• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2005.10a
• /
• pp.117-122
• /
• 2005

신기술을 개발하기 위해서는 다수의 단말기술들이 요구된다. 이 단말기술들은 ${\ulcorner}$SAT${\lrcorner}$ 구조에 의해 구성되는 것이 효율적이며, 이를 통해 다수의 기술컨셉대체안이 도출된다. 그러나, 평가의 투표양식 ( Ballot Form ) 과 ${\ulcorner}$SPN ( System Priority Number )${\lrcorner}$ 를 활용하는 ${\ulcorner}$SAT${\lrcorner}$ 평가방식으로는 평가자의 단편적인 선호도만이 분석가능하며, 투표과정이 번거롭다는 단점이 있다. 이러한 문제 해결을 위해 본 연구에서는 기술컨셉대체안이 요구기능과 실현수단의 순환계층구조로 표현되는 ${\ulcorner}$SAT${\lrcorner}$ 에, 전문기술집단의 선호구조를 정밀히 분석하기 위해 단말기술의 속성변수와 속성수준화를 규정하여 평가하도록 하는 ${\ulcorner}$컨조인트 분석${\lrcorner}$ 을 결합한 ${\ulcorner}$컨조인트 SAT모형 (CJ-SAT Model)${\lrcorner}$ 을 개발하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.15-29
• /
• 2014

Increasing the smart instrument based social and economical activity, problems of electronic business's safety, reliability and user's privacy are be on the rise. so variety standard cryptography algorithms for information security have been developed in korea and How to efficiently implement them in a variety of environments is issued. ARIA and SEED, developed in Korea, are standard block cipher algorithm to encrypt the 128-bit plaintext, are each configured Feistel, SPN structure. In this paper, SEED and ARIA were implemented using the GEZEL language that can be used easily in the software designer because grammar is simple compared to other hardware description language. In particular, in this paper, will be described in detail the characteristics and design method using GEZEL as the first paper that implements 128bits ARIA and SEED and it showed the flexibility and efficiency of development using GEZEL. SEED designed GEZEL is occupied 69043 slice, is operating Maximum frequency 146.25Mhz and ARIA is occupied 7282 slice, is operating Maximum frequency 286.172Mhz. Also, Speed of SEED designed and implemented signal flow method is improved 296%.

• IE interfaces
• /
• v.15 no.4
• /
• pp.460-473
• /
• 2002

The objective of this paper is to design a Goal Alternatives Disposition System having three main subsystems for setting, evaluating and selecting goal alternatives. For setting of goal alternatives, System Alternatives Tree(SAT) structure will be developed, which has a computation algorithm for setting decision alternatives by the concept of System Priority Number(SPN). For evaluating and selecting of goal alternatives; First, Normative and Exploratory Priority Indices which consider technical performance to the goal, cost and feasibility are developed respectively. Second, Integrated Priority Index is built up to determine the total priority of the Goal Alternatives Disposition(GAD) system. For the design and verification of the GAD system, technological forecasting structure theory, systems engineering methodology will be used.

• Proceedings of the KIEE Conference
• /
• 2005.07d
• /
• pp.3052-3054
• /
• 2005

Ubiquitous Computing 환경은 모든 사물과 공간이 지능화되어 사용자가 컴퓨터나 네트워크를 의식하지 않는 상태에서 장소에 구애받지 않고 자유롭게 네트워크에 접속할 수 있는 환경을 의미한다. 만일 이러한 환경 속에서 개인정보들이 노출되었을 경우는 법적, 사회적, 경제적으로 커다란 손실을 초래하게 된다. 이것을 방지하기 위해서는 안정성과 효율성이 높은 암호 알고리즘이 요구된다. 본 논문에서는 한국 표준으로 제정된 ISPN(Involutional SPN) 구조의 블록 암호화 ARIA 알고리즘을 사용하여 고속의 통신망과 Smart Card, PDA, 이동전화 및 다양한 기기 둥의 사용이 보편화될 Ubiquitous Computing 환경에 응용 가능한 ARIA 암호화 프로세서(이하 ARIA 프로세서)를 설계하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.155-157
• /
• 2016

한국 표준 블록암호 알고리듬 ARIA(Academy, Research Institute, Agency)와 미국 표준인 AES(Advanced Encryption Standard) 알고리듬은 128-비트 블록 길이를 지원하고 SPN(substitution permutation network) 구조를 특징으로 가져 서로 유사한 형태를 지닌다. 본 논문에서는 ARIA와 AES를 선택적으로 수행하는 ARIA-AES 통합 프로세서를 효율적으로 구현하였다. Verilog HDL로 설계된 ARIA-AES 통합 프로세서를 Virtex5 FPGA로 구현하여 정상 동작함을 확인하였고, $0.18{\mu}m$ 공정의 CMOS 셀 라이브러리로 100KHz의 동작주파수에서 합성한 결과 39,498 GE로 구현되었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.05a
• /
• pp.107-109
• /
• 2023

