• Journal of KIISE
• /
• v.44 no.5
• /
• pp.537-544
• /
• 2017

As a special form of the signed-digit representation, the NAF(non-adjacent form) minimizes the hamming weight by reducing the average density of the non-zero bits from the binary representation of the positive integer k. Due to this advantage, the NAF is used in various fields; in particular, it is actively used in cryptology. The existing NAF-conversion algorithm, however, is problematic because the conversion speed decreases when the LSB(least significant bit) frequently becomes "1" during the binary positive integer conversion process. This paper suggests a method for the improvement of the NAF-conversion speed for which the problems that occur in the existing NAF-conversion process are solved. To verify the performance improvement of the algorithm, the CPU cycle for the various inputs were measured on the ATmega128, a low-performance 8-bit microprocessor. The results of this study show that, compared with the existing algorithm, the suggested algorithm not only improved the processing speed of the major patterns by 20% or more on average, but it also reduced the NAF-conversion time by 13% or more.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1319-1326
• /
• 2015

The symmetric key encryption algorithms, such as the AES or the ARIA, generate round keys by the key expansion mechanism. While the algorithm is executed, key expansion mechanism emits information about the secret key by the power consumption. The vulnerability exists that can reduce significantly the candidate of the secret key by the simple power analysis attack using a small number of the power traces. Therefore, we'll have to study about the attack and the countermeasure to prevent information leakage. While a simple power analysis attack on the AES key expansion has been studied since 2002, ARIA is insufficient. This paper presents a simple power analysis attack on 8-bit implementations of the ARIA-128 key expansion. The presented attack efficiently utilizes this information leakage to substantially reduce the key space that needs to be considered in a brute-force search for the secret key. We show that ARIA is vulnerable to a SPA attack based on hamming weight leakage.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.13-18
• /
• 2018

Efficiency is one of the most important factors in cryptographic systems. Cheon et al. proposed a new exponent form for speeding up the exponentiation operation in discrete logarithm based cryptosystems. It is called split exponent with the form $e_1+{\alpha}e_2$ for a fixed element ${\alpha}$ and two elements $e_1$, $e_2$ with low Hamming weight representations. They chose $e_1$, $e_2$ in two unbalanced subsets $S_1$, $S_2$ of $Z_p$, respectively. We achieve efficiency improvement making $S_1$, $S_2$ balanced subsets of $Z_p$. As a result, speedup for exponentiations on binary fields is 9.1% and speedup for scalar multiplications on Koblitz Curves is 12.1%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1045-1057
• /
• 2022

Recently, the National Institute of Standards and Technology (NIST) announced four cryptographic algorithms as a standard candidates of Post-Quantum Cryptography (PQC). In this paper, we show that private key can be exposed by a non-profiling-based power analysis attack such as Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) on CRYSTALS-KYBER algorithm, which is decided as a standard in the PKE/KEM field. As a result of experiments, it was successful in recovering the linear polynomial coefficient of the private key. Furthermore, the private key can be sufficiently recovered with a 13.0 Normalized Maximum Margin (NMM) value when Hamming Weight of intermediate values is used as a label in DDLA. In addition, these non-profiling attacks can be prevented by applying countermeasures that randomly divides the ciphertext during the decryption process and randomizes the starting point of the coefficient-wise multiplication operation.

• The Journal of the Acoustical Society of Korea
• /
• v.38 no.6
• /
• pp.716-723
• /
• 2019

Fingerprint matching accuracy is essential in deploying a music search service. This paper deals with a method to improve fingerprint matching accuracy by utilizing an auxiliary information which is called power weight. Power weight is an expected robustness of each hash bit. While the previous power mask binarizes the expected robustness into strong and weak bits, the proposed method utilizes a real-valued function of the expected robustness as weights for fingerprint matching. As a countermeasure to the increased storage cost, we propose a compression method for the power weight which has strong temporal correlation. Experiments on the publicly-available music datasets confirmed that the proposed power weight is effective in improving fingerprint matching performance.

