• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.247-250
• /
• 2008

RC6 which has different algorithm of encryption and decryption has been implemented to have the same algorithm between encryption' and decryption though inserting symmetry layer using simple rotate and logical operation. That means the half of whole RC6 round uses encryption algorithm and the rest of it uses decryption one and symmetry layer has been put into the middle of encryption and decryption. The proposed RC6 algorithm has no difference with the original one in the speed of process. However it is quite safe because by inserting symmetry layer the path of high probability which is needed for differential and linear analysis is cut oft so that it is hard to be analyzed. The proposed algorithm can be easily applied to the algorithm which has different encryption and decryption an make it same, and it can be good idea to be used to design a new block cipher algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.993-1000
• /
• 2017

When the availability of embedded device is considered, combined countermeasure such as first-order masking and hiding countermeasures is quite attractive because the security and efficiency can be provided at the same time. Especially, combined countermeasure can be applied to the confusion and diffusion layers of the first and last rounds in order to provide the efficiency. Also, the middle rounds only employs first-order masking countermeasure or no countermeasure. In this paper, we suggest a novel side channel analysis with low complexity in the output of diffusion layer. In general, the attack target cannot be set to the output of diffusion layer owing to the high complexity. When the diffusion layer of block cipher is composed of AND operations, we show that the attack complexity can be reduced. Here, we consider that the main algorithm is SEED. Then, the attack complexity with $2^{32}$ can be reduced by $2^{16}$ according to the fact that the correlation between the combination of S-box outputs and that of the outputs of diffusion layer. Moreover, compared to the fact that the main target is the output of S-box in general, we demonstrate that the required number of traces can be reduced by 43~98% in terms of simulated traces. Additionally, we show that only 8,000 traces are enough to retrieve the correct key by suggested scheme, although it fails to reveal the correct key when performing the general approach on 100,000 traces in realistic device.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.739-747
• /
• 2015

Masking technique that is most widely known as countermeasure against power analysis attack prevents leakage for sensitive information during the implementations of cryptography algorithm. it have been studied extensively until now applied on block cipher algorithms. Masking countermeasure have been applied to international standard SEED algorithm. Masked SEED algorithm proposed by Cho et al, not only protects against first order power analysis attacks but also efficient by reducing the execution of Arithmetic to Boolean converting function. In this paper, we analyze the vulnerability of Cho's algorithm against first order power analysis attacks. We targeted additional pre-computation to improve the efficiency in order to recover the random mask value being exploited in first order power analysis attacks. We describe weakness by considering both theoretical and practical aspects and are expecting to apply on every device equipped with cho's algorithm using the proposed attack method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.7
• /
• pp.1608-1616
• /
• 2015

This paper describes an efficient hardware implementation of lightweight encryption algorithm LEA-128/192/256 which supports for three master key lengths of 128/192/256-bit. To achieve area-efficient and low-power implementation of LEA crypto- processor, the key scheduler block is optimized to share hardware resources for encryption/decryption key scheduling of three master key lengths. In addition, a parallel register structure and novel operating scheme for key scheduler is devised to reduce clock cycles required for key scheduling, which results in an increase of encryption/decryption speed by 20~30%. The designed LEA crypto-processor has been verified by FPGA implementation. The estimated performances according to master key lengths of 128/192/256-bit are 181/162/109 Mbps, respectively, at 113 MHz clock frequency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.4
• /
• pp.21-28
• /
• 2009

In the recent years, power attacks were widely investigated, and so various countermeasures have been proposed, In the case of block ciphers, masking methods that blind the intermediate values in the algorithm computations(encryption, decryption, and key-schedule) are well-known among these countermeasures. But the cost of non-linear part is extremely high in the masking method of block cipher, and so the inversion of S-box is the most significant part in the case of AES. This fact make various countermeasures be proposed for reducing the cost of masking inversion and Zakeri's method using normal bases over the composite field is known to be most efficient algorithm among these masking method. We rearrange the masking inversion operation over the composite field and so can find duplicated multiplications. Because of these duplicated multiplications, our method can reduce about 10.5% gates in comparison with Zakeri's method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.29-40
• /
• 2005

In this paper we consider the security of recently proposed software-orienred stram cipher HELIX, SCREAM, MUGI, and PANAMA against algebraic attacks. Algebraic attack is a key recovery attack by solving an over-defined system of multi-variate equations with input-output pairs of an algorithm. The attack was firstly applied to block ciphers with some algebraic properties and then it has been mon usefully applied to stream ciphers. However it is difficult to obtain over-defined algebraic equations for a given cryptosystem in general. Here we analyze recently proposed software-oriented stream ciphers by constructing a system of equations for each cipher. furthermore we propose three design considerations of software-oriented stream ciphers.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.2
• /
• pp.1-9
• /
• 2010

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. In this paper, we propose a SPN which has a symmetric structure in encryption and decryption. The whole operations of proposed algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2 round, applies a right function and the last half of them, (N+1)/2 to N round, employs an inverse function. And a symmetry layer is located in between the right function layer and the inverse function layer. In this paper, AES encryption and decryption function are selected for the right function and the inverse function, respectively. The symmetric layer is composed with simple matrix and round key addition. Due to the simplicity of the symmetric SPN structure in hardware implementation, the proposed modified AES is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.39 no.11
• /
• pp.33-43
• /
• 2002

This paper describes a design of cryptographic processor that implements the AES (Advanced Encryption Standard) block cipher algorithm "Rijndael". To achieve high throughput rate, a sub-pipeline stage is inserted into a round transformation block, resulting that two consecutive round functions are simultaneously operated. For area-efficient and low-power implementation, the round transformation block is designed to share the hardware resources for encryption and decryption. An efficient on-the-fly key scheduler is devised to supports the three master-key lengths of 128-b/192-b/256-b, and it generates round keys in the first sub-pipeline stage of each round processing. The Verilog-HDL model of the cryptoprocessor was verified using Xilinx FPGA board and test system. The core synthesized using 0.35-${\mu}m$ CMOS cell library consists of about 25,000 gates. Simulation results show that it has a throughput of about 520-Mbits/sec with 220-MHz clock frequency at 2.5-V supply.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.3
• /
• pp.79-89
• /
• 2013

This paper proposes a watermarking scheme to protect ownership of a digital hologram, an ultra-high value-added content. It performs pre-defined levels of quad-tree Fresnelet transforms. The relationship among the same-positional-blocks is extracted as the digital pre-watermark. For the relationship, we use properties of a digital hologram that a hologram pixel retains all the information of the object and that the same size of partial holograms reconstructs the same size of object but different in their view points. Also we mix a set of private data with the pre-watermark and the result is encrypted by a block cipher algorithm with a private key. Experimental results showed that the proposed scheme is very robust for the various malicious and non-malicious attacks. Also because it extracts the watermarking data instead of inserting, the watermarking process does not harm the original hologram data. So, it is expected to be used effectively for invisible and robust watermark for digital holograms.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.5
• /
• pp.2322-2326
• /
• 2011

General cryptosystem uses differently the data and key value for the increment of security level, processes the repetition of limited number and increases the periodic feature of LFSR similar infinite series. So, it cause the efficiency of the cryptosystem. In this thesis, proposed algorithm is composed of reformat, permutation, data cipher block and key scheduler which is applied the new function by mixed symmetric cryptography and asymmetric cryptography. We design the cryptosystem of smart card using the common Synopsys and simulate by ALTERA MAX+PLUS II at 40MHz. Consequently, we confirm the 52% increment of processing rate and the security level of 16 rounds.