• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.315-318
• /
• 2016

In this paper, we present a new preimage attack on MJH, a double-block-length block cipher-based hash function. Currently, the best attack requires $O(2^{3n/2})$ queries for the 2n-bit MJH hash function based on an n-bit block cipher, while our attack requires $O(n2^n)$ queries and the same amount of memory, significantly improving the query complexity compared to the existing attack.

• ETRI Journal
• /
• v.45 no.3
• /
• pp.365-378
• /
• 2023

ARIA is a block cipher proposed by Kwon et al. at ICISC 2003 that is widely used as the national standard block cipher in the Republic of Korea. Herein, we identify some flaws in the quantum rebound attack on seven-round ARIA-DM proposed by Dou et al. and reveal that the limit of this attack is up to five rounds. Our revised attack applies to not only ARIA-DM but also ARIA-MMO and ARIA-MP among the PGV models, and it is valid for all ARIA key lengths. Furthermore, we present dedicated quantum rebound attacks on seven-round ARIA-Hirose and ARIA-MJH for the first time. These attacks are only valid for the 256-bit key length of ARIA because they are constructed using the degrees of freedom in the key schedule. All our attacks are faster than the generic quantum attack in the cost metric of the time-space tradeoff.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.101-111
• /
• 2004

Preneel, Govaerts, and Vandewalle considered the 64 basic ways to construct a collision resistant hash function from a block cipher. They regarded 12 of these 64 schemes as secure, though no proofs or formal claims were given. Black, Rogaway, and Shrimpton presented a more proof-centric look at the schemes from PGV. They proved that, in the black box model of block cipher, 12 of 64 compression functions are CRHFs and 20 of 64 extended hash functions are CRHFs. In this paper, we present 64 schemes of block-cipher-based universal one way hash functions using the main idea of PGV and analyze these schemes in the black box model. We will show that 30 of 64 compression function families UOWHF and 42 of 64 extended hash function families are UOWHF. One of the important results is that, in this black box model, we don't need the mask keys for the security of UOWHF in contrast with the results in general security model of UOWHF. Our results also support the assertion that building an efficient and secure UOWHF is easier than building an efficient and secure CRHF.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1353-1360
• /
• 2016

We analyze the efficiency of the double-block-length hash functions, Abreast-DM, HIROSE, MDC-2, MJH, MJH-Double based on AES or LEA. We use optimized open-source code for AES, and our implemented source code for LEA. As a result, the hash functions based on LEA are generally more efficient than those, based on AES. In terms of speed, the hash function with LEA are 6%~19% faster than those with AES except for Abreast-DM. In terms of memory, the hash functions with LEA has 20~30 times more efficient than those with AES.

• The Journal of Society for e-Business Studies
• /
• v.5 no.1
• /
• pp.55-73
• /
• 2000

Recently; EC(Electronic Commerce) is increasing with high speed based on the expansion of Internet. EC which is done on the cyber space through Internet has strong point like independence from time and space. On the contrary, it also has weak point like security problem because anybody can access easily to the system due to open network attribute of Internet. Therefore, we need the solutions that protect the security problem for safe and useful EC activity. One of these solutions is the implementation of strong cipher algorithm. NC(Nonpolynomial Complete) cipher algorithm proposed in this paper is good for the security and it overcome the limit of current 64bits cipher algorithm using 128bits key length for input, output and encryption key, Moreover, it is designed for the increase of calculation complexity and probability calculation by adapting more complex design for subkey generation regarded as one of important element effected to encryption. The result of simulation by the comparison with other cipher algorithm for capacity evaluation of proposed NC cipher algorithm is that the speed of encryption and decryption is 7.63 Mbps per block and the speed of subkey generation is 2,42 μ sec per block. So, prosed NC cipher algorithm is regarded as proper level for encryption. Furthermore, speed of subkey generation shows that NC cipher algorithm has the probability used to MAC(Message Authentication Code) and block implementation of Hash function.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.485-487
• /
• 2017

The whirlpool hash function adopted as an ISO / IEC standard 10118-3 by the international standardization organization is an algorithm that provides message integrity based on an SPN (Substitution Permutation Network) structure similar to AES block cipher. In this paper, we describe the hardware implementation of the Whirlpool hash function. The round block is designed with a 64-bit data path and encryption is performed over 10 rounds. To minimize area, key expansion and encryption algorithms use the same hardware. The Whirlpool hash function was modeled using Verilog HDL, and simulation was performed with ModelSim to verify normal operation.

