• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.11
• /
• pp.1470-1476
• /
• 2020

This paper describes a design of a lightweight security system-on-chip (SoC) suitable for the implementation of security protocols for IoT and mobile devices. The security SoC using Cortex-M0 as a CPU integrates hardware crypto engines including an elliptic curve cryptography (ECC) core, a SHA3 hash core, an ARIA-AES block cipher core and a true random number generator (TRNG) core. The ECC core was designed to support twenty elliptic curves over both prime field and binary field defined in the SEC2, and was based on a word-based Montgomery multiplier in which the partial product generations/additions and modular reductions are processed in a sub-pipelining manner. The H/W-S/W co-operation for elliptic curve digital signature algorithm (EC-DSA) protocol was demonstrated by implementing the security SoC on a Cyclone-5 FPGA device. The security SoC, synthesized with a 65-nm CMOS cell library, occupies 193,312 gate equivalents (GEs) and 84 kbytes of RAM.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.49-67
• /
• 2016

SP 800-90B of NIST(USA) and AIS.31 of BSI(Germany) are representative statistical tests for TRNGs. In this paper, we concentrate on AIS.31 which is under the ongoing international standardization process. We examine the probabilistic meaning of each statistic of the test in AIS.31 and investigate its probability distribution. By changing significance level and the length of sample bits, we obtain formalized accept region of the test. Furthermore we propose the accept regions for some iterative tests, that are not mentioned in AIS.31, and provide some simulations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.771-780
• /
• 2020

QKD(Quantum Key Distribution) is one of the protocols that can make two distant parties safely share secure keys against the threat of quantum computer. Generally, cryptographic applications which are connected to the QKD device have fixed roles as a transmitter and a receiver due to the race condition and complexity of implementation. Because the conventional QKD system is mainly applied to the link encryptor, there are no problems even if the roles of the cryptographic devices are fixed. We propose a new scheme of QKD system and protocol that is easy to extend to the QKD network by eliminating quantum key dependency between cryptographic device and QKD node. The secure keys which are generated by the TRNG(True Random Number Generator) are provided to the cryptographic applications instead of quantum keys. We design an architecture to transmit safely the secure keys using the inbound and outbound quantum keys which are shared between two nodes. In this scheme, since the dependency of shared quantum keys between two QKD nodes is eliminated, all cryptographic applicatons can be a master or a slave depending on who initiates the cryptographic communications.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1071-1077
• /
• 2022

A security SoC that can be used to implement elliptic curve cryptography (ECC) based public-key infrastructures was designed. The security SoC has an architecture in which a hardware accelerator for the elliptic curve digital signature algorithm (ECDSA) is interfaced with the Cortex-A53 CPU using the AXI4-Lite bus. The ECDSA hardware accelerator, which consists of a high-performance ECC processor, a SHA3 hash core, a true random number generator (TRNG), a modular multiplier, BRAM, and control FSM, was designed to perform the high-performance computation of ECDSA signature generation and signature verification with minimal CPU control. The security SoC was implemented in the Zynq UltraScale+ MPSoC device to perform hardware-software co-verification, and it was evaluated that the ECDSA signature generation or signature verification can be achieved about 1,000 times per second at a clock frequency of 150 MHz. The ECDSA hardware accelerator was implemented using hardware resources of 74,630 LUTs, 23,356 flip-flops, 32kb BRAM, and 36 DSP blocks.