• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.325-336
• /
• 2020

Nonlinear Invariant Attack is an attack that should be considered when constructing lightweight block ciphers with relatively simple key schedule. A shortcut to prove a block cipher's resistance against nonlinear invariant attack is checking the smallest dimension of linear layer-invariant linear subspace which contains all known differences between round keys is equal to the block size. In this paper, we presents the following results. We identify the structure and number of optimal bit-permutations which require only one known difference between round keys for a designer to show that the corresponding block cipher is resistant against nonlinear invariant attack. Moreover, we show that PRESENT-like block ciphers need at least two known differences between round keys by checking all PRESENT-like bit-permutations. Additionally, we verify that the variants of PRESENT-like bit-permutations requiring the only two known differences between round keys do not conflict with the resistance against differential attack by comparing the best differential trails. Finally, through the distribution of the invariant factors of all bit-permutations that maintain BOGI logic with GIFT S-box, GIFT-variant block ciphers require at least 8 known differences between round keys for the resistance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.347-355
• /
• 2018

Ransomware uses symmetric-key algorithm such as a block cipher to encrypt users' files illegally. If we find the traces of a block cipher algorithm in a certain program in advance, the ransomware will be detected in increased rate. The inclusion of a block cipher can consider the encryption function will be enabled potentially. This paper proposes a way to determine whether a particular program contains a block cipher. We have studied the implementation characteristics of various block ciphers, as well as the AES used by ransomware. Based on those characteristics, we are able to find what kind of block ciphers have been contained in a particular program. The methods proposed in this paper will be able to detect ransomware with high probability by complementing the previous detection methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.77-86
• /
• 2005

Related-Cipher attack was introduced by Hongjun Wu in 2002. We can consider related ciphers as block ciphers with the same round function but different round number and their key schedules do not depend on the total round number. This attack can be applied to block ciphers when one uses some semi-equivalent keys in related ciphers. In this paper we introduce differential related-cipher attacks on block ciphers, which combine related-cipher attacks with differential cryptanalysis. We apply this attack to the block cipher ARIA and SC2000. Furthermore, related-cipher attack can be combined with other block cipher attacks such as linear cryptanalysis, higher-order differential cryptanalysis, and so on. In this point of view we also analyze some other block ciphers which use flexible number of rounds, SAFER++ and CAST-128.

• Proceedings of the Korea Electromagnetic Engineering Society Conference
• /
• 2005.11a
• /
• pp.131-136
• /
• 2005

UWB is the most spotlighted wireless technology that transmits data at very high rates using low power over a wide spectrum of frequency band. UWB technology makes it possible to transmit data at rate over 100Mbps within 10 meters. To preserve important header information, MB-OFDM UWB adopts Reed-Solomon(23,17) code. In receiver, RS decoder needs high speed and low latency using efficient hardware. In this paper, we suggest the architecture of RS decoder for MB-OFDM UWB. We adopts Modified-Euclidean algorithm for key equation solver block which is most complex in area. We suggest pipelined processing cell for this block and show the detailed architecture of syndrome, Chien search and Forney algorithm block. At last, we show the hardware implementation results of RS decoder for ASIC implementation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2941-2956
• /
• 2013

In this paper, we propose an effective fragile image watermarking scheme for tampering detection and content recovery. Cover image is divided into a series of non-overlapping blocks and a block mapping relationship is constructed by the secret key. Several DCT coefficients with direct current and lower frequencies of the MSBs for each block are used to generate the reference bits, and different coefficients are assigned with different bit numbers for representation according to their importance. To enhance recovery performance, authentication bits are generated by the MSBs and the reference bits, respectively. After LSB substitution hiding, the embedded watermark bits in each block consist of the information of itself and its mapping blocks. On the receiver side, all blocks with tampered MSBs can be detected and recovered using the valid extracted reference bits. Experimental results demonstrate the effectiveness of the proposed scheme.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.195-198
• /
• 2005

UWB is the most spotlighted wireless technology that transmits data at very high rates using low power over a wide spectrum of frequency band. UWB technology makes it possible to transmit data at rate over 100Mbps within 10 meters. To preserve important header information, MBOFDM UWB adopts Reed-Solomon(23,17) code. In receiver, RS decoder needs high speed and low latency using efficient hardware. In this paper, we suggest the architecture of RS decoder for MBOFDM UWB. We adopts Modified-Euclidean algorithm for key equation solver block which is most complex in area. We suggest pipelined processing cell for this block and show the detailed architecture of syndrome, Chien search and Forney algorithm block. At last, we show the hardware implementation results of RS decoder for ASIC implementation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.7
• /
• pp.1495-1500
• /
• 2011

Dynamic cipher has the property that the key-size, the number of round, and the plain text-size are scalable simultaneously. In this paper we propose the block cipher algorithm which is symmetrical in the dynamic network. We present the method for designing secure Dynamic cipher against meet-in-the-middle attack and linear crytanalysis. Also, we show that the differential cryptanalysis to Dynamic cipher is hard.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5773-5784
• /
• 2019

ARIA is an involutory SPN block cipher. Its block size is 128-bit and the master key sizes are 128/192/256-bit, respectively. Accordingly, they are called ARIA-128/192/256. As we all know, ARIA is a Korean Standard block cipher nowadays. This paper focuses on the security of ARIA against impossible differential attack. We firstly construct a new 4-round impossible differential of ARIA. Furthermore, based on this impossible differential, a new 7-round impossible differential attack on ARIA-256 is proposed in our paper. This attack needs 2¹¹⁸ chosen plaintexts and 2²¹⁰ 7-round encryptions. Comparing with the previous best result, we improve both the data complexity and time complexity. To our knowledge, it is the best impossible differential attack on ARIA-256 so far.

• Journal of Advanced Navigation Technology
• /
• v.16 no.3
• /
• pp.510-517
• /
• 2012

Piccolo-80 is a 64-bit ultra-light block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose a differential fault analysis on Piccolo-80. Based on a random byte fault model, our attack can the secret key of Piccolo-80 by using the exhaustive search of $2^{24}$ and six random byte fault injections on average. It can be simulated on a general PC within a few seconds. This result is the first known side-channel attack result on Piccolo-80.

• Journal of International Society for Simulation Surgery
• /
• v.3 no.2
• /
• pp.90-92
• /
• 2016

Horizontal bone defect in the anterior maxilla makes it difficult to place dental implant. The golden standard for bone augmentation is autogenous block bone graft. Tight contact with recipient site and rigid fixation are two key factors for successful block bone graft. Ramal bone graft has been the most reliable methods for dental implant field. However, the curvature of the alveolar ridge is different from ramal bone shape. Intraoperative trimming of ramal bone is cumbersome for surgeon. In this technical note, a simple way to design the ramal bone harvest using bone wax stent is reviewed.