• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.109-116
• /
• 2007

In this paper, we analyse the security of the variant of Self-Shrinking generator proposed by Chang et al. against a guess-and-determine attack. This variant, which we call SSG-XOR is claimed to have better cryptographic properties than the Self-Shrinking generator in a practical setting. But we show that SSG-XOR is weaker than the Self-Shrinking generator from the viewpoint of guess-and-determine attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.1
• /
• pp.15-32
• /
• 1997

본 논문에서는 스트림 암호 시스템에서 사용이 되는 LFSR 을 이용한 이진 수열 발생기중 하나인 Threshold 발생기에 대한 광학적 구현 방법을 새로이 제안하였다. 광학적 구현을 위하여 LCD를 이용하므로서 LFSR 및 Mod 덧셈 연산을 위한 각 비트 값을 표현, 2차원 처리가 가능하게 하였다. Thredshold 발생기의 LFSR기능은 Shdow Casting 기법을 이용하여, 또한 XOR 연산 및 내적 계산을 위한 MOD덧셈 연산은 LCD 가 갖고 있는 편광 특성을 이용하여 광학적으로 구현하였다. 특히 본 논문에서는 Mod 2 덧셈 연산을 위한 새로운 광학적 구현 방법인 RSPM 을 제안하므로서 연산 결과 값 측정과 LCD 상의 데이타 값 표현 과정을 제외한 전 부분을 완전한 광학적 방법으로 처리가 가능하게 하였다. 본 논문에서 제안한 광 Threshold 암호 시스템은 기존의 전자적인 H/W 구현 방법에서 문제가 되어오던 Tapping Point의 개수에 대한 한계성을 극복할 수 있는 장점을 지니고 있으며, 또한 2차원 데이타인 영상용 암호화 시스템의 광학적 구현에 그 응용이 가능하다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.04a
• /
• pp.786-787
• /
• 2010

본 논문은 산술 쉬프트 레지스트(ASR)를 이용한 32비트 출력의 고속 스트림 암호를 제안한다. 제안한 스트림 암호는 소프트웨어 및 하드웨어 구현이 쉽게 디자인되었으며, 무선 통신 장비와 같이 제한적인 환경에서 빠르게 수행할 수 있도록 개발되었다. 제안한 스트림 암호는 SSC2, Salsa20과 수행속도 비교에서 좋은 결과를 보여주고 있으며, 좋은 통계적 분산 특성과 안전성 또한 현대 스트림 암호 알고리즘이 필요로 하는 안전성을 만족하고 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.1474-1477
• /
• 2009

본 논문에서는 ASR(Arithmetic Shift Register)과 SHA-2로 구성된 32비트 출력의 새로운 스트림 암호 ASC를 제안한다. ASC는 소프트웨어 및 하드웨어 구현이 쉽게 디자인된 스트림 암호 알고리즘이다. 특히 계산능력이 제한된 무선 통신장비에서 빠르게 수행할 수 있도록 개발되었다. ASC는 다양한 길이(8-32바이트)의 키를 지원하고 있으며, 워드 단위로 연산을 수행한다. ASC는 매우 간결한 구조를 가지고 있으며 선형 궤환 순서기(Linear Feedback Sequencer)로 ASR을 적용하였고, 비선형 순서기(Nonlinear sequencer)로 SHA-2를 적용하여 크게 두 부분으로 구성되어 있는 결합 함수(combining function) 스트림 암호이다. 그리고 8비트, 16비트, 32비트 프로세스에서 쉽게 구현이 가능하다. 제안한 스트림 암호 ASC는 최근에 표준 블록 암호로 제정된 AES, ARIA, SEED등의 블록 암호보다는 6-13배 빠른 결과를 보여주고 있으며, 안전성 또한 현대 암호 알고리즘이 필요로 하는 안전성을 만족하고 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.53-60
• /
• 2007

In a known plaintext scenario, fast correlation attack is very powerful attack on stream ciphers. Most of fast correlation attacks consider the cryptographic problem as the suitable decoding problem. In this paper, we introduce advanced multi-pass fast correlation attack which is based on the fast correlation attack, which uses parity check equation and Fast Walsh Transform, proposed by Chose et al. and the Multi-pass fast correlation attack proposed by Zhang et al. We guess some bits of initial states of the target LFSR with the same method as previously proposed methods, but we can get one more bits at each passes and we will recover the initial states more efficiently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.3
• /
• pp.23-32
• /
• 2001

