Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES
|
|
- Lawrence Lawrence
- 6 years ago
- Views:
Transcription
1 Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES Rajasekar P Assistant Professor, Department of Electronics and Communication Engineering, Kathir College of Engineering, Neelambur, Coimbatore, India. rajasekarkpr@gmail.com, Dr. H. Mangalam Professor, Department of Electronics and Communication Engineering Sri Krishna College of Engineering and Technology Coimbatore, India. hmangalam@gmail.com. Abstract Information security has become an important issue in the modern world. To ensure secure communication in the field of information, various cryptography algorithms have been used. Advanced Encryption standard is one of the most popular security algorithms. Power reduction and compact size are playing vital role in the security based application design, especially smart card application. In this paper, we proposed low power architectural model of MixColumn Transformation which is part of the Advanced Encryption Standard. Generally, MixColumn Transformation requires matrix multiplication which takes more number of gates, in both encryption and decryption operation. The forward MixColumn Transformation is used in Encryption operation where as inverse Mix Column Transformation is used in decryption process. In this paper, analysis of optimized power and area model Mix Column Transformation based on Galois Field model is done. The proposed Mix Column Transformation architecture has been analyzed with the help of the Galois finite field, which is tower field Advanced Encryption Standard model. For this implementation, we have used Xilinx 14.1 synthesis tool, Xpower analyzer for analyze the gate count and power model. The proposed model can be implemented in Xilinx SPARATN 3E device. Keywords: Advanced Encryption Standard, MixColumn optimization, Low power, Forward and Inverse MixColumn Transformation, Architecture Design, GF. Introduction In the modern advancement of digital era, there is an increasing demand of secure devices for use of data transmission over insecure channel. Security designs are presently dominates and importance in the communication field, but there are limiting factors to this design are excess power consumption, area and throughput. There are many number of algorithms have been implemented based on the various criteria such as cost, complexity, power, throughput etc. Due to the improvement of system advancement and design tools, most of the algorithms have been broken it. In this historical time line, DES was the secured till the 1998, after that advancement computational speed and various crypt analysis process where DES proved to be an insecure algorithm[1]. Hence, National Institute of Standards and Technology (NIST), USA has decided to find the secure algorithm which one is replaced to DES. There are so many research works carried out in this area and submitted to NIST. In this connection, five algorithms have been finalized namely, MARS, RC6, Rijndael, Serpent, Twofish, After the third AES candidate conference,in October 000, NIST announced that Rijndael algorithm has been secured one and replaced DES because of complexity and implementation process. In addition that, the security issue has been met with 18 bit key length which focused on resistance to cryptanalysis other than brute force attacks. It also covers cost, which covers the computational efficiency and storage requirement for different implementations such as hardware, software, or smart card. This algorithm has been standardized as Advanced Encryption Standard (AES). [1],[]. This paper is organized as follows: Section II describes the AES operation.section III describes the Mathematical Model of MixColumn Transformation. Section IV describes Mathematical Model of MixColumn Transformation. Section V gives the simulation results and section VI Discussion and Conclusion. AES Encryption AES is a symmetric chiper, which means it uses the same key for both encryption and decryption, also operation carried out by block. In encryption, it takes plain text as input and chiper text as output where as in decryption it is reverse process. Unlike DES, it uses 18,19,56 bit keys and also not supported Fiestel structure. In Fiestel, only half of the data block is used to process the encryption in each round by applying substitution and permutation, after that the entire block is shuffled and forwarded to the next round. But the AES implementation, entire data block is used for encryption process. It also has different three versions based on number of the rounds used in encryption/decryption operation. This round depends on the key length in which10 rounds operation uses 18 bit key length. Similarly for 1 and 14 round of operation uses 19 bits and 56 bits keys respectively. In each round of operation, there is four functional modules used namely AddRoundKey, SubByte Transformation, MixColumn Transformation (MCT), and ShiftRow in encryption process [1] []. In Decryption operation, SubByte 9
