AES [and other Block Ciphers] Implementation Tricks
|
|
- Joan Parker
- 5 years ago
- Views:
Transcription
1 AES [and other Bloc Ciphers] Implementation Trics
2 Cryptographic algorithms Basic primitives Survey by Stephen et al, LNCS 1482, Sep. 98
3 General Structure of a Bloc Cipher
4 Useful Properties for Implementing Bloc Ciphers Bit-wise operations (XOR, AND, OR, etc.) LUT 4 x 1 X = a + b Y = X + c Z = Y + d Z = a + b + c + d
5 Useful Properties for Implementing Bloc Ciphers Substitution
6 Useful Properties for Implementing Bloc Ciphers Permutation Permutation = [1, 5, 4, 3, 2, 6] Change of wires Free of cost
7 Useful Properties for Implementing Bloc Ciphers Shift & rotation IN[31:0] A[31:24] B[23:16] C[15:8] 8-bit OUT[31:0] D[7:0] IN[24:0] Rotation Shifting 8-bit Cost free operations
8 Useful Properties for Implementing Bloc Ciphers Iterative nature Iterative IN Select One Round Latch CE CLK Out Pipeline IN 1 st Round 2 nd Latch n th Round Latch Round Latch Out CE CLK CE CLK CE CLK 1 st Round 2 nd Round n th Round Sub- Pipeline IN CLK2 Latch Latch Latch Latch Latch Latch Out CE CLK1 CE CLK1 CE CLK1
9 Useful Properties for Implementing Bloc Ciphers Parallelism X = a + b Y = X + c Z = Y + d Three cycle X = a + b Y = a + b + c Z = a + b + c + d One cycle X Y Z X Y Z
10 How FPGA implementations Speed up encryption??
11 Example for DES Implementation on FPGA Lot of permutation operations. Is there any difficulty? Substitution is a problem?
12 Permutations in Hardware (FPGA) concatenation operator right<=ip(56)&ip(48)&ip(40)&ip(32)&ip(24)&ip(16)&ip(8)& ip(0)&ip(58)&ip(50)&ip(42)&ip(34)&ip(26)&ip(18)&ip(10) &ip(2)&ip(60)&ip(52)&ip(44)&ip(36)&ip(28)&ip(20)&ip(12 )&ip(4)&ip(62)&ip(54)&ip(46)&ip(38)&ip(30)&ip(22)&ip(1 4)&ip(6); ip[63:0] right
13 Substitution in Hardware (FPGA) S1 S2 S3 S4 S5 S6 S7 S8 64 x 4 = 256 bits 64 x 4 = 256 bits 64 x 4 = 256 bits 64 x 4 = 256 bits 64 x 4 = 256 bits 64 x 4 = 256 bits 64 x 4 = 256 bits 64 x 4 = 256 bits 2048 bits = 2K CLB slices in memoy mode = 4 x 8 = 32 CLB slices Using selected BRAM => Virtex series devices contains more than 280 BRAMs of 4K each
14 DES implementation in Hardware (FPGA) Author Device CLB Slices Allowed Freq. (MHz) Throughput (Mbits/s) Biham(software) Alpha Wong et al 1998 XC4020E Kaps and Paar 1998 XC4028EX Free-DES 2000 XCV McLoony 2003 XCV Sandia 1999 ASIC 9280 Laboratories Patterson 2000 XCV (Jbits) This wor XCV
15 The same hold for other bloc ciphers?
16 AES AES Processes Plain Text 128 Key Scheduling Encryption Decryption AES 128 Cipher Text 128 Key
17 Rijndael Advanced Encryption Standard Rijndael bloc cipher algorithm has been chosen by NIST as the Advanced Encryption Standard 128, 192 and 256 bit bloc-length When it is called AES, it means bloc length of 128 bits only FPGA AES implementations: Single encryptor: Dandalis,, Elbirt, & Gaj, : 2000 Full encryptor/decryptor: McLoone & McCanny 2001 CHES Gbps
18 AES Encryption Algorithm Flow USER KEY SUB KEY SUB KEY IN ARK BS ARK BS SR ARK OUT SR MC (ROUND-1) BS: SR: MC: ARK: Byte Substitution Shift Rows Mix Column Add Round Key Selection of rounds
19 AES b Input = 128 bits = 16 bytes 0 b1 b2 b3 b4 b5 b6 b7 b8 b9 b10 b11 b12 b13 b14 b15 ' b b & b % b b b b b b b b b b b b b # " State Matrix Both plaintext and ey are arranged into 4 x 4 matrix
20 .. Round Key 10 Round Key 3 Round Key 1 Round Key 0 " # % & ' Key Scheduling " # % & ' " # % & ' User-ey Generated- eys
21 1. Byte Substitution SUB KEY BS ARK SR MC a 0,0 a 0,1 a 1,0 a 0,3 a 1,1 a 2,0 a 1,3 a 2,1 a 3,0 a 2,3 a 3,1 a 0,2 a 1,2 a 2,2 a 3,2 State Matrix a 3,3 S-BOX 16x16 b 0,0 b 0,1 b 1,0 b 0,3 b 1,1 b 2,0 b 1,3 b 2,1 b 3,0 b 2,3 b 3,1 b 0,2 b 1,2 b 2,2 b 3,2 b 3,3
22 Byte Substitution IN BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM BRAM OUT 16 BRAMS OF 256 X 8
23 o n m p j i l e h g f d c b a p o n m l j i h g f e d c b a Offset 0 2. ShiftRow(SR) MC Offset 1 Offset 2 Offset 3 o n m p j i l e h g f d c b a p o n m l j i h g f e d c b a Offset 0 IMC Offset 1 Offset 2 Offset 3 BS ARK SR MC SUB KEY
24 ShiftRow(SR) SUB KEY BS SR ARK MC Offset 0 Offset 1 Offset 2 Offset 3 a e i m b f j n c g o d h l p a f p b g l m c h i n d e j o MC IN a bc d e f g h OUT j m no i l p
25 **Every entry is represented in GF(2 8 ) 3. MixColumn(MC) & Inv MixColumn(IMC) MC IMC i=0,1,2,3 BS ARK SR MC SUB KEY " # % & " # % & = " # % & ' ' ' ' i i i i c c c c c c c c 3, 2, 1, 0, 0,0 0,0 0,0 0, " # % & " # % & = " # % & ' ' ' ' i i i i c c c c E D B B E D D B E D B E c c c c 3, 2, 1, 0, 0,0 0,0 0,0 0, in GF(2 8 ) in GF(2 8 )
