• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.445-451
• /
• 2014

The related-key attack is regarded as one of the important cryptanalytic tools for the security evaluation of block ciphers. This is due to the fact that this attack can be effectively applied to schemes like block-cipher based hash functions whose block-cipher keys can be controlled as their messages. In this paper, we improve the related-key attack on lightweight block cipher PRINCE proposed in FSE 2013. Our improved related-key attack on PRINCE reduces data complexity from $2^{33}$ [4] to 2.

• The Journal of the Korea Contents Association
• /
• v.9 no.11
• /
• pp.74-79
• /
• 2009

This paper proposes a hardware structure and associated finite state machine designs sharing key scheduling circuitry to enhance the performance of the block cypher algorithm, HIGHT. It also introduces an efficient protocol applicable to RFID systems comprising the HIGHT block cipher algorithm. The new HIGHT structure occupies an area size small enough to accommodate tag applications. The structure yields twice higher performance them conventional HIGHT algorithms. The proposed protocol overcomes the security vulnerability of RFID tags and thereby strengthens the security of personal information.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.404-406
• /
• 2015

This paper describes a small-area hardware implementation of the block cipher algorithm CLEFIA-128 which supports for 128-bit master key. A compact structure using single data processing block is adopted, which shares hardware resources for round transformation and the generation of intermediate values for round key scheduling. In addition, data processing and key scheduling blocks are simplified by utilizing a modified GFN(generalized Feistel network) and key scheduling scheme. The CLEFIA-128 crypto-processor is verified by FPGA implementation. It consumes 823 slices of Virtex5 XC5VSX50T device and the estimated throughput is about 105 Mbps with 145 MHz clock frequency.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.2
• /
• pp.199-206
• /
• 2010

Society of digital information becomes gradually advancement, and it is a situation offered various service, but it is exposed to a serious security threat by a fast development of communication such as the internet and a network. There is required a research of technical encryption to protect more safely important information. And we require research for application of security technology in environment or a field to be based on a characteristics of market of an information security. The symmetric key cipher algorithm has same encryption key and decryption key. It is categorized to Block and Stream cipher algorithm according to conversion ways. This study inspects safety and reliability of proposed SEED, Stream cipher algorithm. And it confirms possibility of application on the communication environments. This can contribute to transact information safely by application of suitable cipher algorithm along various communication environmental conditions.

• Journal of the Korea Computer Industry Society
• /
• v.10 no.4
• /
• pp.167-176
• /
• 2009

In this paper, we propose an improved SHACAL-1 of the same encryption and decryption with a simple symmetric layer. SHACAL-1 has 4 rounds, and each round has 20 steps. Decryption is becoming inverse function of encryption, In this paper, we proposed SHACAL-1 are composed of the first half, symmetry layer and the last half. The first half with SHACAL-1 encryption algorithm 1 round does with 10 steps and composes of 4 round. The last half identically with SHACAL-1 decryption algorithm, has a structure. On the center inserts a symmetry layer, encryption and decryption algorithm identically, composes. In the experiments, the proposed SHACAL-1 algorithm showed similar execution time to that of the SHACAL-1. Thanks to the symmetric layer, the proposed algorithm makes it difficult for the attacks which take advantages of high probability path such as the linear cryptanalysis, differential cryptanalysis. The proposed algorithm can be applicable to the other block cipher algorithms which have different encryption and decryption and useful for designing a new block cipher algorithm.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1276-1284
• /
• 2017

Lightweight Encryption Algorithm (LEA) that was standardized as a lightweight block cipher was implemented with 8-bit data path, and the vulnerability of LEA encryption processor to correlation power analysis (CPA) attack was analyzed. The CPA used in this paper detects correct round keys by analyzing correlation coefficient between the Hamming distance of the computed data by applying hypothesized keys and the power dissipated in LEA crypto-processor. As a result of CPA attack, correct round keys were detected, which have maximum correlation coefficients of 0.6937, 0.5507, and this experimental result shows that block cipher LEA is vulnerable to power analysis attacks. A masking method based on TRNG was proposed as a countermeasure to CPA attack. By applying masking method that adds random values obtained from TRNG to the intermediate data of encryption, incorrect round keys having maximum correlation coefficients of 0.1293, 0.1190 were analyzed. It means that the proposed masking method is an effective countermeasure to CPA attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.10
• /
• pp.1929-1934
• /
• 2017

