• Journal of IKEEE
• /
• v.22 no.2
• /
• pp.233-241
• /
• 2018

This paper describes a lightweight implementation of a cryptographic processor supporting GCM (Galois/Counter Mode) authenticated encryption (AE) that is based on the two block cipher algorithms of ARIA and AES. It also provides five modes of operation (ECB, CBC, OFB, CFB, CTR) for confidentiality as well as the key lengths of 128-bit and 256-bit. The ARIA and AES are integrated into a single hardware structure, which is based on their algorithm characteristics, and a $128{\times}12-b$ partially parallel GF (Galois field) multiplier is adopted to efficiently perform concurrent processing of CTR encryption and GHASH operation to achieve overall performance optimization. The hardware operation of the ARIA/AES-GCM AE processor was verified by FPGA implementation, and it occupied 60,800 gate equivalents (GEs) with a 180 nm CMOS cell library. The estimated throughput with the maximum clock frequency of 95 MHz are 1,105 Mbps and 810 Mbps in AES mode, 935 Mbps and 715 Mbps in ARIA mode, and 138~184 Mbps in GCM AE mode according to the key length.

• Journal of Communications and Networks
• /
• v.18 no.3
• /
• pp.273-287
• /
• 2016

White-box cryptography presented by Chow et al. is an obfuscation technique for protecting secret keys in software implementations even if an adversary has full access to the implementation of the encryption algorithm and full control over its execution platforms. Despite its practical importance, progress has not been substantial. In fact, it is repeated that as a proposal for a white-box implementation is reported, an attack of lower complexity is soon announced. This is mainly because most cryptanalytic methods target specific implementations, and there is no general attack tool for white-box cryptography. In this paper, we present an analytic toolbox on white-box implementations of the Chow et al.'s style using lookup tables. According to our toolbox, for a substitution-linear transformation cipher on n bits with S-boxes on m bits, the complexity for recovering the $$O\((3n/max(m_Q,m))2^{3max(m_Q,m)}+2min\{(n/m)L^{m+3}2^{2m},\;(n/m)L^32^{3m}+n{\log}L{\cdot}2^{L/2}\}\)$$, where $m_Q$ is the input size of nonlinear encodings,$m_A$ is the minimized block size of linear encodings, and $L=lcm(m_A,m_Q)$. As a result, a white-box implementation in the Chow et al.'s framework has complexity at most $O\(min\{(2^{2m}/m)n^{m+4},\;n{\log}n{\cdot}2^{n/2}\}\)$ which is much less than $2^n$. To overcome this, we introduce an idea that obfuscates two advanced encryption standard (AES)-128 ciphers at once with input/output encoding on 256 bits. To reduce storage, we use a sparse unsplit input encoding. As a result, our white-box AES implementation has up to 110-bit security against our toolbox, close to that of the original cipher. More generally, we may consider a white-box implementation of the t parallel encryption of AES to increase security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.83-92
• /
• 2007

In connectionless packet network, if a sender encrypts packets by block chaining mode and send it to receiver, the receiver should decrypt packets in encrypted order that is not received order. Therefore, the performance and efficiency are lowered for crypto communication system. To solve this problem, we propose packet encryption scheme for connectionless packet network that can decrypt the packets independently, even if the received order of packets are changed or packets are missed. The scheme makes new IV(Initial Vector) using IV that created by key exchange process and salt that made by random number. We propose extended Cryptoki API that added packet encryption/decryption functions and mechanism for improving convenience and performance. We implement the scheme and get result that the performance increased about $1.5{\sim}l5.6$ times compare with in case of implementing using Cryptoki API in the test environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.183-194
• /
• 2004

The proliferation of the Internet and the rapid progress of wire/wireless communication technology makes security of digital images more and more important since the exchanges of digital images occur more and more frequently. And as the tight relationship between chaos theory and cryptography, many researches for development of new encryption systems based on chaotic maps have been widely progressed recently. In this paper, we propose a digital image encryption system based on both one-dimensional PLCM(Piecewise Linear Chaotic Map) and two-dimensional baker map. This proposed system is a product cipher that contains a perturbance-based chaotic stream cipher based on ID PLCM and a chaotic block cipher based on 2D baker map and is very high secure and easily implementable cipher having both a good confusion property and a good diffusion property. And with test results, we showed this system is very secure against statistical attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.1
• /
• pp.108-113
• /
• 2008