26 4. AddRoundKey(ARK) SUB KEY BS ARK SR MC ey b 0,0 b 0,1 b 0,2 b 0,3 0,0 0,1 0,2 0,3 a 0,0 a 0,1 a 0,2 a 0,3 b 1,0 b 2,0 b 1,1 b 2,1 b 1,2 b 2,2 b 1,3 b 2,3 = 1,0 2,0 1,1 2,1 1,2 2,2 1,3 2,3 a 1,0 a 2,0 a 1,1 a 2,1 a 1,2 a 2,2 a 1,3 a 2,3 b 3,0 b 3,1 b 3,2 b 3,3 3,0 3,1 3,2 3,3 a 3,0 a 3,1 a 3,2 a 3,3
27 Novel techniques for implementing AES round transformation Steps Key schedule S-Box & Inv. S-Box MC & Inv. MC
28 Key Schedule " % ' ' ' ' # & # 0 " 4 " 8 " " % % 1 " 5 " 9 " " % 2 " 6 " 10 " " % 3 " 7 " 11 " " & ( ( ( ( ' 0 " 0 13 Step 1 Step 2 Step 3 Step 4 ( ) rcon = Sbox " 4 = 4 0 " 8 = 8 " 4 " 12 = 12 " 8 " 0 " 0 13 Step 1 Step 2 ( ), Sbox rcon " = " " = " = , " " 12 =
29 Key Schedule 0 " 0 13 Step 1 Step 2 ( ), Sbox rcon " = " " = " = , " " 12 =
30 Byte Substitution (BS) Loo-up table method Composite Field approach MI AF S-BOX IN IAF MI INV S-BOX in GF(2 8 ) E/D IN IAF MI AF S-BOX INV S-BOX
31 Byte Substitution (BS) (MI manipulation) Loo-up table method Two methods to construct S-Box using loo-up table method 1. Using distributed memory 2. Using built in memories called BRAMs Composite Field GF((2 2 ) 2 ) 2 S. Morioa and A. Satoh, CHES Map the element A GF(2 8 ) to a composite field F 2. Compute the Multiplicative Inverse over the field F 3. Map bac from field F to GF(2 8 )
32 MixColumn (MC) ' % % % % & v ' a 01 "% a "% 03" % a "% 02# & a [ 0] [ 1] [ 2] [ 3] " " " " # = 02a 01a 01a 03a [ 0] 03a[ 1] 01a[ 2] 01a[ 3] [ 0] 02a[ 1] 03a[ 2] 01a[ 3] [ 0] 01a[ 1] 02a[ 2] 03a[ 3] [ 0] 01a[ 1] 01a[ 2] 02a[ 3] t = a[ 0] a[] 1 a[ 2] a[ 3] = a[ 0] a[] 1 v = xtime( v) a "[ 0] = a[ 0] v t = a[] 1 a[ 2] v = xtime( v) a "[] 1 = a[] 1 v t = a[ 2] a[ 3] v = xtime( v) a "[ 2] = a[ 2] v t = a[ 3] a[ 0] v = xtime( v) a "[ 3] = a[ 3] v t v v v v in GF(2 8 ) [ 0] ( 02a[ 0] 02a[ 1] ) ( a[ 0] a[ 1] a[ 2] a[ 3] ) a
33 MixColumn (MC) = a[] 1 a[ 2] a[ 3] xt 0 = xtime( a[ 0] ) a" [ 0] = v xto xt1 = a[ 0] a[ 2] a[ 3] xt 1 = xtime( a[] 1 ) a "[] 1 = v xt1 xt2 = a[ 0] a[] 1 a[ 3] xt 2 = xtime( a[ 2] ) a "[ 2] = v xt2 xt3 = a[ 0] a[] 1 a[ 2] xt 3 = xtime( a[ 3] ) a "[ 3] = v xt3 xt0 v v v v = a[] 1 a[ 2] a[ 3] xt 0 = xtime( a[ 0] ) a" [ 0] = [ 0] v xto xt1 = a[ 0] a[ 2] a[ 3] xt 1 = xtime( a[] 1 ) a "[] 1 = [] 1 v xt1 xt2 = a[ 0] a[] 1 a[ 3] xt 2 = xtime( a[ 2] ) a "[ 2] = [ 2] v xt2 xt3 = a[ 0] a[] 1 a[ 2] xt 3 = xtime( a[ 3] ) a "[ 3] = [ 3] v xt3 xt0 v v v v 02 v Key
34 Inv MixColumn(IMC) IMC ' 0E % % 09 % 0D % %& 0B 0B 0E 09 0D 0D 0B 0E ' a 0D "% "% a 0B" % a "% 0E" #%& a [ 0] [ 1] [ 2] [ 3] " " " " "# = 0Ea 09a 0Da 0Ba [ 0] 0Ba[ 1] 0Da[ 2] 09a[ 3] [ 0] 0Ea[ 1] 0Ba[ 2] 0Da[ 3] [ 0] 09a[ 1] 0Ea[ 2] 0Ba[ 3] [ 0] 0Da[ 1] 09a[ 2] 0Ea[ 3] Now compare MC & IMC? 08(x) 04(x) 02(x) IMC 0Ex = [ xtime( xtime( xtime( x )] [ xtime( xtime( x )] xtime( x) 02(x) MC 03x = xtime( x) x * 02x = xtime( x)
35 Inv MixColumn(IMC) We observe that, & 0E 09 0D % 0B 0B 0E 09 0D 0D 0B 0E # 0D 0B 0E" = & % # & " % # " (1) (2) ( xtime( x ) x 05x = xtime The biggest co-efficient for Eq.2 is, 05 Eq.1, we already have(mc), Eq.2 calculation can be made before Eq.1
36 Implementing AES on FPGAs Architecture 1: Encryptor core Sequential approach Architecture 2: Encryptor core Pipeline approach Architecture 3: Encryptor/decryptor core MC/IMC modified approach Architecture 4: Encryptor/decryptor core Using loo-up table method Architecture 5: Encryptor/decryptor core Using composite field approach
37 AES Implementation Strategies The commonly used architecures are: Iterative looping One round repeated n times Loop unrolling round 1 round round n n rounds Inner-round pipeling Register 1 Stage 1 Register 2... Stage Register one round
38 Architecture 1 Sequential Approach PLAIN TEXT USER-KEY RND 0 S ROUND-KEY RND 1-9 CLK LATCH ROUND-KEY RND 10 CIPHER TEXT USER KEY S RCON KGEN CLK LATCH ROUND KEY
39 Architecture 2 Pipelined Approach IN IN REG RND 0 RND 1 RND 2 RND 3 RND 4 RND 5 RND 6 RND 7 RND 8 RND 9 RND 10 OUT RK 0 RK 1 RK 2 RK 3 RK 4 RK 5 RK 6 RK 7 RK 8 RK 9 RK 10 USER- KEY IN REG KGEN KGEN KGEN KGEN KGEN KGEN KGEN KGEN KGEN KGEN KGEN
40 Architecture 3 Encryption/Decryption ENC E/D AF MC E/D IN ISR MI SR IMC ARK OUT DEC IAF IARK IN ENC DEC ISR IAF E/D MI AF SR ModM E/D MC ARK OUT Encryption: MI + AF + SR + MC + ARK Decryption: ISR + IAF + MI + ModM + MC + ARK
41 Architecture 4 Encryptor/decryptor core using loo-up table method IN ISR IAF E/D MI AF SR IMC IARK MC ARK E/D OUT Same S-Box (MI) for encryption/decryption Memory requirements become half BRAMs are used for storing MI values. No initial time to prepare them
