• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.11
• /
• pp.2517-2524
• /
• 2012

This paper describes an efficient implementation of KS(Korea Standards) block cipher algorithm ARIA. The ARIA crypto-processor supports three master key lengths of 128/192/256-bit and four modes of operation including ECB, CBC, OFB and CTR. A hardware sharing technique, which shares round function in encryption/decryption with key initialization, is employed to reduce hardware complexity. It reduces about 20% of gate counts when compared with straightforward implementation. The ARIA crypto-processor is verified by FPGA implementation, and synthesized with a $0.13-{\mu}m$ CMOS cell library. It has 46,100 gates on an area of $684-{\mu}m{\times}684-{\mu}m$ and the estimated throughput is about 1.28 Gbps at 200 MHz@1.2V.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.271-278
• /
• 2015

We use various types of cryptographic algorithms for the protection of personal and sensitive informations in the application environments, such as an internet banking and an electronic commerce. However, recent researches were introduced that if we implement modes of operation, padding method and other cryptographic implementations in a wrong way, then the critical information can be leaked even though the underlying cryptographic algorithms are secure. Among these attacking techniques, the padding oracle attack is representative. In this paper, we analyze the possibility of padding oracle attacks of 12 kinds of padding techniques that can be applied to the CBC operation mode of a block cipher. As a result, we discovered that 3 kinds were safe padding techniques and 9 kinds were unsafe padding techniques. We propose 5 considerations when designing a safe padding techniques to have a resistance to the padding oracle attack through the analysis of three kinds of safe padding techniques.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.1
• /
• pp.280-295
• /
• 2015

Block cipher ARIA was first proposed by some South Korean experts in 2003, and later, it was established as a Korean Standard block cipher algorithm by Korean Agency for Technology and Standards. In this paper, we focus on the security evaluation of ARIA block cipher against the recent zero-correlation linear cryptanalysis. In addition, Partial-sum technique and FFT (Fast Fourier Transform) technique are used to speed up the cryptanalysis, respectively. We first introduce some 4-round linear approximations of ARIA with zero-correlation, and then present some key-recovery attacks on 6/7-round ARIA-128/256 with the Partial-sum technique and FFT technique. The key-recovery attack with Partial-sum technique on 6-round ARIA-128 needs $2^{123.6}$ known plaintexts (KPs), $2^{121}$ encryptions and $2^{90.3}$ bytes memory, and the attack with FFT technique requires $2^{124.1}$ KPs, $2^{121.5}$ encryptions and $2^{90.3}$ bytes memory. Moreover, applying Partial-sum technique, we can attack 7-round ARIA-256 with $2^{124.6}$ KPs, $2^{203.5}$ encryptions and $2^{152}$ bytes memory and 7-round ARIA-256 employing FFT technique, requires $2^{124.7}$ KPs, $2^{209.5}$ encryptions and $2^{152}$ bytes memory. Our results are the first zero-correlation linear cryptanalysis results on ARIA.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1093-1100
• /
• 2008

Feistel and SPN are the two main structures in designing a block cipher algorithm. Unlike Feistel, an SPN has an asymmetric structure in encryption and decryption. In this paper we propose an SPN algorithm which has a symmetric structure in encryption and decryption. The whole operations in our SPN algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2, applies function and the last half of them, (N+1)/2 to N, employs inverse function. Symmetry layer is executed to create a symmetry block in between function layer and inverse function layer. AES encryption and decryption algorithm, whose safety is already proved, are exploited for function and inverse function, respectively. In order to be secure enough against the byte or word unit-based attacks, 32bit rotation and simple logical operations are performed in symmetry layer. Due to the simplicity of the proposed encryption and decryption algorithm in hardware configuration, the proposed algorithm is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.4
• /
• pp.798-803
• /
• 2005

