• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.8
• /
• pp.1044-1051
• /
• 2020

The age of quantum computers is coming soon. In order to prepare for the upcoming future, the National Institute of Standards and Technology has recruited candidates to set standards for post quantum cryptography to establish a future cryptography standard. The submitted ciphers are expected to be safe from quantum algorithm attacks, but it is necessary to verify that the submitted algorithm is safe from quantum attacks using quantum algorithm even when it is actually operated on a quantum computer. Therefore, in this paper, we investigate an efficient quantum gate implementation for binary field multiplication of code based post quantum cryptography to work on quantum computers. We implemented the binary field multiplication for two field polynomials presented by Classic McEliece and three field polynomials presented by ROLLO in generic algorithm and Karatsuba algorithm.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.8
• /
• pp.165-170
• /
• 2020

As the IoT (Internet of Things) era is activated, a lot of information including personal information is being transmitted through IoT devices. For information protection, it is important to perform cryptography communication, and it is required to use a lightweight security protocol due to performance limitations. Currently, most of the encryption methods used in the security protocol use RSA and ECC (Elliptic Curve Cryptography). However, if a high performance quantum computer is developed and the Shor algorithm is used, it can no longer be used because it can easily solve the stability problems based on the previous RSA and ECC. Therefore, in this paper, we designed a security protocol that is resistant to the computational power of quantum computers. The code-based crypto ROLLO, which is undergoing the NIST (National Institute of Standards and Technology) post quantum cryptography standardization, was used, and a hash and XOR computation with low computational consumption were used for mutual communication between IoT devices. Finally, a comparative analysis and safety analysis of the proposed protocol and the existing protocol were performed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.73-83
• /
• 2018

There has been increasing interest from NIST and other companies in studying post-quantum cryptography in order to resist against quantum computers. Multivariate polynomial based, code based, lattice based, hash based digital signature, and isogeny based cryptosystems are one of the main categories in post quantum cryptography. Among these categories, isogeny based cryptosystem is known to have shortest key length. In this paper, we implemented Supersingular Isogeny Diffie-Hellman (SIDH) protocol efficiently on low-end mobile device. Considering the device's specification, we select supersingular curve on 523 bit prime field, and generate efficient isogeny computation tree. Our implementation of SIDH module is targeted for 32bit environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.697-708
• /
• 2019

In this paper, we propose and implement a method to optimize Rainbow for 8 bit MCU(Microcontroller Unit). As quantum computers have been developed, the security of existing cryptography, especially the signature algorithms, has been threatened, so it is necessary to apply a signature scheme with a quantum-resistance to IoT devices. Currently, the proposed PQC(Post Quantum Cryptography) are lattice-based, hash-based, code-based, and MQ(Multivariate Quadratic)-based cryptographic algorithms and signature schemes. In particular, MQ-based signature schemes are faster than conventional signature schemes and are suitable for IoT devices Do. However, it is difficult to apply 8-bit MCU, which has a large key length and large number of computations, to the memory and performance of IoT devices. In this paper, we propose a method of storing Rainbow, which is a MQ-based signing scheme, in 8-bit MCU by dividing the key and optimizing the computation method. By reducing the memory consumption and improving the algorithm speedily, Compare performance.

• Transactions on Semiconductor Engineering
• /
• v.1 no.1
• /
• pp.1-8
• /
• 2023

This paper presents the design and implementation of Crystals-Kyber, a next-generation postquantum cryptography, as a hardware accelerator on an FPGA using High-Level Synthesis (HLS). We optimized the Crystals-Kyber algorithm using various directives provided by Vitis HLS, configured the AXI interface, and designed a hardware accelerator that can be implemented on an FPGA. Then, we used Vivado tool to design the IP block and implement it on the ZYNQ ZCU106 FPGA. Finally, the video was recorded and H.264 compressed with Python code in the PYNQ framework, and the video encryption and decryption were accelerated using Crystals-Kyber hardware accelerator implemented on the FPGA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.439-448
• /
• 2017

It is news from nowhere that post-quantum cryptography has side-channel analysis vulnerability. Side-channel analysis attack method and countermeasures for code-based McEliece cryptosystem and lattice-based NTRU cryptosystem have been investigated. Unfortunately, the investigation of the ring-LWE cryptosystem in terms of side-channel analysis is as yet insufficient. In this paper, we propose a chosen ciphertext simple power analysis attack that can be applied when ring-LWE cryptography operates on 8-bit devices. Our proposed attack can recover the key only with [$log_2q$] traces. q is a parameter related to the security level. It is used 7681 and 12289 to match the common 128 and 256-bit security levels, respectively. We identify the vulnerability through experiment that can reveal the secret key in modular add while the ring-LWE decryption performed on real 8-bit devices. We also discuss the attack that uses a similarity measurement method for two vectors to reduce attack time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1099-1112
• /
• 2018

The field of post-quantum cryptography (PQC) is an active area of research as cryptographers look for public-key cryptosystems that can resist quantum adversaries. Among those categories in PQC, code-based cryptosystem provides high security along with efficiency. Recent works on code-based cryptosystems focus on the side-channel resistant implementation since previous works have indicated the possible side-channel vulnerabilities on existing algorithms. In this paper, we recovered the secret key in HyMES(Hybrid McEliece Scheme) using a single power consumption trace. HyMES is a variant of McEliece cryptosystem that provides smaller keys and faster encryption and decryption speed. During the decryption, the algorithm computes the parity-check matrix which is required when computing the syndrome. We analyzed HyMES using the fact that the joint distributions of nonlinear functions used in this process depend on the secret key. To the best of our knowledge, we were the first to propose the side-channel analysis based on joint distributions of leakages on public-key cryptosystem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.781-793
• /
• 2020

In this paper, we propose a new RLWE-based scheme named μ-Hope that exploits Error Correcting Code(ECC) on NewHope. The previous parameters of NewHope uses 12289 as a prime modulus, and the size of the public key, private key, and ciphertext is 928-byte, 1888-byte, and 1120-byte respectively, which can be said to be larger than other RLWE based algorithms. In this paper, we propose μ-Hope, which changes modulus 12289 to 769 to reduce the size of the public key, private key, and ciphertext. Also, we adopts XE1 as an Error Correcting Code(ECC) to solve the increased decryption failure rate caused by using a small prime modulus. As a result, the size of the public key, private key, and ciphertext decreased by 38%, 37%, and 37% respectively. As the computational efficiency caused by using a small prime modulus exceeds the performance degradation by exploiting ECC, this result in 25% performance improvement for a single key exchange.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.157-166
• /
• 2024

Probability of decryption failure of a public key cryptography based on LWE(learning with errors) is determined by its architecture and parameter settings. Since large decryption failure probability leads to attacks[1] on scheme as well as degradation of performance, TiGER[2], a Ring-LWE(R)-based KEM proposed for the first round of KpqC, tried to reduce the decryption failure probability by using error correction code Xef and D2 encoding method. However, D'Anvers et al. has shown that the commonly assumed independence of each bit error is not established since in the case of an encryption scheme based on Ring-LWE(R) using an error correction code, there is error dependency which is not negligible[3]. In this paper, since TiGER does not consider the error dependency, we calcualte the decryption failure probability of TiGER by considering the error dependency. In addition, we found that the bit error probability is incorrectly calculated in TiGER, so we present the correct calculation.