42 Architecture 5 Encryptor/decryptor core using composite field for MI M Ist MI FIELD 2nd F TO GF(28 ) Transformation Manipulation Transformation M-1 GF(2 8 ) TO FIELD F GF(2) 2 ) 2 8 A GF(2 8 ) to GF(2 4 ) A H 4 4 A L X 2 A L Xl Mul 4x4 l A H 2 A L A 16 A 17 A L 16 X -1 A H Mul 4x4 Mul 4x4 4 GF(24 ) to 4 GF(2 8 ) 8 A -1 Let A F 2 and A= A H y + A L, then it can be shown that: A A = = A A H 16 y + A ( A + H AL) ; ( ) = 0 y + l AH A + H AL A = l L A + H AL AL
43 AES Algorithm Implementations Results Comparison
44 AES Implementation Strategies Metrics to measure performance 1 Throughput := Cloc cycle (Frequency) x No. of bits No. of rounds 2 Area CLB slices, BRAMs etc. 3 Ratio= Throughput/Area
45 Architecture 1: AES encryptor core using sequential approach Device Area Throughput Through-put/Area (XCV) (CLB slices) (Mbs) Gaj et al [1] Dandalis et al [2] Nazar et al %, 51% 22%, 26% Architecture 2: AES encryptor core using pipeline approach Device Area (CLB slices) Throughput Throughput/Area (XCV) (Mbits/s) Elbirt et al [3] Nazar et al % 47%
46 Architecture 3: AES encryptor/decryptor core using MC/IMC modified approach Device BRAMs CLB(S) Slices Throughput (Mbits/s)(T) T/S McLoone et al XCV3200E This design XCV2600E % 27.03% Two approach for MC/IMC Less BRAMs Less Slices Higher Throughput reported to-date
47 Architecture 4 & 5: AES encryptor/decryptor core using MI loo-up table and composite field approach Device BRAMs CLB(S) Throughput T/S Slices (Mbits/s)(T) McLoone XCV3200E E/D GF(2 8 ) XCV2600E E/D GF(2 4 ) XCV2600E No BRAMs 11%, 77 % 25%, 3 % Two approaches for MI First design uses loo-up table for MI, Key Scheduling included Fast but high memory requirements No initial delay Second design use composite field approach for MI, Slower with less memory requirements. Both are efficient as compared to reported design
48 Related Publications 1. Nazar A. Saqib, Francisco Rodriguez-Henriquez, and Arturo Diaz-Perez, Sequential and pipelined architectures for AES implementation, proceedings of IASTED international conference COMPUTER SCIENCE AND TECHNOLOGY, pp , May 19-21, 2003, Cancun Mexico. 2. F. Rodriguez-Henriquez, N.A. Saqib, and A. Diaz-Perez, 4.2 Gbit/s single-chip FPGA implementation of AES algorithm, ELECTRONICS LETTERS, Vol.39, No. 15, July 24, Nazar A. Saqib, Francisco Rodriguez-Henriquez, and Arturo Diaz-Perez, Two Approaches for a Single-Chip FPGA Implementation of an Encryptor/Decryptor AES Core, FPL 2003, Lecture Notes in computer Science 2778, pp , 2003 (FPL 2003, Sep 1-3, Lisbon,Portugal). 4. Nazar A. Saqib, Francisco Rodriguez-Henriquez, and Arturo Diaz-Perez, AES Algorithm Implementation-An efficient approach for Sequential and Pipeline architectures, Fourth Mexican International Conference on Computer Science, ENC 03, pp , Sep. 8-12, 2003, Tlaxcala, Mexico. 5. Nazar A. Saqib, Arturo Diaz-Perez and Francisco Rodriguez-Henriquez, Highly Optimized Single-Chip FPGA Implementations of AES Encryption and Decryption Cores, Accepted for Iberchip 2004
49 Conclusions A promising AES Encryptor/decryptor core (contributions for AES S-Box/Inv S-Box) Using loo-up table for S-Box Using Composite Fields GF(2 4 ) An optimized AES Encryptor/decryptor core (contributions for AES MC/IMC) Using Modified version for IMC A sequential and pipeline encryptor core (tradeoff between speed and area) Future wor: completion of ECC scalar multiplication Thesis writing and defense
Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES
Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES Rajasekar P Assistant Professor, Department of Electronics and Communication Engineering, Kathir College of Engineering, Neelambur,
More informationImproved Impossible Differential Cryptanalysis of Rijndael and Crypton
Improved Impossible Differential Cryptanalysis of Rijndael and Crypton Jung Hee Cheon 1, MunJu Kim 2, Kwangjo Kim 1, Jung-Yeun Lee 1, and SungWoo Kang 3 1 IRIS, Information and Communications University,
More informationApplications of Finite Sets Jeremy Knight Final Oral Exam Texas A&M University March 29 th 2012
Finite Fields and Cryptography Applications of Finite Sets Jeremy Knight Final Oral Exam Texas A&M University March 29 th 2012 A field is a set that 1. is associative, commutative, and distributive for
More informationSecret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design:
Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design: Secret Key Systems Encrypting a small block of text (say 64 bits) General considerations
More informationHigh Performance GHASH Function for Long Messages
High Performance GHASH Function for Long Messages Nicolas Méloni 1, Christophe Négre 2 and M. Anwar Hasan 1 1 Department of Electrical and Computer Engineering University of Waterloo, Canada 2 Team DALI/ELIAUS
More informationOutline. 1 Arithmetic on Bytes and 4-Byte Vectors. 2 The Rijndael Algorithm. 3 AES Key Schedule and Decryption. 4 Strengths and Weaknesses of Rijndael
