• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.7
• /
• pp.311-316
• /
• 2013

256-bit block cipher XSB(eXtended Spn Block cipher) was proposed in 2012 and has a symmetric strucrure in encryption and decryption process. In this paper, we propose a differential fault analysis on XSB. Based on a random byte fault model, our attack can recover the secret key of XSB by using only two random byte fault injection. This result is the first known cryptanalytic result on the target algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.485-494
• /
• 2012

The block cipher HIGHT is designed suitable for low-resource hardware implementation. It established as the TTA standard and ISO/IEC 18033-3 standard. In this paper, we propose a differentail fault attack against the block cipher HIGHT. In the proposed attack, we assume that an attacker is possible to inject a random byte fault in the input value of the 28-th round. This attack can recover the secret key by using the differential property between the original ciphertext and fault cipher text pairs. Using 7 and 12 error, our attack recover secret key within a few second with success probability 87% and 51%, respectively.

• ETRI Journal
• /
• v.36 no.6
• /
• pp.1032-1040
• /
• 2014

The Lai-Massey scheme, proposed by Vaudenay, is a modified structure in the International Data Encryption Algorithm cipher. A family of block ciphers, named FOX, were built on the Lai-Massey scheme. Impossible differential cryptanalysis is a powerful technique used to recover the secret key of block ciphers. This paper studies the impossible differential cryptanalysis of the Lai-Massey scheme with affine orthomorphism for the first time. Firstly, we prove that there always exist 4-round impossible differentials of a Lai-Massey cipher having a bijective F-function. Such 4-round impossible differentials can be used to help find 4-round impossible differentials of FOX64 and FOX128. Moreover, we give some sufficient conditions to characterize the existence of 5-, 6-, and 7-round impossible differentials of Lai-Massey ciphers having a substitution-permutation (SP) F-function, and we observe that if Lai-Massey ciphers having an SP F-function use the same diffusion layer and orthomorphism as a FOX64, then there are indeed 5- and 6-round impossible differentials. These results indicate that both the diffusion layer and orthomorphism should be chosen carefully so as to make the Lai-Massey cipher secure against impossible differential cryptanalysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.1
• /
• pp.13-23
• /
• 2001

This paper implemented into hardware SEED which is the KOREA standard 128-bit block cipher. First, at the respect of hardware implementation, we compared and analyzed SEED with AES finalist algorithms - MARS, RC6, RIJNDAEL, SERPENT, TWOFISH, which are secret key block encryption algorithms. The encryption of SEED is faster than MARS, RC6, TWOFISH, but is as five times slow as RIJNDAEL which is the fastest. We propose a SEED hardware architecture which improves the encryption speed. We divided one round into three parts, J1 function block, J2 function block J3 function block including key mixing block, because SEED repeatedly executes the same operation 16 times, then we pipelined one round into three parts, J1 function block, J2 function block, J3 function block including key mixing block, because SEED repeatedly executes the same operation 16 times, then we pipelined it to make it more faster. G-function is implemented more easily by xoring four extended 4 byte SS-boxes. We tested it using ALTERA FPGA with Verilog HDL. If the design is synthesized with 0.5 um Samsung standard cell library, encryption of ECB and decryption of ECB, CBC, CFB, which can be pipelined would take 50 clock cycles to encrypt 384-bit plaintext, and hence we have 745.6 Mbps assuming 97.1 MHz clock frequency. Encryption of CBC, OFB, CFB and decryption of OFB, which cannot be pipelined have 258.9 Mbps under same condition.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.69-76
• /
• 2024

The white-box implementation is a cryptographic technique used to protect the secret key of a cryptographic system. It is primarily employed for digital rights management for music and videos. Since 2002, numerous white-box implementations have been developed to ensure secure digital rights management. These have been applied to AES and DES. ARIA, a 128-bit block cipher with an involution substitution and permutation network (SPN), was selected as a South Korean standard in 2004. In this paper, we propose the first white-box ARIA implementation. Our implementation consists of 7,696 lookup tables, with a total size of 1,984 KB. We demonstrate that it also has considerable white-box diversity and white-box ambiguity from a security perspective.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.157-159
• /
• 2016

3가지 마스터키 길이 128/192/256 비트를 지원하는 파이프라인 LEA(Lightweight Encryption Algorithm) 크립토 프로세서를 설계하였다. 높은 처리율을 얻기 위해 16개의 라운드 스테이지가 파이프라인 방식으로 동작하며, 각 라운드 스테이지는 128비트 데이터패스를 갖도록 설계하였다. 설계된 LEA 프로세서는 FPGA 구현을 통해 하드웨어 동작을 검증하였다. Xilinx ISE로 합성한 결과, 최대 동작주파수 122MHz로 동작하여 7.8Gbps의 성능을 갖는 것으로 평가되었다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.7
• /
• pp.1608-1616
• /
• 2015

This paper describes an efficient hardware implementation of lightweight encryption algorithm LEA-128/192/256 which supports for three master key lengths of 128/192/256-bit. To achieve area-efficient and low-power implementation of LEA crypto- processor, the key scheduler block is optimized to share hardware resources for encryption/decryption key scheduling of three master key lengths. In addition, a parallel register structure and novel operating scheme for key scheduler is devised to reduce clock cycles required for key scheduling, which results in an increase of encryption/decryption speed by 20~30%. The designed LEA crypto-processor has been verified by FPGA implementation. The estimated performances according to master key lengths of 128/192/256-bit are 181/162/109 Mbps, respectively, at 113 MHz clock frequency.