A proposed system can decrypt each contents block through a double buffer algorithm which can continually buffer contents by dividing a multimedia contents into some blocks and provides more improved method of encryption than existing system by being not capable of decrypting the whole multimedia contents if one key is exposed. Also, using digital signature and public encryption algorithm for mutual authentication between systems, this paper proposes the system which sends and encrypts symmetric keys for contents encryption through SOAP messages.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.57 no.9
• /
• pp.1652-1659
• /
• 2008

With the increase of huge amount of data in network systems, ultimate high-speed network has become an essential requirement. In such systems, the encryption and decryption process for security becomes a bottle-neck. For this reason, the need of hardware implementation is strongly emphasized. In this study, a mixed inner and outer round pipelining architecture is introduced to achieve high speed performance of ARIA hardware. Multiplexers are used to control the lengths of rounds for 3 types of keys. Merging of encryption module and key initialization module increases the area efficiency. The proposed hardware architecture is implemented on reconfigurable hardware, Xilinx Virtex2-pro. The hardware architecture in this study shows that the area occupied 6437 slices and 128 BRAMs, and it is translated to throughput of 24.6Gbit/s with a maximum clock frequency of 192.9MHz.

• ETRI Journal
• /
• v.43 no.6
• /
• pp.1113-1129
• /
• 2021

Lightweight ciphers are increasingly employed in cryptography because of the high demand for secure data transmission in wireless sensor network, embedded devices, and Internet of Things. The PRESENT algorithm as an ultralightweight block cipher provides better solution for secure hardware cryptography with low power consumption and minimum resource. This study generates the key using key rotation and substitution method, which contains key rotation, key switching, and binary-coded decimal-based key generation used in image encryption. The key rotation and substitution-based PRESENT architecture is proposed to increase security level for data stream and randomness in cipher through providing high resistance to attacks. Lookup table is used to design the key scheduling module, thus reducing the area of architecture. Field-programmable gate array (FPGA) performances are evaluated for the proposed and conventional methods. In Virtex 6 device, the proposed key rotation and substitution PRESENT architecture occupied 72 lookup tables, 65 flip flops, and 35 slices which are comparably less to the existing architecture.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.125-128
• /
• 2011

This paper describes an efficient hardware implementation of HIGHT block cipher algorithm, which was approved as standard of cryptographic algorithm by KATS(Korean Agency for Technology and Standards) and ISO/IEC. The HIGHT algorithm, which is suitable for ubiquitous computing devices such as a sensor in USN or a RFID tag, encrypts a 64-bit data block with a 128-bit cipher key to make a 64-bit cipher text, and vice versa. For area-efficient and low-power implementation, we optimize round transform block and key scheduler to share hardware resources for encryption and decryption. The HIGHT64 core synthesized using a $0.35-{\mu}m$ CMOS cell library consists of 3,226 gates, and the estimated throughput is 150-Mbps with 80-MHz@2.5-V clock.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.35-44
• /
• 2011

The PP-1/64-128 block cipher support variety data block and secret key size. Also, it is suitable for hardware implementation and can much easier to apply Concurrent Error Detection(CED) for cryptographic chips compared to other block ciphers, because it has same encryption and decryption process. In this paper, we proposed truncated differential cryptanalysis of PP-1/64-128. the attack on PP-1/64-128 block cipher requires $2^{50.16}$ chosen plaintexts, $2^{46.16}$ bytes memory spaces and $2^{50.45}$ PP-1/64-128 encryption to retrieve secret key. This is the best result of currently known PP-1/64-128 differential cryptanalysis.

• Journal of Advanced Navigation Technology
• /
• v.24 no.2
• /
• pp.134-141
• /
• 2020

Telemetry system is a communication system that measures and transmits various signals in the aircraft to the ground for collecting and monitoring flight data during the development of unmanned air vehicle and satellite launch vehicles. With the recent development of wireless communication technology, it is becoming important to apply encryption of telemetry system to prepare with security threats that may occur during flight data transmission. In this paper, we suggested and implemented the application method of ARIA-256, Korean standard encryption algorithm, to apply encryption to telemetry system. In consideration of the block error propagation and the telemetry frame characteristics, frame is encrypted using the CTR mode and can apply the Reed-solomon codes recommended by CCSDS. ARIA algorithm and cipher frame are implemented in FPGA, and simulation and hardware verification system confirmed continuous frames encryption.