Outline CPSC 418/MATH 318 Introduction to Cryptography Advanced Encryption Standard Renate Scheidler Department of Mathematics & Statistics Department of Computer Science University of Calgary Based in
More informationHardware Implementation of Efficient Modified Karatsuba Multiplier Used in Elliptic Curves
International Journal of Network Security, Vol.11, No.3, PP.155 162, Nov. 2010 155 Hardware Implementation of Efficient Modified Karatsuba Multiplier Used in Elliptic Curves Sameh M. Shohdy, Ashraf B.
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 9: Encryption modes. AES
CS355: Cryptography Lecture 9: Encryption modes. AES Encryption modes: ECB } Message is broken into independent blocks of block_size bits; } Electronic Code Book (ECB): each block encrypted separately.
More informationBlock Ciphers and Feistel cipher
introduction Lecture (07) Block Ciphers and cipher Dr. Ahmed M. ElShafee Modern block ciphers are widely used to provide encryption of quantities of information, and/or a cryptographic checksum to ensure
More informationBlock ciphers. Block ciphers. Data Encryption Standard (DES) DES: encryption circuit
Block ciphers Block ciphers Myrto Arapinis School o Inormatics University o Edinburgh January 22, 2015 A block cipher with parameters k and l is a pair o deterministic algorithms (E, D) such that Encryption
More informationHardware Design and Analysis of Block Cipher Components
Hardware Design and Analysis of Block Cipher Components Lu Xiao and Howard M. Heys Electrical and Computer Engineering Faculty of Engineering and Applied Science Memorial University of Newfoundland St.
More informationHigh Performance GHASH Function for Long Messages
High Performance GHASH Function for Long Messages Nicolas Méloni, Christophe Negre, M. Anwar Hasan To cite this version: Nicolas Méloni, Christophe Negre, M. Anwar Hasan. High Performance GHASH Function
More informationThe Advanced Encryption Standard
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 48 The Advanced Encryption Standard Successor of DES DES considered insecure; 3DES considered too slow. NIST competition in 1997 15
More informationFPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials
FPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials C. Shu, S. Kwon and K. Gaj Abstract: The efficient design of digit-serial multipliers
More information(Solution to Odd-Numbered Problems) Number of rounds. rounds
CHAPTER 7 AES (Solution to Odd-Numbered Problems) Review Questions. The criteria defined by NIST for selecting AES fall into three areas: security, cost, and implementation. 3. The number of round keys
More informationNew Implementations of the WG Stream Cipher
New Implementations of the WG Stream Cipher Hayssam El-Razouk, Arash Reyhani-Masoleh, and Guang Gong Abstract This paper presents two new hardware designs of the WG-28 cipher, one for the multiple output
More informationModule 2 Advanced Symmetric Ciphers
Module 2 Advanced Symmetric Ciphers Dr. Natarajan Meghanathan Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Data Encryption Standard (DES) The DES algorithm
More informationFPGA-based Niederreiter Cryptosystem using Binary Goppa Codes
FPGA-based Niederreiter Cryptosystem using Binary Goppa Codes Wen Wang 1, Jakub Szefer 1, and Ruben Niederhagen 2 1. Yale University, USA 2. Fraunhofer Institute SIT, Germany April 9, 2018 PQCrypto 2018
More information2. Accelerated Computations
2. Accelerated Computations 2.1. Bent Function Enumeration by a Circular Pipeline Implemented on an FPGA Stuart W. Schneider Jon T. Butler 2.1.1. Background A naive approach to encoding a plaintext message
More informationImplementing the Elliptic Curve Method of Factoring in Reconfigurable Hardware
Implementing the Elliptic Curve Method of Factoring in Reconfigurable Hardware Kris Gaj Soonhak Kwon Patrick Baier Paul Kohlbrenner Hoang Le Khaleeluddin Mohammed Ramakrishna Bachimanchi George Mason University
More informationIntroduction. CSC/ECE 574 Computer and Network Security. Outline. Introductory Remarks Feistel Cipher DES AES
CSC/ECE 574 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms CSC/ECE 574 Dr. Peng Ning 1 Outline Introductory Remarks Feistel Cipher DES AES CSC/ECE 574 Dr. Peng Ning 2 Introduction
More informationPARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM
PARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM Nabihah Ahmad Department of Electronic Engineering, Faculty of Electrical and Electronic Engineering, Universiti
More informationEfficient Hardware Architecture for Scalar Multiplications on Elliptic Curves over Prime Field
