• Journal of Advanced Information Technology and Convergence
• /
• v.9 no.2
• /
• pp.115-123
• /
• 2019

White-box cryptography is an implementation technique in order to protect secret keys of cryptographic algorithms in the white-box attack model, which is the setting that an adversary has full access to the implementation of the cryptographic algorithm and full control over their execution. This concept was introduced in 2002 by Chow et al., and since then, there have been many proposals for secure implementations. While there have been many approaches to construct a secure white-box implementation for the ciphers with SPN structures, there was no notable result about the white-box implementation for the block ciphers with Feistel structure after white-box DES implementation was broken. In this paper, we propose a secure white-box implementation for a block cipher SEED with Feistel structure, which can prevent the previous known attacks for white-box implementations. Our proposal is simple and practical: it is performed by only 3,376 table lookups during each execution and the total size of tables is 762.5 KB.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.4
• /
• pp.860-868
• /
• 2011

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. In this paper, we propose a SPN block cipher so called SSB which has a symmetric structure in encryption and decryption. The proposed SSB is composed of the even numbers of N rounds. Each round consists of a round key addition layer, a subsitution layer, a byte exchange layer and a diffusion layer. The subsitution layer of the odd round is inverse function of one of the even round. And the diffusion layer is a MDS involution matrix. The differential and linear attack probability of SSB is $2^{-306}$ which is same with AES. The proposed symmetric SPN block cipher SSB is believed to construct a safe and efficient cipher in Smart Card and RFID environments which is in limited hardware and software resources.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1093-1100
• /
• 2008

Feistel and SPN are the two main structures in designing a block cipher algorithm. Unlike Feistel, an SPN has an asymmetric structure in encryption and decryption. In this paper we propose an SPN algorithm which has a symmetric structure in encryption and decryption. The whole operations in our SPN algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2, applies function and the last half of them, (N+1)/2 to N, employs inverse function. Symmetry layer is executed to create a symmetry block in between function layer and inverse function layer. AES encryption and decryption algorithm, whose safety is already proved, are exploited for function and inverse function, respectively. In order to be secure enough against the byte or word unit-based attacks, 32bit rotation and simple logical operations are performed in symmetry layer. Due to the simplicity of the proposed encryption and decryption algorithm in hardware configuration, the proposed algorithm is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.2
• /
• pp.1-9
• /
• 2010

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. In this paper, we propose a SPN which has a symmetric structure in encryption and decryption. The whole operations of proposed algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2 round, applies a right function and the last half of them, (N+1)/2 to N round, employs an inverse function. And a symmetry layer is located in between the right function layer and the inverse function layer. In this paper, AES encryption and decryption function are selected for the right function and the inverse function, respectively. The symmetric layer is composed with simple matrix and round key addition. Due to the simplicity of the symmetric SPN structure in hardware implementation, the proposed modified AES is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.35-42
• /
• 2007

We describe the problem of reducing the key material in the Even-Mansour cipher without security degradation. Even and Mansour proposed a block cipher based on XORing secret key material just prior to and after applying random oracle permutation P such that $C=k_2\bigoplus P(M\bigoplus k_1)$. Recently, Gentry and Ramzan showed that this scheme in the random permutation oracle can be replaced by the four-round Feistel network construction in the random function oracle and also proved that their scheme is super-pseudorandom. In this paper we reduce the key size from 2n to n, which is the optimal key size of Even-Mansour cipher in the random function oracle model and also give almost the same level of security.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.463-465
• /
• 2001

암호화 알고리즘으로 블록 암호화 알고리즘은 스트림 암호화 알고리즘에 비해 빠르며 안전성이 뛰어나 많이 사용되고 있다. 현재 블록 암호화 알고리즘은 새로운 방식이 제안되기 보다는 페이스텔 암호(Feistel Cipher)에 기반하거나 그것의 변형에 기반을 두는 방향으로 발전되고 있는데 그것은 페이스텔 암호의 안전성이 검증이 되었기 때문이다. 1994년에 발표된 TEA는 작고 구현이 쉬운 블록 암호화 알고리즘으로 페이스텔 암호를 기반으로 하여 크기가 작고 빠르면서 구현이 쉬운 특징을 가지고 있다. 페이스텔 암호에 대한 연구는 암호학적인 측면에서 암호학의 기반을 이루므로 많이 진행되고 있는데 대체적으로 페이스텔 암호의 구조보다는 키 스케줄이나 페이스텔 암호를 이루는 라운드 함수에 대한 연구가 주도족이라고 보여진다. 하지만 이러한 페이스텔 암호를 이루는 페이스텔 구조에 대한 연구는 아직까지 미지한 형편이다. 본 논문에서는 TEA에 적용된 페이스텔 암호를 분석하여 TEA가 가지고 있는 페이스텔 구조에 대하여 연구해 보고자 한다.

• Proceedings of the IEEK Conference
• /
• 2002.06b
• /
• pp.125-128
• /
• 2002

This paper designed a cipher process, which used SEED-Algorithm that is totally domestic technique. This cipher processor is implemented by using SEED-cipher-Algorithm and pipeline scheduling architecture. The cipher is 16-round Feistel architecture but we show just 16-round Feistel architecture for brevity in this thesis. Of course, we can get the result of the 16-round processing by addition of control part simply. Furthermore, it has pipelined architecture, so the speed of cipher process is the faster than others when we performed a cipher a lot of data. The schedule-function can performed the two-cipher process simultaneously, such as using two-cipher processors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.1
• /
• pp.67-80
• /
• 2002

In this article, a new block encryption algorithm FRACTAL is introduced. FRACTAL adopts 8-round Feistel structure handling 128 hit inputs and keys. Furthermore, FRACTAL possesses the provable security against DC and LC, which are known to he the most powerful attacks on block ciphers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.467-476
• /
• 2017

In this paper, we analyze Generalized Feistel Network(GFN) Type I, Type II, Type III that round function use SP update function, secret S-box and $k{\times}k$ MDS matirx. In this case an attacker has no advantage about S-box. For each type of GFN, we analyze and restore secret S-box in 9, 6, 6 round using the basis of integral cryptanalysis with chosen plaintext attack. Also we restore secret S-box in 16 round of GFN Type I with chosen ciphertext attack. In conclusion, we need $2^{2m}$ data complexity and ${\frac{2^{3m}}{32k}},{\frac{2^{3m}}{24k}},{\frac{2^{3m}}{36k}}$ time complexity to restore m bit secret S-box in GFN Type I, Type II, Type III.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.337-347
• /
• 2020

In CRYPTO 2019, Gohr presents that Deep-learning can be used for cryptanalysis. In this paper, we verify whether Deep-learning can identify the structures of S-box. To this end, we conducted two experiments. First, we use DDT and LAT of S-boxes as the learning data, whose structure is one of mainly used S-box structures including Feistel, MISTY, SPN, and multiplicative inverse. Surprisingly, our Deep-learning algorithms can identify not only the structures but also the number of used rounds. The second application verifies the pseudo-randomness of and structures by increasing the nuber of rounds in each structure. Our Deep-learning algorithms outperform the theoretical distinguisher in terms of the number of rounds. In general, the design rationale of ciphers used for high level of confidentiality, such as for military purposes, tends to be concealed in order to interfere cryptanalysis. The methods presented in this paper show that Deep-learning can be utilized as a tool for analyzing such undisclosed design rationale.