• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.307-314
• /
• 2020

The video surveillance service is being widely deployed around our lives and the service stores sensitive data such as video streams in the cloud over the Internet or the centralized data store in an on-premise environment. The main concerning of these services is that the user should trust the service provider how secure the video or data is stored and handled without any concrete evidence. In this paper, we proposed the approach to protecting video by PKI (public key infrastructure) with a blockchain network. The video is encrypted by a symmetric key, then the key is shared through a blockchain network with taking advantage of the PKI mechanism. Therefore, the user can ensure the sensitive data is always kept secure and traceable in its lifecycle.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.3
• /
• pp.115-126
• /
• 2005

SHACAL-2 is a 256-bit block cipher with up to 512 bits of key length based on the hash function SHA-2. It was submitted to the the NESSIE project and was recommended as one of the NESSIE selections. In this paper, we present two types of related-key attacks called the related-key differential-(non)linear and the related-key rectangle attacks, and we discuss the security of SHACAL-2 against these two types of attacks. Using the related-key differential-nonlinear attack, we can break SHACAL-2 with 512-bit keys up to 35 out of its 64 rounds, and using the related-key rectangle attack, we can break SHACAL-2 with 512-bit keys up to 37 rounds.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.39-49
• /
• 2008

AEA and ARIA are next generation standard block cipher of US and Korea, respectively, and these algorithms are used in various fields including smart cards, electronic passport, and etc. This paper addresses the first efficient unified hardware architecture of AES and ARIA, and shows the implementation results with 0.25um CMOS library. We designed shared S-boxes based on composite filed arithmetic for both algorithms, and also extracted common terms of the permutation matrices of both algorithms. With the $0.25-{\mu}m$ CMOS technology, our processor occupies 19,056 gate counts which is 32% decreased size from discrete implementations, and it uses 11 clock cycles and 16 cycles for AES and ARIA encryption, which shows 720 and 1,047 Mbps, respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.5
• /
• pp.15-25
• /
• 2002

In this paper a design of high performance cryptographic processor which implements AES Rijndael algorithm is described. To eliminate performance degradation due to round-key computation delay of conventional processor, the on-the-fly precomputation of round key based on modified round structure is adopted. And on-the-fly round key generator which supports 128, 192, and 256-bit key has modular structure. The designed processor has iterative structure which uses 1 clock cycle per round and supports three operation modes, such as ECB, CBC, and CTR mode which is a candidate for new AES modes of operation. The cryptographic processor designed in Verilog-HDL and synthesized using 0.251$\mu\textrm{m}$ CMOS cell library consists of about 51,000 gates. Simulation results show that the critical path delay is about 7.5ns and it can operate up to 125Mhz clock frequency at 2.5V supply. Its peak performance is about 1.45Gbps encryption or decryption rate under 128-bit key ECB mode.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.3-13
• /
• 2010

Differential Fault Analysis (DFA) is widely known for one of the most efficient method analyzing block cipher. In this paper, we propose a new type of DFA on DES (Data Encryption Standard). DFA on DES was first introduced by Biham and Shamir, then Rivain recently introduced DFA on DES middle rounds (9-12 round). However previous attacks on DES can only be applied to the encryption process. Meanwhile, we first propose the DFA on DES key-schedule. In this paper, we proposed a more efficient DFA on DES key schedule with random fault. The proposed DFA method retrieves the key using a more practical fault model and requires fewer faults than the previous DFA on DES.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1225-1236
• /
• 2020

Fuzzing is an automated software testing methodology that dynamically tests the security of software by inputting randomly generated input values outside of the expected range. KISA is releasing open source for standard cryptographic algorithms, and many crypto module developers are developing crypto modules using this source code. If there is a vulnerability in the open source code, the cryptographic library referring to it has a potential vulnerability, which may lead to a security accident that causes enormous losses in the future. Therefore, in this study, an appropriate security policy was established to verify the safety of block cipher source codes such as SEED, HIGHT, and ARIA, and the safety was verified using differential fuzzing. Finally, a total of 45 vulnerabilities were found in the memory bug items and error handling items, and a vulnerability improvement plan to solve them is proposed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.3
• /
• pp.1051-1077
• /
• 2021