Efficient Hardware Architecture for Scalar Multiplications on Elliptic Curves over Prime Field Khalid Javeed BEng, MEng A Disertation submitted in fulfilment of the requirements for the award of Doctor
More informationA Lightweight Concurrent Fault Detection Scheme for the AES S-boxes Using Normal Basis
A Lightweight Concurrent Fault Detection Scheme for the AES S-boxes Using Normal Basis Mehran Mozaffari-Kermani and Arash Reyhani-Masoleh Department of Electrical and Computer Engineering, The University
More informationChapter 2 Symmetric Encryption Algorithms
Chapter 2 Symmetric Encryption Algorithms February 15, 2010 2 The term symmetric means that the same key used to encrypt is used decrypt. In the widest sense all pre-pkc encryption algorithms are symmetric,
More informationThe Hash Function JH 1
The Hash Function JH 1 16 January, 2011 Hongjun Wu 2,3 wuhongjun@gmail.com 1 The design of JH is tweaked in this report. The round number of JH is changed from 35.5 to 42. This new version may be referred
More informationComprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure
Comprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure Amir Moradi and Oliver Mischke Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany {moradi,mischke}@crypto.rub.de
More informationDIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD *
DIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD * Mark Karpovsky, Konrad J. Kulikowski, Alexander Taubin Reliable Computing Laboratory,Department of Electrical
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University February 5 2018 Review Relation between PRF and PRG Construct PRF from
More information18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh
18733: Applied Cryptography Anupam Datta (CMU) Block ciphers Online Cryptography Course What is a block cipher? Block ciphers: crypto work horse n bits PT Block n bits E, D CT Block Key k bits Canonical
More informationA Five-Round Algebraic Property of the Advanced Encryption Standard
A Five-Round Algebraic Property of the Advanced Encryption Standard Jianyong Huang, Jennifer Seberry and Willy Susilo Centre for Computer and Information Security Research (CCI) School of Computer Science
More information18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh
18733: Applied Cryptography Anupam Datta (CMU) Block ciphers Online Cryptography Course What is a block cipher? Block ciphers: crypto work horse n bits PT Block n bits E, D CT Block Key k bits Canonical
More informationParallel Itoh-Tsujii Multiplicative Inversion Algorithm for a Special Class of Trinomials
Parallel Itoh-Tsujii Multiplicative Inversion Algorithm for a Special Class of Trinomials Francisco Rodríguez-Henríquez 1, Guillermo Morales-Luna 1, Nazar A. Saqib 2 and Nareli Cruz-Cortés 1 (1) Computer
More informationA Very Compact Perfectly Masked S-Box
A Very Compact Perfectly Masked S-Box for AES D. Canright 1 and Lejla Batina 2 1 Applied Math., Naval Postgraduate School, Monterey CA 93943, USA, dcanright@nps.edu 2 K.U. Leuven ESAT/COSIC, Kasteelpark
More informationKeccak. Guido Bertoni 1 Joan Daemen 1 Michaël Peeters 2 Gilles Van Assche 1
Keccak Guido Bertoni 1 Joan Daemen 1 Michaël Peeters 2 Gilles Van Assche 1 1 STMicroelectronics 2 NXP Semiconductors 17th Workshop on Elliptic Curve Cryptography Leuven, Belgium, September 17th, 2013 1
More informationTheoretical Modeling of the Itoh-Tsujii Inversion Algorithm for Enhanced Performance on k-lut based FPGAs
Theoretical Modeling of the Itoh-Tsujii Inversion Algorithm for Enhanced Performance on k-lut based FPGAs Sujoy Sinha Roy, Chester Rebeiro and Debdeep Mukhopadhyay Department of Computer Science and Engineering
More informationIntroduction to Modern Cryptography. (1) Finite Groups, Rings and Fields. (2) AES - Advanced Encryption Standard
Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard +,0, and -a are only notations! Review - Groups Def (group): A set G with a binary
More informationA New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES
A New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES Hanem M. El-Sheikh, Omayma A. El-Mohsen, Senior Member, IACSIT, Talaat Elgarf, and Abdelhalim Zekry, Senior Member, IACSIT
More informationStudies on Disk Encryption
Studies on Disk Encryption Cuauhtemoc Mancillas López Advisor: Debrup Chakraborty Nov 14, 2011 Cuauhtemoc Mancillas López Advisor: Debrup Chakraborty Studies () on Disk Encryption Nov 14, 2011 1 / 74 Disk
More informationIntroduction on Block cipher Yoyo Game Application on AES Conclusion. Yoyo Game with AES. Navid Ghaedi Bardeh. University of Bergen.