This paper describes a design of AES(Advanced Encryption Standard)-based CCMP core for IEEE 802.1li wireless LAN security. To maximize its performance, two AES cores ate used, one is for counter mode for data confidentiality and the other is for CBC(Cipher Block Chaining) mode for authentication and data integrity. The S-box that requires the largest hardware in AES core is implemented using composite field arithmetic, and the gate count is reduced by about $20\%$ compared with conventional LUT(Lookup Table)-based design. The CCMP core designed in Verilog-HDL has 13,360 gates, and the estimated throughput is about 168 Mbps at 54-MHz clock frequency. The functionality of the CCMP core is verified by Excalibur SoC implementation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.243-246
• /
• 2008

This thesis suggests block cipher operating mode using ASR(Arithmetic Shift Register). ASR is ratted arithmetic shift register which is sequence that is not 0 but initial value $A_0$ multiplies not 0 or 1 but free number D on $GF(2^n)$. This thesis proposes ASR mode which changes output multiplying d and Floating ASR mode which has same function but having strengthened stability altering d. If we use ASR's output as a counter, there's advantage that it has higher stability and better speed than CTR. Also, ASR mode and FASR mode have advantage of Random access which is not being functioned on CTR mode, they can be widely used to any part which Random access is needed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.367-370
• /
• 2005

This paper describes a design of AES(Advanced Encryption Standard)-based CCMP core for IEEE 802.11i wireless LAN security. To maximize its performance, two AES cores are used, one is for counter mode for data confidentiality and the other is for CBC(Cipher Block Chaining)mode for authentication and data integrity. The S-box that requires the largest hardware in AES core is implemented using composite field arithmetic, and the gate count is reduced by about 25% compared with conventional LUT(Lookup Table)-based design. The CCMP core designed in Verilog-HDL has 15,450 gates, and the estimated throughput is about 128 Mbps at 50-MHz clock frequency). The functionality of the CCMP core is verified by Excalibur SoC implementation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.1-15
• /
• 2003

${Cachin}^{[1]}$ defined the security of steganography theoretically at first, then ${Katzenbeisser}^{[2]}$ and ${Hopper}^{[3]}$ also discussed it on the different aspects. Unfortunately, because many steganographic systems couldnt overcome the statistical gap between a stego-cover and a pure cover, the secure steganography hasn' been evaluated yet. By the effectivel steganalysis algorithm, statistical test which was suggested by Westfel $d^{［4］}$, the attacker Wendy could select the stego-covers out of suspicious covers. Our newly developed algorithm which minimizes the changes of a pure cover by using the block cipher withstands a statistical test and has a similar embedding capacity in comparison with a simple LSB substitution steganography.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.495-504
• /
• 2012

This paper presents various speed optimization techniques for software implementation of the HIGHT block cipher on CPUs and GPUs. We considered 32-bit and 64-bit operating systems for CPU implementations. After we applied the bit-slicing and byte-slicing techniques to HIGHT, the encryption speed recorded 1.48Gbps over the intel core i7 920 CPU with a 64-bit operating system, which is up to 2.4 times faster than the previous implementation. We also implemented HIGHT on an NVIDIA GPU equipped with CUDA, and applied various optimization techniques, such as storing most frequently used data like subkeys and the F lookup table in the shared memory; and using coalesced access when reading data from the global memory. To our knowledge, this is the first result that implements and optimizes HIGHT on a GPU. We verified that the byte-slicing technique guarantees a speed-up of more than 20%, resulting a speed which is 31 times faster than that on a CPU.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.391-404
• /
• 2022

Aron Gohr proposed a cryptanalysis method based on deep learning technology for the lightweight block cipher Speck. This is a method that enables a chosen plaintext attack with higher accuracy than the classical differential cryptanalysis. In this paper, by using the probability distribution, we analyze the mechanism of such deep learning based cryptanalysis and propose the results applied to the lightweight block cipher Simon. In addition, we examine that the probability distributions of the predicted values of the neural networks within the cryptanalysis working processes are different depending upon the characteristics of round functions of Speck and Simon, and suggest a direction to improve the efficiency of the neural distinguisher which is the core technology of Aron Gohr's cryptanalysis.