The secure communication of information is a major concern over the internet. The information must be protected before transmitting over a communication channel to avoid security violations. In this paper, a new hybrid method called compressed encrypted data embedding (CEDE) is proposed. In CEDE, the secret information is first compressed with Lempel Ziv Welch (LZW) compression algorithm. Then, the compressed secret information is encrypted using the Advanced Encryption Standard (AES) symmetric block cipher. In the last step, the encrypted information is embedded into an image of size 512 × 512 pixels by using image steganography. In the steganographic technique, the compressed and encrypted secret data bits are divided into pairs of two bits and pixels of the cover image are also arranged in four pairs. The four pairs of secret data are compared with the respective four pairs of each cover pixel which leads to sixteen possibilities of matching in between secret data pairs and pairs of cover pixels. The least significant bits (LSBs) of current and imminent pixels are modified according to the matching case number. The proposed technique provides double-folded security and the results show that stego image carries a high capacity of secret data with adequate peak signal to noise ratio (PSNR) and lower mean square error (MSE) when compared with existing methods in the literature.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.05a
• /
• pp.163-166
• /
• 2021

ICISC'20에서 발표된 경량 블록암호 PIPO는 비트 슬라이스 기법 적용으로 효율적인 구현이 되었으며, 부채널 내성을 지니기에 안전하지 않은 환경에서도 안정적으로 사용 가능한 경량 블록암호이다. 본 논문에서는 ARM 프로세서를 대상으로 PIPO의 병렬 최적 구현을 제안한다. 제안하는 구현물은 8평문, 16평문의 병렬 암호화가 가능하다. 구현에는 최적의 명령어 활용, 레지스터 내부 정렬, 로테이션 연산 최적화 기법을 사용하였다. 구현은 A10x fusion 프로세서를 대상으로 한다. 대상 프로세서상에서, 기존 레퍼런스 PIPO 코드는 64/128, 64/256 규격에서 각각 34.6 cpb, 44.7 cpb의 성능을 가지나, 제안하는 기법은 8평문 64/128, 64/256 규격에서 각각 12.0 cpb, 15.6 cpb, 16평문 64/128, 64/256 규격에서 각각 6.3 cpb, 8.1 cpb의 성능을 보여준다. 이는 기존 대비 각 규격별로 8평문 병렬 구현물은 약 65.3%, 66.4%, 16평문 병렬 구현물은 약 81.8%, 82.1% 더 좋은 성능을 보인다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.4
• /
• pp.795-803
• /
• 2017

This paper describes a dual-standard cryptographic processor that efficiently integrates two block ciphers ARIA and AES into a unified hardware. The ARIA-AES crypto-processor was designed to support 128-b and 256-b key sizes, as well as four modes of operation including ECB, CBC, OFB, and CTR. Based on the common characteristics of ARIA and AES algorithms, our design was optimized by sharing hardware resources in substitution layer and in diffusion layer. It has on-the-fly key scheduler to process consecutive blocks of plaintext/ciphertext without reloading key. The ARIA-AES crypto-processor that was implemented with a $0.18{\mu}m$ CMOS cell library occupies 54,658 gate equivalents (GEs), and it can operate up to 95 MHz clock frequency. The estimated throughputs at 80 MHz clock frequency are 787 Mbps, 602 Mbps for ARIA with key size of 128-b, 256-b, respectively. In AES mode, it has throughputs of 930 Mbps, 682 Mbps for key size of 128-b, 256-b, respectively. The dual-standard crypto-processor was verified by FPGA implementation using Virtex5 device.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.44 no.7 s.361
• /
• pp.71-80
• /
• 2007

This paper describes an efficient hardware design of WiBro security processor (WBSec) supporting for the security sub-layer of WiBro wireless internet system. The WBSec processor, which is based on AES (Advanced Encryption Standard) block cipher algorithm, performs data oncryption/decryption, authentication/integrity, and key encryption/decryption for packet data protection of wireless network. It carries out the modes of ECB, CTR, CBC, CCM and key wrap/unwrap with two AES cores working in parallel. In order to achieve an area-efficient implementation, two design techniques are considered; First, round transformation block within AES core is designed using a shared structure for encryption/decryption. Secondly, SubByte/InvSubByte blocks that require the largest hardware in AES core are implemented using field transformation technique. It results that the gate count of WBSec is reduced by about 25% compared with conventional LUT (Look-Up Table)-based design. The WBSec processor designed in Verilog-HDL has about 22,350 gates, and the estimated throughput is about 16-Mbps at key wrap mode and maximum 213-Mbps at CCM mode, thus it can be used for hardware design of WiBro security system.