Yoyo Game with AES Navid Ghaedi Bardeh University of Bergen May 8, 2018 1 / 33 Outline 1 Introduction on Block cipher 2 Yoyo Game 3 Application on AES 4 Conclusion 2 / 33 Classical Model of Symmetric Cryptography
More informationAustralian Journal of Basic and Applied Sciences
AENSI Journals Australian Journal of Basic and Applied Sciences ISSN:1991-8178 Journal home page: www.ajbasweb.com of SubBytes and InvSubBytes s of AES Algorithm Using Power Analysis Attack Resistant Reversible
More informationReduced-Area Constant-Coefficient and Multiple-Constant Multipliers for Xilinx FPGAs with 6-Input LUTs
Article Reduced-Area Constant-Coefficient and Multiple-Constant Multipliers for Xilinx FPGAs with 6-Input LUTs E. George Walters III Department of Electrical and Computer Engineering, Penn State Erie,
More informationEfficient FPGA Implementations and Cryptanalysis of Automata-based Dynamic Convolutional Cryptosystems
Efficient FPGA Implementations and Cryptanalysis of Automata-based Dynamic Convolutional Cryptosystems Dragoş Trincă Department of Computer Science and Engineering University of Connecticut Storrs CT 06269
More informationAN FPGA IMPLEMENTATION OF RIJNDAEL: TRADE-OFFS FOR SIDE-CHANNEL SECURITY. Nele Mentens, Lejla Batina, Bart Preneel and Ingrid Verbauwhede
AN FPGA IMPLEMENTATION OF RIJNDAEL: TRADE-OFFS FOR SIDE-CHANNEL SECURIT Nele Mentens, Lejla Batina, Bart Preneel and Ingrid Verbauwhede {Nele.Mentens,Lejla.Batina,Bart.Preneel,Ingrid.Verbauwhede} @esat.kuleuven.ac.be
More informationCryptanalysis of SP Networks with Partial Non-Linear Layers
Cryptanalysis of SP Networks with Partial Non-Linear Layers Achiya Bar-On 1, Itai Dinur 2, Orr Dunkelman 3, Nathan Keller 1, Virginie Lallemand 4, and Boaz Tsaban 1 1 Bar-Ilan University, Israel 2 École
More informationAccelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography. Stefan Tillich, Johann Großschädl
Accelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography International Workshop on Information Security & Hiding (ISH '05) Institute for Applied Information Processing and Communications
More informationProvably Secure Higher-Order Masking of AES
Provably Secure Higher-Order Masking of AES Matthieu Rivain 1 and Emmanuel Prouff 2 1 CryptoExperts matthieu.rivain@cryptoexperts.com 2 Oberthur Technologies e.prouff@oberthur.com Abstract. Implementations
More informationHighly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design
Saint-Malo, September 13th, 2015 Cryptographic Hardware and Embedded Systems Highly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design Rei Ueno 1, Naofumi
More informationOn the Masking Countermeasure and Higher-Order Power Analysis Attacks
1 On the Masking Countermeasure and Higher-Order Power Analysis Attacks François-Xavier Standaert, Eric Peeters, Jean-Jacques Quisquater UCL Crypto Group, Place du Levant, 3, B-1348 Louvain-La-Neuve, Belgium.
More informationarxiv: v1 [cs.cr] 13 Sep 2016
Hacking of the AES with Boolean Functions Michel Dubois Operational Cryptology and Virology Laboratory Éric Filiol Operational Cryptology and Virology Laboratory September 14, 2016 arxiv:1609.03734v1 [cs.cr]
More informationAttacking AES via SAT
Computer Science Department Swansea University BCTCS Warwick, April 7, 2009 Introduction In the following talk, a general translation framework, based around SAT, is considered, with the aim of providing
More informationA New Algorithm to Construct. Secure Keys for AES
Int. J. Contemp. Math. Sciences, Vol. 5, 2010, no. 26, 1263-1270 A New Algorithm to Construct Secure Keys for AES Iqtadar Hussain Department of Mathematics Quaid-i-Azam University, Islamabad, Pakistan
More informationA Fault Attack on the LED Block Cipher
A Fault Attack on the LED Block Cipher P. Jovanovic, M. Kreuzer and I. Polian Fakultät für Informatik und Mathematik Universität Passau D-94030 Passau, Germany philipp.jovanovic,martin.kreuzer,ilia.polian@uni-passau.de
More informationLecture 12: Block ciphers
Lecture 12: Block ciphers Thomas Johansson T. Johansson (Lund University) 1 / 19 Block ciphers A block cipher encrypts a block of plaintext bits x to a block of ciphertext bits y. The transformation is
More informationSecret Key: stream ciphers & block ciphers
Secret Key: stream ciphers & block ciphers Stream Ciphers Idea: try to simulate one-time pad define a secret key ( seed ) Using the seed generates a byte stream (Keystream): i-th byte is function only
More informationAlternative Approaches: Bounded Storage Model
Alternative Approaches: Bounded Storage Model A. Würfl 17th April 2005 1 Motivation Description of the Randomized Cipher 2 Motivation Motivation Description of the Randomized Cipher Common practice in
More informationFFT-Based Key Recovery for the Integral Attack
FFT-Based Key Recovery for the Integral Attack Yosuke Todo NTT Secure Platform Laboratories Abstract. The integral attack is one of the most powerful attack against block ciphers. In this paper, we propose
More informationHardware Acceleration of the Tate Pairing in Characteristic Three
Hardware Acceleration of the Tate Pairing in Characteristic Three CHES 2005 Hardware Acceleration of the Tate Pairing in Characteristic Three Slide 1 Introduction Pairing based cryptography is a (fairly)
More informationA Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/ Counter Mode
Western University Scholarship@Western Electronic Thesis and Dissertation Repository October 2014 A Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/ Counter Mode
More informationEECS150 - Digital Design Lecture 23 - FFs revisited, FIFOs, ECCs, LSFRs. Cross-coupled NOR gates
EECS150 - Digital Design Lecture 23 - FFs revisited, FIFOs, ECCs, LSFRs April 16, 2009 John Wawrzynek Spring 2009 EECS150 - Lec24-blocks Page 1 Cross-coupled NOR gates remember, If both R=0 & S=0, then
