• Journal of Communications and Networks
• /
• 제18권3호
• /
• pp.273-287
• /
• 2016

White-box cryptography presented by Chow et al. is an obfuscation technique for protecting secret keys in software implementations even if an adversary has full access to the implementation of the encryption algorithm and full control over its execution platforms. Despite its practical importance, progress has not been substantial. In fact, it is repeated that as a proposal for a white-box implementation is reported, an attack of lower complexity is soon announced. This is mainly because most cryptanalytic methods target specific implementations, and there is no general attack tool for white-box cryptography. In this paper, we present an analytic toolbox on white-box implementations of the Chow et al.'s style using lookup tables. According to our toolbox, for a substitution-linear transformation cipher on n bits with S-boxes on m bits, the complexity for recovering the $$O\((3n/max(m_Q,m))2^{3max(m_Q,m)}+2min\{(n/m)L^{m+3}2^{2m},\;(n/m)L^32^{3m}+n{\log}L{\cdot}2^{L/2}\}\)$$, where $m_Q$ is the input size of nonlinear encodings,$m_A$ is the minimized block size of linear encodings, and $L=lcm(m_A,m_Q)$. As a result, a white-box implementation in the Chow et al.'s framework has complexity at most $O\(min\{(2^{2m}/m)n^{m+4},\;n{\log}n{\cdot}2^{n/2}\}\)$ which is much less than $2^n$. To overcome this, we introduce an idea that obfuscates two advanced encryption standard (AES)-128 ciphers at once with input/output encoding on 256 bits. To reduce storage, we use a sparse unsplit input encoding. As a result, our white-box AES implementation has up to 110-bit security against our toolbox, close to that of the original cipher. More generally, we may consider a white-box implementation of the t parallel encryption of AES to increase security.

• 정보처리학회논문지:컴퓨터 및 통신 시스템
• /
• 제8권11호
• /
• pp.271-276
• /
• 2019

LUT 기반의 S-Box를 사용하는 기존의 ARIA 알고리듬은 처리속도는 빠르지만 회로의 크기가 매우 커지게 되어 저면적이 요구되는 소형의 휴대용 기기에는 적용하기 어렵다. 본 논문에서는 하드웨어 면적의 감소를 위해 개선된 합성체 S-Box를 기반으로 한 최적의 ARIA 암호프로세서 설계를 제안한다. ARIA 알고리듬에서의 키 스케쥴링 과정에서 확산 및 치환 계층에서 반복적으로 사용한다. 여기에서는 또한, 키 스케쥴링 과정에서의 사용 면적을 최소화하는 방안으로 치환과 확산 계층에서 하드웨어 자원의 공유 방법을 제안한다. 설계된 ARIA 암호프로세서는 Verilog-HDL을 이용하여 회로를 기술하였고, Xilinx XC3S1500을 타겟으로 하여 논리 합성을 수행하였다. 설계된 시스템의 기능 검증을 위해 Mentor사의 Modelsim 10.4a 툴을 이용하여 논리 및 타이밍 시뮬레이션을 수행하였다.

• 정보처리학회논문지C
• /
• 제9C권4호
• /
• pp.445-452
• /
• 2002

본 논문에서는 수학적인 이론에 기반한 안전성이 증명 가능한 128 비트 블록 암호 알고리즘을 제안한다. 제안된 SPN 구조 암호 알고리즘에 사용된 active S-box가 많은 16$\times$16 선형변환을 찾았고, 안전성에 대한 증명 방법으로 차분 해독(Differential Cryptanalysis)와 선형해독(Linear Cryptanalysis)에 대하여 증명하였다. 또한 DC와 LC에 영향을 주는 128 비트 블록 암호 알고리즘의 라운드 별 active S-box의 최소 개수, 최대 차분 확률과 최대 선형확률을 구하였다.