• Journal of IKEEE
• /
• v.22 no.1
• /
• pp.38-45
• /
• 2018

An integrated cryptographic processor that efficiently integrates ARIA, AES block ciphers and Whirlpool hash function into a single hardware architecture is described. Based on the algorithm characteristics of ARIA, AES, and Whirlpool, we optimized the design so that the hardware resources of the substitution layer and the diffusion layer were shared. The round block was designed to operate in a time-division manner for the round transformation and the round key expansion of the Whirlpool hash, resulting in a lightweight hardware implementation. The hardware operation of the integrated ARIA-AES-Whirlpool crypto-processor was verified by Virtex5 FPGA implementation, and it occupied 68,531 gate equivalents (GEs) with a 0.18um CMOS cell library. When operating at 80 MHz clock frequency, it was estimated that the throughputs of ARIA, AES block ciphers, and Whirlpool hash were 602~787 Mbps, 682~930 Mbps, and 512 Mbps, respectively.

• Journal of IKEEE
• /
• v.23 no.2
• /
• pp.388-394
• /
• 2019

This paper describes a design of security system-on-chip (SoC) that integrates a Cortex-M0 CPU with an AAW (ARIA-AES- Whirlpool) crypto-core which implements two block cipher algorithms of ARIA and AES and a hash function Whirlpool into an unified hardware architecture. The AAW crypto-core was implemented in a small area through hardware sharing based on algorithmic characteristics of ARIA, AES and Whirlpool, and it supports key sizes of 128-bit and 256-bit. The designed security SoC was implemented on FPGA device and verified by hardware-software co-operation. The AAW crypto-core occupied 5,911 slices, and the AHB_Slave including the AAW crypto-core was implemented with 6,366 slices. The maximum clock frequency of the AHB_Slave was estimated at 36 MHz, the estimated throughputs of the ARIA-128 and the AES-128 was 83 Mbps and 78 Mbps respectively, and the throughput of the Whirlpool hash function of 512-bit block was 156 Mbps.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.11
• /
• pp.1470-1476
• /
• 2020

This paper describes a design of a lightweight security system-on-chip (SoC) suitable for the implementation of security protocols for IoT and mobile devices. The security SoC using Cortex-M0 as a CPU integrates hardware crypto engines including an elliptic curve cryptography (ECC) core, a SHA3 hash core, an ARIA-AES block cipher core and a true random number generator (TRNG) core. The ECC core was designed to support twenty elliptic curves over both prime field and binary field defined in the SEC2, and was based on a word-based Montgomery multiplier in which the partial product generations/additions and modular reductions are processed in a sub-pipelining manner. The H/W-S/W co-operation for elliptic curve digital signature algorithm (EC-DSA) protocol was demonstrated by implementing the security SoC on a Cyclone-5 FPGA device. The security SoC, synthesized with a 65-nm CMOS cell library, occupies 193,312 gate equivalents (GEs) and 84 kbytes of RAM.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.57-66
• /
• 2005

SHACAL-2 is a 256-bit block cipher with various key sizes based on the hash function SHA-2. Recently, it was recommended as one of the NESSIE selections. This paper presents differential-linear type attacks on SHACAL-2 with 512-bit keys up to 32 out of its 64 rounds. Our 32-round attack on the 512-bit keys variants is the best efficient attack on this cipher in published literatures.