More informationAES side channel attacks protection using random isomorphisms
Rostovtsev A.G., Shemyakina O.V., St. Petersburg State Polytechnic University AES side channel attacks protection using random isomorphisms General method of side-channel attacks protection, based on random
More informationImplementing the Elliptic Curve Method of Factoring in Reconfigurable Hardware
Implementing the Elliptic Curve Method of Factoring in Reconfigurable Hardware Kris Gaj 1, Soonhak Kwon 2, Patrick Baier 1, Paul Kohlbrenner 1, Hoang Le 1, Mohammed Khaleeluddin 1, Ramakrishna Bachimanchi
More informationStructural Evaluation by Generalized Integral Property
Structural Evaluation by Generalized Integral Property Yosue Todo NTT Secure Platform Laboratories, Toyo, Japan todo.yosue@lab.ntt.co.jp Abstract. In this paper, we show structural cryptanalyses against
More informationCompact Ring LWE Cryptoprocessor
1 Compact Ring LWE Cryptoprocessor CHES 2014 Sujoy Sinha Roy 1, Frederik Vercauteren 1, Nele Mentens 1, Donald Donglong Chen 2 and Ingrid Verbauwhede 1 1 ESAT/COSIC and iminds, KU Leuven 2 Electronic Engineering,
More informationStream ciphers. Pawel Wocjan. Department of Electrical Engineering & Computer Science University of Central Florida
Stream ciphers Pawel Wocjan Department of Electrical Engineering & Computer Science University of Central Florida wocjan@eecs.ucf.edu Definition of block ciphers Block ciphers: crypto work horse n bits
More informationSmall FPGA-Based Multiplication-Inversion Unit for Normal Basis over GF(2 m )
1 / 19 Small FPGA-Based Multiplication-Inversion Unit for Normal Basis over GF(2 m ) Métairie Jérémy, Tisserand Arnaud and Casseau Emmanuel CAIRN - IRISA July 9 th, 2015 ISVLSI 2015 PAVOIS ANR 12 BS02
More informationEfficient Hardware Calculation of Inverses in GF (2 8 )
Efficient Hardware Calculation of Inverses in GF (2 8 ) R. W. Ward, Dr. T. C. A. Molteno 1 Physics Department University of Otago Box 56, Dunedin, New Zealand 1 Email: tim@physics.otago.ac.nz Abstract:
More informationBlock Ciphers. Chester Rebeiro IIT Madras. STINSON : chapters 3
Block Ciphers Chester Rebeiro IIT Madras STINSON : chapters 3 Block Cipher K E K D Alice untrusted communication link E #%AR3Xf34^$ message encryption (ciphertext) Attack at Dawn!! D decryption Bob Attack
More informationInvariant Subspace Attack Against Full Midori64
Invariant Subspace Attack Against Full Midori64 Jian Guo 1, Jérémy Jean 1, Ivica Nikolić 1, Kexin Qiao 1,2, Yu Sasaki 1,3, and Siang Meng Sim 1 1 Nanyang Technological University, Singapore 2 Institute
More informationThe Rijndael Block Cipher
The Rijndael Block Cipher Vincent Leith MATH 27.2 May 3, 2 A brief look at the mathematics behind the Rijndael Block Chiper. Introduction The Rijndael Block Chiper was brought about by Joan Daemen and
More informationMASKED INVERSION IN GF(2 N ) USING MIXED FIELD REPRESENTATIONS AND ITS EFFICIENT IMPLEMENTATION FOR AES
Chapter X MASKED INVERSION IN GF( N ) USING MIXED FIELD REPRESENTATIONS AND ITS EFFICIENT IMPLEMENTATION FOR AES SHAY GUERON 1,, ORI PARZANCHEVSKY 1 and OR ZUK 1,3 1 Discretix Technologies, Netanya, ISRAEL
More informationAURORA: A Cryptographic Hash Algorithm Family
AURORA: A Cryptographic Hash Algorithm Family Submitters: Sony Corporation 1 and Nagoya University 2 Algorithm Designers: Tetsu Iwata 2, Kyoji Shibutani 1, Taizo Shirai 1, Shiho Moriai 1, Toru Akishita
More informationDifferential Fault Analysis of AES using a Single Multiple-Byte Fault
Differential Fault Analysis of AES using a Single Multiple-Byte Fault Subidh Ali 1, Debdeep Mukhopadhyay 1, and Michael Tunstall 2 1 Department of Computer Sc. and Engg, IIT Kharagpur, West Bengal, India.
More informationHardware Architectures of Elliptic Curve Based Cryptosystems over Binary Fields
Hardware Architectures of Elliptic Curve Based Cryptosystems over Binary Fields Chang Shu Doctoral Dissertation Defense Feb. 8, 007 Advisor: Dr. Kris Gaj Dept. of Electrical & Computer Engineering George
More informationSome integral properties of Rijndael, Grøstl-512 and LANE-256
Some integral properties of Rijndael, Grøstl-512 and LANE-256 Marine Minier 1, Raphael C.-W. Phan 2, and Benjamin Pousse 3 1 Universit de Lyon, INRIA, INSA-Lyon, CITI, 2 Electronic & Electrical Engineering,
More informationExtended Criterion for Absence of Fixed Points
Extended Criterion for Absence of Fixed Points Oleksandr Kazymyrov, Valentyna Kazymyrova Abstract One of the criteria for substitutions used in block ciphers is the absence of fixed points. In this paper
More informationSubspace Trail Cryptanalysis and its Applications to AES
Subspace Trail Cryptanalysis and its Applications to AES Lorenzo Grassi, Christian Rechberger and Sondre Rønjom March, 2017 1 / 28 Introduction In the case of AES, several alternative representations (algebraic
More informationCryptographically Robust Large Boolean Functions. Debdeep Mukhopadhyay CSE, IIT Kharagpur
Cryptographically Robust Large Boolean Functions Debdeep Mukhopadhyay CSE, IIT Kharagpur Outline of the Talk Importance of Boolean functions in Cryptography Important Cryptographic properties Proposed
More informationCryptography Lecture 4 Block ciphers, DES, breaking DES
Cryptography Lecture 4 Block ciphers, DES, breaking DES Breaking a cipher Eavesdropper recieves n cryptograms created from n plaintexts in sequence, using the same key Redundancy exists in the messages
More informationDesign and Hardware Implementation of a Chaotic Encryption Scheme for Real-time Embedded Systems
Design and Hardware Implementation of a Chaotic Encryption Scheme for Real-time Embedded Systems Amit Pande and Joseph Zambreno Department of Electrical and Computer Engineering Iowa State University,