• 정보보호학회논문지
• /
• 제15권1호
• /
• pp.99-107
• /
• 2005

ARIA는 128비트 블록 암호 알고리즘으로 128, 192, 256 비트 암호키를 사용한다. 또한 SPN (Substitution and Permutation encryption Network) 구조와 Involution 이진 행렬을 사용하여 초경량 환경 및 하드웨어 구현에 최적으로 개발되었다. 본 논문에서는 실제 스마트카드에 부주의한 ARIA 구현이 차분 전력 분석 공격 (Differential Power Analysis)에 취약함을 널이고자 한다. ARIA에 적용된 공격시점은 S-box 출력에 대한 소비 전력이며 이는 매우 현실적이며 위협적이다. 또한 두 개의 라운드 키만을 이용하여 ARIA의 master key (MK)를 얻을 수 있다.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 2002년도 ITC-CSCC -1
• /
• pp.164-167
• /
• 2002

This paper presents the design of Rijndael crypto-processor with 128 bits, 192 bits and 256 bits key size. In October 2000 Rijndael cryptographic algorithm is selected as AES(Advanced Encryption Standard) by NIST(National Institute of Standards and Technology). Rijndael algorithm is strong in any known attacks. And it can be efficiently implemented in both hardware and software. We implement Rijndael algorithm in hardware, because hardware implementation gives more fast encryptioN/decryption speed and more physically secure. We implemented Rijndael algorithm for 128 bits, 192 bits and 256 bits key size with VHDL, synthesized with Synopsys, and simulated with ModelSim. This crypto-processor is implemented using on-the-fly key generation method and using lookup table for S-box/SI-box. And the order of Inverse Shift Row operation and Inverse Substitution operation is exchanged in decryption round operation of Rijndael algorithm. It brings about decrease of the total gate count. Crypto-processor implemented in these methods is applied to mobile systems and smart cards, because it has moderate gate count and high speed.

• 한국지하수토양환경학회지:지하수토양환경
• /
• 제27권2호
• /
• pp.76-86
• /
• 2022

Calcium (Ca) and potassium (K) were introduced to remove Sr and Cs in soil, respectively. Four factor and three level Box-Bhenken design was employed to determine the optimal washing condition of Ca- and K-based solutions, and the ranges tested were 0.1 to 1 M of Ca or K, L/S ratio of 5 to 20, washing time of 0.5 to 2 h, and pH of 2 to 7. The optimal washing condition determined was 1 M of Ca or K, L/S ratio of 20, washing time of 1 h, and pH of 2, and Ca-based and K-based solutions showed 68 and 81% removal efficiency for Sr and Cs, respectively in soil. For comparison, widely used conventional washing agents such as 0.075 M EDTA, 0.01 M citric acid, 0.01 M oxalic acid, and 0.05 M phosphoric acid were tested, and they showed 25 to 30% of Sr and Cs removal efficiency. Tessier sequential extraction was employed to identify the changes in chemical forms of Sr and Cs during the washing. In contrast to the conventional washing agents, Ca-based and K-based solutions were able to release relatively strongly bound forms of Sr and Cs such as Fe/Mn-oxide and organic matter bound forms, suggesting the involvement of direct substitution mechanism, probably due to the physicochemical similarities between Sr-Ca and Cs-K.

• 한국자동차공학회논문집
• /
• 제19권5호
• /
• pp.100-112
• /
• 2011

This paper studied on a theoretical approach to predict structural performances and weight -reduction rates of hybrid bodyshells in case that the material of underframe structure is substituted. To choose other light-weight materials to be substituted for the original underframe material, compressive, bending and twisting deformations are considered under constant stiffness and strength conditions, which derive some new weight-reduction indices from a structural performance point of view. Next, these weight-reduction indices were verified using the finite element analyses of some simplified examples. It is shown that the derived indices to estimate the weight-reduction can be utilized as a good criterion for material substitution of the underframe at a basic design stage.