Since the LILI-128 cipher is a clock-controlled keystream generator, the speed of the keystream data is degraded in a clock-synchronized hardware logic design. Basically, the clock-controlled $LFSR_d$ in the LILI-128 cipher requires a system clock that is 1 ~4 times higher. Therefore, if the same clock is selected, the system throughput of the data rate will be lowered. Accordingly, this paper proposes a 4-bit parallel $LFSR_d$, where each register bit includes four variable data routines for feed feedback of shifting within the $LFSR_d$ . Furthermore, the timing of the propose design is simulated using a $Max^+$plus II from the ALTERA Co., the logic circuit is implemented for an FPGA device (EPF10K20RC240-3), and the throughput stability is analyzed up to a late of 50 Mbps with a 50MHz system clock. (That is higher than the 73 late at 45 Mbps, plus the maximum delay routine in the proposed design was below 20ns.) Finally, we translate/simulate our FPGA/VHDL design to the Lucent ASIC device( LV160C, 0.13 $\mu\textrm{m}$ CMOS & 1.5v technology), and it could achieve a throughput of about 500 Mbps with a 0.13$\mu\textrm{m}$ semiconductor for the maximum path delay below 1.8ns.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.3-16
• /
• 2008

A Wireless Sensor Network (WSN for short) is a wireless network consisting of distributed small devices which are called sensor nodes or motes. Recently, there has been an extensive research on WSN and also on its security. For secure storage and secure transmission of the sensed information, sensor nodes should be equipped with cryptographic algorithms. Moreover, these algorithms should be efficiently implemented since sensor nodes are highly resource-constrained devices. There are already some existing algorithms applicable to sensor nodes, including public key ciphers such as TinyECC and standard block ciphers such as AES. Stream ciphers, however, are still to be analyzed, since they were only recently standardized in the eSTREAM project. In this paper, we implement over the MicaZ platform nine software-based stream ciphers out of the ten in the second and final phases of the eSTREAM project, and we evaluate their performance. Especially, we apply several optimization techniques to six ciphers including SOSEMANUK, Salsa20 and Rabbit, which have survived after the final phase of the eSTREAM project. We also present the implementation results of hardware-oriented stream ciphers and AES-CFB fur reference. According to our experiment, the encryption speeds of these software-based stream ciphers are in the range of 31-406Kbps, thus most of these ciphers are fairly acceptable fur sensor nodes. In particular, the survivors, SOSEMANUK, Salsa20 and Rabbit, show the throughputs of 406Kbps, 176Kbps and 121Kbps using 70KB, 14KB and 22KB of ROM and 2811B, 799B and 755B of RAM, respectively. From the viewpoint of encryption speed, the performances of these ciphers are much better than that of the software-based AES, which shows the speed of 106Kbps.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.45-52
• /
• 2008

The slide resynchronization attack on Grain-v1 was proposed in [5]. Given the keystream sequence, this attack can generate the 1-bit shifted keystream sequence generated by Grain-v1. In this paper, extending the attack proposed in [5], we propose the key recovery attack on Grain-v1 using the related-key. Using the weakness of the initialization procedure of Grain-v1, this attack recover the master key with $2^{25.02}$ Ⅳs and $2^{56}$ time complexity. This attack is the first known key recovery attack on Grain-v1.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.237-240
• /
• 2012

Binary sequences of period $N=2^k-1$ are widely used in many areas of engineering and sciences. Some well-known applications include code-division multiple-access (CDMA) communications and stream cipher systems. In this paper, we analyze the equation $(x+1)^d=x^d+1$ over finite fields. The $d$ of the equation is used to analyze cross-correlation of binary sequences.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.11
• /
• pp.1329-1340
• /
• 2016

Recently, Zhang proposed a scheme to hide information in encrypted images using synchronous stream ciphers. After the receiver decrypts the encrypted image and extracts data by calculating the spatial correlation property value using the fluctuation function which is designed to calculate spacial correlation between adjacent pixels in a decrypted image. Then, Hong improved the Zhang's data hiding scheme by introducing the side match technique. In this paper, a novel fluctuation function is proposed to reduce the recovery errors which arise during extracting hidden data. Then, we also demonstrated that the proposed fluctuation function outperforms the previous functions through computer simulations for sample images.