the previous attacks were applicable to 4-round masked implementation of PRESENT. This indicates that PRESENT has to be implemented with more than 16-round masking to be resistant to our attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.737-750
• /
• 2022

The demands of Unmanned Aerial Vehicles (UAVs) are growing very rapidly with the era of the 4th industrial revolution. As the technology of the UAV improved with the development of artificial intelligence and semiconductor technology, it began to be used in various civilian fields such as hobbies, bridge inspections, etc from being used for special purposes such as military use. MAVLink (Macro Air Vehicle Link), which started as an open source project, is the most widely used communication protocol between UAV and ground control station. However, MAVLink does not include any security features such as encryption/decryption mechanism, so it is vulnerable to various security threats. Therefore, in this study, the block cipher is implemented in UAV to ensure confidentiality, and the results of the encryption and decryption performance evaluation in the UAV according to various implementation methods are analyzed. In addition, we proposed the security requirements in accordance with Common Criteria, which is an international recognized ISO standard.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.569-575
• /
• 2024

The 64-bit block cipher IIoTBC is an encryption algorithm designed for the security of industrial IoT devices and uses an 128-bit secret key. The IIoTBC's encryption algorithm varies depending on whether the MCU size used in IoT is 8-bit or 16-bit. This paper deals with a differential attack on IIoTBC when the MCU size is 8-bit. It attacks 15-round out of the entire 32-round using IIoTBC's 14-round differential characteristic. At this time, the number of required plaintexts and encryption are 2⁵⁷ and 2^122.4, respectively. The differential characteristic presented in this paper has a longer round than the existing 13-round impossible differential characteristic, and the attack using this is the result of the first key recovery attack on IIoTBC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.709-717
• /
• 2012

The round reduction on block cipher is a fault injection attack in which an attacker inserts temporary errors in cryptographic devices and extracts a secret key by reducing the number of operational round. In this paper, we proposed an improved round reduction method to retrieve master keys by injecting a fault during operation of loop statement in the Triple DES. Using laser fault injection experiment, we also verified that the proposed attack could be applied to a pure microprocessor ATmega 128 chip in which the Triple DES algorithm was implemented. Compared with previous attack method which is required 9 faulty-correct cipher text pairs and some exhaustive searches, the proposed one could extract three 56-bit secret keys with just 5 faulty cipher texts.

• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.287-292
• /
• 2011

Using an expanded DES key, we suggest a block cipher algorithm to generate and to use a variable P box. We also present an efficient way for the implementation of variable P box at each round. Using counter examples on Differential Cryptanalysis(DC) and Linear Cryptanalysis(LC), we show that the suggested algorithm is strong enough to overcome those attacks. Compared with the real key bits of triple DES(3DES), the new algorithm is much safer in the points of the exhaustive attack. The results of computer simulations show that the new algorithm is almost 3 times faster than 3DES regarding the cipher process time.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.307-312
• /
• 2002

Among the various zero suppression (ZS) algorithms used in a for synchronous stream cipher system, a ZS-2 exhibits certain good properties, including the omission of the block synchronization, easy implementation, etc., yet also a weakness in channel error propagation. Accordingly, This paper proposes a new method by minimizing the bit-wide substitution in the substitution blocks of ZS-2 to improve the degenerated error property in a noisy channel. As a result, the proposed ZS-3 algorithm can decrease the mean error propagation by about 18.7% over that of ZS-2 at n=8.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.4
• /
• pp.53-61
• /
• 2011

Recently, the importance of information security is emphasized in IT related field. The agency related to information security implements the policies to emphasize the security and protection of the privacy. However, the issue in many companies and users is that awareness of security is still poor. Therefore, in this paper, we develope the learning program for AES(advanced encryption standard) block cipher, to raise the awareness of security. Also, wish to cause interest about AES cipher because user confirms process that is encryption/decryption through program of this paper directly and prove awareness about information security.