• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.3-14
• /
• 2007

In this paper, we observe that secure tweakable permutation families in the sense of strong pseudorandom permutation (SPRP) can be transformed to secure permutation families in the sense of SPRP against related-key attacks (SPRP-RKA). This fact allows us to construct a secure SPRP-RKA which is the most efficient to date. We also observe that secure function families of a certain form in the sense of a pseudorandom function (PRF) can be transformed to secure permutation families in the sense of PRP-RKA. We can exploit it to get various secure constructions against related-key attacks from known MAC algorithms. Furthermore, we define other security notions for related-key attacks, namely indistinguishability and non-malleability, and look into the relations between the security notions fur related-key attacks. We show that secure tweakable permutation families in the sense of indistinguishability (resp. non-malleability) can be transformed to secure permutation families in the sense of indistinguishability (resp. non-malleability) against related-key attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.3-16
• /
• 2010

Key derivation functions are used within many cryptographic systems in order to generate various keys from a fixed short key string. In this paper we survey a state-of-the-art in the key derivation functions and wish to examine the soundness of the functions on the view point of provable security. Especially we focus on the key derivation functions using pseudorandom functions which are recommended by NISI recently, and show that the variant of Double-Pipeline Iteration mode using pseudorandom permutations is a pseudorandom function. Block ciphers can be regarded as practical primitives of pseudorandom permutations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.55-66
• /
• 2001

In this paper, we analyze the security of OFB encryption mode which is one of the basic modes of operation for the block cipher and the security of 3GPP f8 encryption mode used to provide the data confidentiality over a radio access link of W-CDMA IMT-2000. We provide the lower bound and the upper bound on security of both modes in random function model and random permutation model, respectively, by means of the left-or-right security notion, and prove the security of both modes using a pseudorandom function and a pseudorandom permutation, respectively.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.42 no.6
• /
• pp.27-32
• /
• 2005

An effective video watermarking algorithm is proposed to protect the copyright. The watermarking procedure is based on a three-dimensional discrete wavelet transform (3D DWT) and spread spectrum sequences. Two perceptual binary watermarks are preprocessed using mixing and pseudorandom permutation. After dividing the video sequence into video shots, the 3D DWT is performed, then the preprocessed watermarks are embedded into the 3D DWT coefficients, while considering robustness and invisibility, using two spread spectrum sequences defined as the user key. Experimental results show that the watermarked frames are subjectively indistinguishable from the original frames, plus the proposed video watermarking algorithm is sufficiently robust against such attacks as low pass filtering, frame dropping, frame average, and MPEG coding.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.35-42
• /
• 2007

We describe the problem of reducing the key material in the Even-Mansour cipher without security degradation. Even and Mansour proposed a block cipher based on XORing secret key material just prior to and after applying random oracle permutation P such that $C=k_2\bigoplus P(M\bigoplus k_1)$. Recently, Gentry and Ramzan showed that this scheme in the random permutation oracle can be replaced by the four-round Feistel network construction in the random function oracle and also proved that their scheme is super-pseudorandom. In this paper we reduce the key size from 2n to n, which is the optimal key size of Even-Mansour cipher in the random function oracle model and also give almost the same level of security.

• Journal of KIISE:Computer Systems and Theory
• /
• v.28 no.1_2
• /
• pp.45-51
• /
• 2001

정보 처리량이 증가함에 따라 한번에 많은 양의 평문을 암호화 할 수 있는 입출력이 큰 블록 암호기의 필요성이 대두되고 있다. 하지만 입출력이 큰 블록 암호기를 직접 구현하는 것은 많은 비용이 든다. 따라서 이 논문에서는 기존에 존재하는 블록 암호기를 이용해서 입출력이 큰 블록 암호기를 구현할 수 있는 방법을 제안한다. 그런 뒤 새로 제안된 비대칭 피스텔 네트웍 구조가 안전한 블록 암호기가 되기 위한 조건을 분석한다. 논문의 결과는 다음과 같다. 확장 가능한 비대칭 피스텔 네트웍이 입력과 출력의 크기가 모두 n 비트인 유사 랜덤 함수 생성기를 사용하는 경우, k가 홀수이고 전체 라운드 수가 2k+1이상이면 유사 랜덤 순열 생성기이다.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.573-580
• /
• 2002

Within the security architecture of the 3GPP system there is a standardised integrity algorithm f9. The integrity algorithm f9 computes a MAC to authenticate the data integrity and data origin of signalling data over a radio access link of W-CDMA IMT-2000. f9 is a variant of the standard CBC MAC based on the block cipher KASUMI. In this paper we provide the provable security of f9 We prove that f9 is secure by giving concrete bound on an adversary's inability to forge in terms of her inability to distinguish the underlying block cipher from a pseudorandom permutation.