Lightweight block cipher (Lightweight Encryption Algorithm, LEA), is the most promising block cipher algorithm due to its efficient implementation feature and high security level. The LEA block cipher is widely used in real-field applications and there are many efforts to enhance the performance of LEA in terms of execution timing to achieve the high availability under any circumstances. In this paper, we enhance the performance of LEA block cipher, particularly on ARMv8 processors. The LEA implementation is optimized by using new SIMD instructions namely NEON engine and 24 LEA encryption operations are simultaneously performed in parallel way. In order to reduce the number of memory access, we utilized the all NEON registers to retain the intermediate results. Finally, we evaluated the performance of the LEA implementation, and the proposed implementations on Apple A7 and Apple A9 achieved the 2.4 cycles/byte and 2.2 cycles/byte, respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.315-318
• /
• 2016

In this paper, we present a new preimage attack on MJH, a double-block-length block cipher-based hash function. Currently, the best attack requires $O(2^{3n/2})$ queries for the 2n-bit MJH hash function based on an n-bit block cipher, while our attack requires $O(n2^n)$ queries and the same amount of memory, significantly improving the query complexity compared to the existing attack.

• ETRI Journal
• /
• v.36 no.6
• /
• pp.1032-1040
• /
• 2014

The Lai-Massey scheme, proposed by Vaudenay, is a modified structure in the International Data Encryption Algorithm cipher. A family of block ciphers, named FOX, were built on the Lai-Massey scheme. Impossible differential cryptanalysis is a powerful technique used to recover the secret key of block ciphers. This paper studies the impossible differential cryptanalysis of the Lai-Massey scheme with affine orthomorphism for the first time. Firstly, we prove that there always exist 4-round impossible differentials of a Lai-Massey cipher having a bijective F-function. Such 4-round impossible differentials can be used to help find 4-round impossible differentials of FOX64 and FOX128. Moreover, we give some sufficient conditions to characterize the existence of 5-, 6-, and 7-round impossible differentials of Lai-Massey ciphers having a substitution-permutation (SP) F-function, and we observe that if Lai-Massey ciphers having an SP F-function use the same diffusion layer and orthomorphism as a FOX64, then there are indeed 5- and 6-round impossible differentials. These results indicate that both the diffusion layer and orthomorphism should be chosen carefully so as to make the Lai-Massey cipher secure against impossible differential cryptanalysis.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.9
• /
• pp.3266-3285
• /
• 2014

With limited computing and storage resources, many network applications of encryption algorithms require low power devices and fast computing components. CHESS-64 is designed by employing simple key scheduling and Data-Dependent operations (DDO) as main cryptographic components. Hardware performance for Field Programmable Gate Arrays (FPGA) and for Application Specific Integrated Circuits (ASIC) proves that CHESS-64 is a very flexible and powerful new cipher. In this paper, the security of CHESS-64 block cipher under related-key differential cryptanalysis is studied. Based on the differential properties of DDOs, we construct two types of related-key differential characteristics with one-bit difference in the master key. To recover 74 bits key, two key recovery algorithms are proposed based on the two types of related-key differential characteristics, and the corresponding data complexity is about $2^{42.9}$ chosen-plaintexts, computing complexity is about $2^{42.9}$ CHESS-64 encryptions, storage complexity is about $2^{26.6}$ bits of storage resources. To break the cipher, an exhaustive attack is implemented to recover the rest 54 bits key. These works demonstrate an effective and general way to attack DDO-based ciphers.