• Bulletin of the Korean Mathematical Society
• /
• v.49 no.1
• /
• pp.135-143
• /
• 2012

We present two kinds of construction methods for self-dual codes over $\mathbb{F}_2+u\mathbb{F}_2$. Specially, the second construction (respectively, the first one) preserves the types of codes, that is, the constructed codes from Type II (respectively, Type IV) is also Type II (respectively, Type IV). Every Type II (respectively, Type IV) code over $\mathbb{F}_2+u\mathbb{F}_2$ of free rank larger than three (respectively, one) can be obtained via the second construction (respectively, the first one). Using these constructions, we update the information on self-dual codes over $\mathbb{F}_2+u\mathbb{F}_2$ of length 9 and 10, in terms of the highest minimum (Hamming, Lee, or Euclidean) weight and the number of inequivalent codes with the highest minimum weight.

• JSTS:Journal of Semiconductor Technology and Science
• /
• v.12 no.4
• /
• pp.418-425
• /
• 2012

In this paper, efficient implementation of error correction code (ECC) processing circuits based on single error correction and double error detection (SEC-DED) code with check bit pre-computation is proposed for memories. During the write operation of memory, check bit pre-computation eliminates the overall bits computation required to detect a double error, thereby reducing the complexity of the ECC processing circuits. In order to implement the ECC processing circuits using the check bit pre-computation more efficiently, the proper SEC-DED codes are proposed. The H-matrix of the proposed SEC-DED code is the same as that of the odd-weight-column code during the write operation and is designed by replacing 0's with 1's at the last row of the H-matrix of the odd-weight-column code during the read operation. When compared with a conventional implementation utilizing the odd-weight- column code, the implementation based on the proposed SEC-DED code with check bit pre-computation achieves reductions in the number of gates, latency, and power consumption of the ECC processing circuits by up to 9.3%, 18.4%, and 14.1% for 64 data bits in a word.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1443-1454
• /
• 2016

Balanced encoding method that implement Dual-rail logic style based on hardware technique to software is efficient countermeasure against side-channel analysis without additional memory. Since balanced encoding keep Hamming weight and/or Hamming distance of intermediate values constantly, using this method can be effective as countermeasure against side channel analysis due to elimination of intermediate values having HW and/or HD relating to secret key. However, former studies were presented for Constant XOR operation, which can only be applied to crypto algorithm that can be constructed XOR operation, such as PRINCE. Therefore, our first proposal of new Constant ADD, Shift operations can be applied to various symmetric crypto algorithms based on ARX. Moreover, we did not used look-up table to obtain efficiency in memory usage. Also, we confirmed security of proposed Constant operations with Mutual Information Analysis.

• Journal of the Korean Mathematical Society
• /
• v.44 no.5
• /
• pp.1139-1162
• /
• 2007

We examine the main linear coding theory problem and study the structure of optimal linear codes over the ring ${\mathbb{Z}}_m$. We derive bounds on the maximum Hamming weight of these codes. We give bounds on the best linear codes over ${\mathbb{Z}}_8$ and ${\mathbb{Z}}_9$ of lengths up to 6. We determine the minimum distances of optimal linear codes over ${\mathbb{Z}}_4$ for lengths up to 7. Some examples of optimal codes are given.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.18 no.8
• /
• pp.1128-1135
• /
• 1993

In this paper, new binary cyclic codes (hereafter, refered to as GMW code) which are generated by using GMW sequence, g(t) = tr((trk(a))r), and its cyclic shifts are introduced. Code length of GMW codes is 2a-1, where k is composite integer, e·J. Dimension of the GMW codes is k(k/j)w-1, where w is a Hamming weight of r. Several properties of GMW codes such as designed distance, minimum distance, and weights of code words are obtained in terms of parameters of GMW sequences. And expansion of GMW sequences in terms of m-sequence and its decimation sequences are introduced and characteristic polynomials of GMW sequences are also derived.