To prove a block cipher is secure against Differential Cryptanalysis one should show the maximum differential probability is a small enough value. We will prove that the maximum differential probability of a 13 round Skipjack-like structure is bounded by p4, where p is the maximum differential probability of round function. 相似文献
PRESENT is a hardware-optimized 64-bit lightweight block cipher which supports 80- and 128-bit secret keys. In this paper, we propose a differential fault analysis (DFA) on PRESENT-80/128. The proposed attack is based on a 2-byte random fault model. In detail, by inducing several 2-byte random faults in input registers after 28 rounds, our attack recovers the secret key of the target algorithm. From simulation results, our attacks on PRESENT-80/128 can recover the secret key by inducing only two and three 2-byte random faults, respectively. These are superior to known DFA results on them. 相似文献
Peer-to-Peer Networking and Applications - In this paper, we evaluate the security of lightweight block ciphers mCrypton and LED against biclique cryptanalysis. In cases of mCryton-64/96/128, our... 相似文献
This paper proposes an efficient masking method for the block cipher SEED that is standardized in Korea. The nonlinear parts of SEED consist of two S‐boxes and modular additions. However, the masked version of these nonlinear parts requires excessive RAM usage and a large number of operations. Protecting SEED by the general masking method requires 512 bytes of RAM corresponding to masked S‐boxes and a large number of operations corresponding to the masked addition. This paper proposes a new‐style masked S‐box which can reduce the amount of operations of the masking addition process as well as the RAM usage. The proposed masked SEED, equipped with the new‐style masked S‐box, reduces the RAM requirements to 288 bytes, and it also reduces the processing time by 38% compared with the masked SEED using the general masked S‐box. The proposed method also applies to other block ciphers with the same nonlinear operations. 相似文献
To date, many different kinds of logic styles for hardware countermeasures have been developed; for example, SABL, TDPL, and DyCML. Current mode–based logic styles are useful as they consume less power compared to voltage mode–based logic styles such as SABL and TDPL. Although we developed TPDyCML in 2012 and presented it at the WISA 2012 conference, we have further optimized it in this paper using a binary decision diagram algorithm and confirmed its properties through a practical implementation of the AES S‐box. In this paper, we will explain the outcome of HSPICE simulations, which included correlation power attacks, on AES S‐boxes configured using a compact NMOS tree constructed from either SABL, CMOS, TDPL, DyCML, or TPDyCML. In addition, to compare the performance of each logic style in greater detail, we will carry out a mutual information analysis (MIA). Our results confirm that our logic style has good properties as a hardware countermeasure and 15% less information leakage than those secure logic styles used in our MIA. 相似文献
Modular multiplication is one of the most time-consuming operations that account for almost 80% of computational overhead in a scalar multiplication in elliptic curve cryptography. In this paper, we present a new speed record for modular multiplication over 192-bit NIST prime P-192 on 8-bit AVR ATmega microcontrollers.
We propose a new integer representation named Range Shifted Representation (RSR) which enables an efficient merging of the reduction operation into the subtractive Karatsuba multiplication. This merging results in a dramatic optimization in the intermediate accumulation of modular multiplication by reducing a significant amount of unnecessary memory access as well as the number of addition operations. Our merged modular multiplication on RSR is designed to have two duplicated groups of 96-bit intermediate values during accumulation. Hence, only one accumulation of the group is required and the result can be used twice.
Consequently, we significantly reduce the number of load/store instructions which are known to be one of the most time-consuming operations for modular multiplication on constrained devices. Our implementation requires only 2888 cycles for the modular multiplication of 192-bit integers and outperforms the previous best result for modular multiplication over P-192 by a factor of 17%. In addition, our modular multiplication is even faster than the Karatsuba multiplication (without reduction) which achieved a speed record for multiplication on AVR processor.
As side‐channel analysis and machine learning algorithms share the same objective of classifying data, numerous studies have been proposed for adapting machine learning to side‐channel analysis. However, a drawback of machine learning algorithms is that their performance depends on human engineering. Therefore, recent studies in the field focus on exploiting deep learning algorithms, which can extract features automatically from data. In this study, we survey recent advances in deep learning‐based side‐channel analysis. In particular, we outline how deep learning is applied to side‐channel analysis, based on deep learning architectures and application methods. Furthermore, we describe its properties when using different architectures and application methods. Finally, we discuss our perspective on future research directions in this field. 相似文献
At CHES 2007, Biryukov and Knovratovich introduced a concept of side-channel attacks based on impossible collisions, and applied
it to AES with reduced masked rounds. In this paper, we propose side-channel attacks on HIGHT (HIGh security and light weigHT)
with the first 11, 12, 13 reduced masked rounds using impossible collision. Our best attacks on HIGHT with the first 11, 12
and 13 reduced masked rounds need 217, 232 and 240 chosen plaintexts and 223.6, 256.6 and 280.6 curve comparisons, respectively. They are the first known side-channel attacks on HIGHT with reduced masked rounds. 相似文献
下载免费PDF全文