본 논문은 PIPO 알고리즘의 최적 구현 기술들에 대한 연구 동향을 살핀다. PIPO는 선형, 차분 공격에 안전한 S-box를 사용하는 SPN 구조의 경량 블록 암호 알고리즘이다. 블록 크기는 64비트이고 비밀키 크기에 따라 PIPO-128과 PIPO-256으로 나뉜다. PIPO 알고리즘의 S-Layer, R-Layer, Addroundkey의 3가지 내부 동작과정과 각 라운드에서 사용되는 연산들에 대한 자세한 설명이 제공된다. 본 논문에서는 RISC-V 및 ARM 프로세서, CUDA GPGPU에서 PIPO 알고리즘을 최적화 구현하는 방법을 다룬다. 해당 연구들에선 최적 구현 기술을 적용하여 PIPO 암호를 적용하는 IoT 장치에서도 안전하고 빠른 암,복호화를 수행할 수 있음을 보였고, 기존 연구와의 비교를 통해 성능 향상이 이루어짐을 확인할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.325-336
• /
• 2020

Nonlinear Invariant Attack is an attack that should be considered when constructing lightweight block ciphers with relatively simple key schedule. A shortcut to prove a block cipher's resistance against nonlinear invariant attack is checking the smallest dimension of linear layer-invariant linear subspace which contains all known differences between round keys is equal to the block size. In this paper, we presents the following results. We identify the structure and number of optimal bit-permutations which require only one known difference between round keys for a designer to show that the corresponding block cipher is resistant against nonlinear invariant attack. Moreover, we show that PRESENT-like block ciphers need at least two known differences between round keys by checking all PRESENT-like bit-permutations. Additionally, we verify that the variants of PRESENT-like bit-permutations requiring the only two known differences between round keys do not conflict with the resistance against differential attack by comparing the best differential trails. Finally, through the distribution of the invariant factors of all bit-permutations that maintain BOGI logic with GIFT S-box, GIFT-variant block ciphers require at least 8 known differences between round keys for the resistance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.4
• /
• pp.675-683
• /
• 2009

RC6 which has different algorithm of encryption and decryption has been proposed to have the same algorithm between encryption and decryption through inserting symmetry layer using simple rotate and logical operation. That means the half of whole RC6 round uses encryption algorithm and the rest of it uses decryption one and symmetry layer has been put into the middle of encryption and decryption. The proposed RC6 algorithm has no difference with the original one in the speed of process. However it is quite safe because by inserting symmetry layer the path of high probability which is needed for differential and linear analysis is cut off so that it is hard to be analyzed. The proposed symmetry layer algorithm can be easily applied to the algorithm which has different encryption and decryption and make it same, and it can be good idea to be used to design a new block cipher algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.33-41
• /
• 2012

A differential fault analysis(DFA) is one of the most important side channel attacks on block ciphers. Most block ciphers, such as DES, AES, ARIA, SEED and so on., have been analysed by this attack. PRESENT is a 64-bit block cipher with 80/128-bit secret keys and has a 31-round SP-network. So far, several DFAs on PRESENT have been proposed. These attacks recovered 80, 128-bit secret keys of PRESENT with 8~64 fault injections. respectively. In this paper, we propose an improved DFA on PRESENT-80/128. Our attack can reduce the complexity of exhaustive search of PRESENT-80(resp. 128) to on average 1.7(resp. $2^{22.3}$) with 2(resp. 3) fault injections, From these results, our attack results are superior to known DFAs on PRESENT.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.35-44
• /
• 2011

The PP-1/64-128 block cipher support variety data block and secret key size. Also, it is suitable for hardware implementation and can much easier to apply Concurrent Error Detection(CED) for cryptographic chips compared to other block ciphers, because it has same encryption and decryption process. In this paper, we proposed truncated differential cryptanalysis of PP-1/64-128. the attack on PP-1/64-128 block cipher requires $2^{50.16}$ chosen plaintexts, $2^{46.16}$ bytes memory spaces and $2^{50.45}$ PP-1/64-128 encryption to retrieve secret key. This is the best result of currently known PP-1/64-128 differential cryptanalysis.