• Advances in concrete construction
• /
• 제7권2호
• /
• pp.87-96
• /
• 2019

Self-compacting concretes (SCC) are highly fluid concrete which can flow without any vibration. Their composition requires a large quantity of fines to limit the risk of bleeding and segregation. The use of crushed sand rich in limestone fines could be an adequate solution for both economic and environmental reasons. This paper investigates the influence of quarry limestone fines from manufactured crushed sand on rheological, mechanical and durability properties of SCC. For this purpose, five mixtures of SCC with different limestone fines content as substitution of crushed sand (0, 5, 10, 15 and 20%) were prepared at constant water-to-cement ratio of 0.40 and $490kg/m^3$ of cement content. Fresh SCC mixtures were tested by slump flow test, V-funnel flow time test, L-box height ratio, segregation resistance and rheological test using a rheometer. Compressive and flexural strengths of SCC mixtures were evaluated at 28 days. Regarding durability properties, total porosity, capillary water absorption and chloride-ion migration were studied at 180 days. For the two test modes in fresh state, the results indicated compatibility between slump flow/yield stress (${\tau}_0$) and V-funnel flow time/plastic viscosity (${\mu}$). Increasing the substitution level of limestone fines in SCC mixtures, contributes to the decrease of the slump flow and the yield stress. All SCC mixtures investigated achieved adequate filling, adequate passing ability and exhibit no segregation. Moreover, the inclusion of limestone fines as crushed sand substitution reduces the capillary water absorption, chloride-ion migration and consequently enhances the durability performance.

• IMMUNE NETWORK
• /
• 제2권3호
• /
• pp.150-157
• /
• 2002

Background: Although Tat plays a role as a potent transactivator in the viral gene expression from the Human Immunodeficiency Virus type 1 long terminal repeat (HIV-1 LTR), it does not function efficiently in rodent cells implying the absence of a human specific factor essential for Tat-medicated transactivation in rodent cells. In previous experiments, we demonstrated that one of chimeric forms of TAR (transacting responsive element) of HIV-1 LTR compensated the restriction in rodent cells. Methods: To characterize the nature of the compensation, we tested the effects of several upstream binding factors of HIV-1 LTR by simple substitution, and also examined the role of the configuration of the upstream binding factor(s) indirectly by constructing spacing mutants that contained insertions between Sp1 and TATA box on Tat-mediated transactivation. Results: Human Sp1 had no effect whereas its associated factors displayed differential effects in human and rodent cells. In addition, none of the spacing mutants tested overcame the restriction in rodent cells. Rather, when the secondary structure of the chimeric HIV-1 TAR construct was destroyed, the compensation in rodent cells was disappeared. Interestingly, the proper interaction between Sp1 and TATA box binding proteins, which is essential for Tat-dependent transcription, was dispensable in rodent cells. Conclusion: This result suggests that the human-specific Tat cofactor acts to allow Tat to interact effectively in a ribonucleoprotein complex that includes Tat, cellular factors, and TAR RNA, rather than be associated with the HIV-1 LTR upstream DNA binding factors.

• IEIE Transactions on Smart Processing and Computing
• /
• 제6권2호
• /
• pp.133-139
• /
• 2017

Vehicles have increasingly evolved and become intelligent with convergence of information and communications technologies (ICT). Vehicle communications (VC) has become one of the major necessities for intelligent vehicles. However, VC suffers from serious security problems that hinder its commercialization. Hence, the IEEE 1609 Wireless Access Vehicular Environment (WAVE) protocol defines a security service for VC. This service includes Advanced Encryption Standard-Counter with CBC-MAC (AES-CCM) for data encryption in VC. A high-speed AES-CCM crypto module is necessary, because VC requires a fast communication rate between vehicles. In this study, we propose and implement an efficient AES-CCM hardware architecture for high-speed VC. First, we propose a 32-bit substitution table (S_Box) to reduce the AES module latency. Second, we employ key box register files to save key expansion results. Third, we save the input and processed data to internal register files for secure encryption and to secure data from external attacks. Finally, we design a parallel architecture for both cipher block chaining message authentication code (CBC-MAC) and the counter module in AES-CCM to improve performance. For implementation of the field programmable gate array (FPGA) hardware, we use a Xilinx Virtex-5 FPGA chip. The entire operation of the AES-CCM module is validated by timing simulations in Xilinx ISE at a speed of 166.2 MHz.