More informationIntroduction. Outline. CSC/ECE 574 Computer and Network Security. Secret Keys or Secret Algorithms? Secrets? (Cont d) Secret Key Cryptography
Outline CSC/ECE 574 Computer and Network Security Introductory Remarks Feistel Cipher DES AES Topic 3.1 Secret Key Cryptography Algorithms CSC/ECE 574 Dr. Peng Ning 1 CSC/ECE 574 Dr. Peng Ning 2 Secret
More informationA Polynomial Description of the Rijndael Advanced Encryption Standard
A Polynomial Description of the Rijndael Advanced Encryption Standard arxiv:cs/0205002v1 [cs.cr] 2 May 2002 Joachim Rosenthal Department of Mathematics University of Notre Dame Notre Dame, Indiana 46556,
More informationAn Area Optimized Implementation of AES S-Box Based on Composite Field and Evolutionary Algorithm
, October 1-3, 015, San Francisco, USA An Area Optimized Implementation of AES S-Box Based on Composite Field and Evolutionary Algorithm Yaoping Liu, Ning Wu, Xiaoqiang Zhang, LilingDong, and Lidong Lan
More informationElliptic Curve Cryptography and Security of Embedded Devices
Elliptic Curve Cryptography and Security of Embedded Devices Ph.D. Defense Vincent Verneuil Institut de Mathématiques de Bordeaux Inside Secure June 13th, 2012 V. Verneuil - Elliptic Curve Cryptography
More informationLessons Learned from High-Speed Implementa6on and Benchmarking of Two Post-Quantum Public-Key Cryptosystems
Lessons Learned from High-Speed Implementa6on and Benchmarking of Two Post-Quantum Public-Key Cryptosystems Malik Umar Sharif, Ahmed Ferozpuri, and Kris Gaj George Mason University USA Partially supported
More informationLecture 4: DES and block ciphers
Lecture 4: DES and block ciphers Johan Håstad, transcribed by Ernir Erlingsson 2006-01-25 1 DES DES is a 64 bit block cipher with a 56 bit key. It selects a 64 bit block and modifies it depending on the
More informationAn Optimized Hardware Architecture of Montgomery Multiplication Algorithm
An Optimized Hardware Architecture of Montgomery Multiplication Algorithm Miaoqing Huang 1, Kris Gaj 2, Soonhak Kwon 3, and Tarek El-Ghazawi 1 1 The George Washington University, Washington, DC 20052,
More informationCHAPTER 5 A BLOCK CIPHER INVOLVING A KEY APPLIED ON BOTH THE SIDES OF THE PLAINTEXT
82 CHAPTER 5 A BLOCK CIPHER INVOLVING A KEY APPLIED ON BOTH THE SIDES OF THE PLAINTEXT 83 5.1 Introduction In a pioneering paper, Hill [5] developed a block cipher by using the modular arithmetic inverse
More informationStructural Evaluation of AES and Chosen-Key Distinguisher of 9-round AES-128
Structural Evaluation of AES and Chosen-Key Distinguisher of 9-round AES-128 Pierre-Alain Fouque 1 Jérémy Jean 2 Thomas Peyrin 3 1 Université de Rennes 1, France 2 École Normale Supérieure, France 3 Nanyang
More informationMATH3302 Cryptography Problem Set 2
MATH3302 Cryptography Problem Set 2 These questions are based on the material in Section 4: Shannon s Theory, Section 5: Modern Cryptography, Section 6: The Data Encryption Standard, Section 7: International
More informationON THE SECURITY OF THE ADVANCED ENCRYPTION STANDARD
ON THE SECURITY OF THE ADVANCED ENCRYPTION STANDARD Paul D. Yacoumis Supervisor: Dr. Robert Clarke November 2005 Thesis submitted for the degree of Honours in Pure Mathematics Contents 1 Introduction
More informationAn Efficient Multiplier/Divider Design for Elliptic Curve Cryptosystem over GF(2 m ) *
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 25, 1555-1573 (2009) An Efficient Multiplier/Divider Design for Elliptic Curve Cryptosystem over GF(2 m ) * MING-DER SHIEH, JUN-HONG CHEN, WEN-CHING LIN AND
More informationStructural Evaluation of AES and Chosen-Key Distinguisher of 9-round AES-128
Structural Evaluation of AES and Chosen-Key Distinguisher of 9-round AES-18 Pierre-Alain Fouque 1, Jérémy Jean,, and Thomas Peyrin 3 1 Université de Rennes 1, France École Normale Supérieure, France 3
More informationCAESAR candidate ICEPOLE
. CAESAR candidate ICEPOLE Pawel Morawiecki 1,2, Kris Gaj 3, Ekawat Homsirikamol 3, Krystian Matusiewicz 4, Josef Pieprzyk 5,6, Marcin Rogawski 7, Marian Srebrny 1,2, and Marcin Wojcik 8 Polish Academy
More informationRevisiting AES Related-Key Differential Attacks with Constraint Programming
Revisiting AES Related-Key Differential Attacs with Constraint Programming D Gerault (), P Lafourcade (), M Minier (2), C Solnon (3) () - LIMOS, Université Clermont-Ferrand (2) - LORIA, Université de Lorraine
More informationSide Channel Analysis and Protection for McEliece Implementations
Side Channel Analysis and Protection for McEliece Implementations Thomas Eisenbarth Joint work with Cong Chen, Ingo von Maurich and Rainer Steinwandt 9/27/2016 NATO Workshop- Tel Aviv University Overview
More informationImage Encryption and Decryption Algorithm Using Two Dimensional Cellular Automata Rules In Cryptography
Image Encryption and Decryption Algorithm Using Two Dimensional Cellular Automata Rules In Cryptography P. Sanoop Kumar Department of CSE, Gayatri Vidya Parishad College of Engineering(A), Madhurawada-530048,Visakhapatnam,
More informationDesign and FPGA Implementation of Radix-10 Algorithm for Division with Limited Precision Primitives
Design and FPGA Implementation of Radix-10 Algorithm for Division with Limited Precision Primitives Miloš D. Ercegovac Computer Science Department Univ. of California at Los Angeles California Robert McIlhenny
More informationPerfect Diffusion Primitives for Block Ciphers
Perfect Diffusion Primitives for Block Ciphers Building Efficient MDS Matrices Pascal Junod and Serge Vaudenay École Polytechnique Fédérale de Lausanne (Switzerland) {pascaljunod, sergevaudenay}@epflch
More informationSymmetric Crypto Systems
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Symmetric Crypto Systems EECE 412 Copyright 2004-2008 Konstantin Beznosov 09/16/08 Module Outline Stream ciphers under the hood Block ciphers
More information