2 Transformation, and MixColumn Transformation is replaced by its inverse module. For all of these operations inputs are assigned as sate array matrix which is shown in Fig1. S S S S S S S S S S S S S S S S Figure 1: State Array Representation Substitute byte Transformation This operation is a non-linear model byte substitution. Each state is replaced by another substituted byte which is carried by multiplicative inverse and Affine Transformation. Here the diffusion process is being carried by only in byte level. There are various implementation methods have been adapted for SBOX Transformation such as lookup table, composite field, Galois field and combinational structure etc. it is the one of the most power consume module in AES[3]. ShiftRow Transformation This is simple transformation operation based on the permutation process which operates on individual rows, in this operation; each row of the array is rotated by a certain number of byte positions; No shift in first row, one left shift in second row, two left shift in row three and there has been three left shift operation in last row [3]. MixColumn Transformation This is also one of the more power consumption module which is operated as nonlinear process like as SBOX that makes use of arithmetic over Galois Field(GF) ( 8 ).In this operation the input data is represented four 4*1 matrix which is multiplied (in GF ( 8 )) by a constant 4*4 matrix shown Fig. In input data bytes are represented as a polynomial form which has the degree of less than 4 [3] [4].Unlike the SBOX, MCT confusion and diffusion have been carried out in inter byte. In this paper we investigate and design the low power MCT for both forward and inverse operation. AddRoundKey Each byte of the array is added to a byte of the corresponding array of round sub keys. These add round key has been generated using key expansion module. The key expansion unit creates round keys word by word. This routine creates N r +1 round key where N r is number round. For 18 key schedules, 10 round processes, there have been 11 round keys generated. In which first key is used for pre computation process. Mathematical Model of MixColumn Transformation All byte values in the AES algorithm have been presented as the concatenation of the individual bit values, (0 or 1), between braces in the order {,,,,, b,, }.These bytes are interpreted as finite field elements using a polynomial representation by equation (1) 7 x i b i=0 i (1) It is also convenient to denote byte values using hexadecimal notation with each of two groups of four bits being denoted by a single hexadecimal character In the polynomial representation, multiplication in GF ( 8 ) corresponds with the multiplication of polynomials modulo an irreducible polynomial of degree 8. A polynomial is irreducible if its only divisors are one and itself. For the AES algorithm, this irreducible polynomial is given by the equation () m(x) = x 8 + x 4 + x 3 + x () In AES, MixColumn operation is implemented with help of the diffusion operation which shuffles the data based on mathematical model. In Rijndael AES, the model has been defined in GF. Using GF, MixColumn operation the input data s are made as the 4*4 matrix where each element named as state. From [5] this MixColumn operation, each column is treated as a polynomial over GF ( 8 ) and is then multiplied a fixed polynomial for forward operation as represented in equation (3) and for inverse operation, the polynomial is represented in equation (4) 3 c( x) 3x x x ; (3) 3 c( x) 0Bx 0Dx 09x 0E. (4) The input data is spilt in to word format each word will be operated in the MCT matrix and inverse MCT. The generalized format is shown in Fig.1(a) and Fig.(b). wc xc0 wc 1 = * xc 1 ; wc xc wc xc3 Figure : (a) Forward MCT wc ' 0 0E 0B 0D 09 wc ' 1 = 09 0E 0B 0D * wc ' 0D 09 0E 0B wc ' 3 0B 0D 09 0E xc0 xc 1 xc xc3 Figure : (b) Inverse MCT Proposed Model of Forward MCT & Inverse MCT In GF, matrix multiplication operation is performed by basic XOR operation. For multiplication of 0, the operation is done in shift addition method which consumes more area and power. To implement the square operation in GF, It requires eight bit shift operation by using eight FF and eight bit XOR gate. To get the minimized, we use the GF operation which simplifies it and implemented with 93
3 only three XOR gates which is shown in Fig 3, and also multiply by 03 it simplified using multiply by two and XORed with the result. This also requires only four XOR gates. Generalized equation (5) of MixColumn is wc 0 = 0E. xc 0 + 0B. xc 1 + 0D. xc xc 3 (5) b b Where 0E, 0B,0D,09 are constant multiplier as hexadecimal notation, wc 1,wc,wc 3,wc 4 are 8 bit data which is generally called as state values and + symbols are modulo addition operation. i.e, XORed operation. The elaborated operation of equation (5) has been written as wc 0 = 08 (xc 1 + xc + xc 3 + xc 0 ) + 04 (xc 0 + xc ) + 0 (xc 0 + xc 1 ) + xc 0 + xc + xc 3 + xc 1 + xc 0 (6) For the simplification and reuse, the XOR operation of four byte words xc 1, xc, xc 3, xc 0 have been arranged op 1 = xc 1 + xc + xc 3 + xc 0 ; (6.1) op = xc 0 + xc (6.) op 3 = xc 0 + xc 1. (6.3) From the above assumption we made the equation 6 is rewritten as wc i = 08 (op 1 ) +.04 (op ) + 0 (op 3 ) + op 1 + xc i (7) In general, op 1 = xc i + xc i+1 + xc i+ + xc i+3 mod 4; (7.1) op = xc i + xc i+ ; (7.) op 3 = xc i + xc i+1 ; (7.3) i = 0,1,,3 Figure 4: 04 Multiplication This proposed structure is shown in Fig5. xc 0, xc 1, xc,xc3 are represented as bit format of b individually b = ; =+b ; =b +b ; =b +b ; =+b 1 =++ ; b = + ; =+; =. b b b Fig 5: 08 Multiplication Figure 3: 0 Multiplication Xtime From the Fig.(b), the multiplication of wc 0 is expressed as follows wc 0 = 0E. xc 0 + 0B. xc 1 + 0D. xc xc 3. (8). Instead of taking the multiplication of 0E, 0B, 0D, 09, we consider the factorization term of 08, 04, and 0. For example, multiplication of state value with 0E will be sub divided as ie. x 0E = x 08 + x 04 + x 0. This factorization term will reduce the multiplication operation as much as possible [9].From the [6] 08 and 04 multiplication modules are implemented by recursive use Xtime 0 module which takes three XOR gates. Hence, it takes six and nine XOR gates to implement 04 and 08 multiplication respectively. Instead of using multiplication 08 by using Xtime of 03, we have used the combinational model of seven XOR gates. Likewise all the columns wc 1, wc, wc 3 are represented as similar format. This above equation has been implemented in the reference paper [6] with help of the XTime multiplier module. In our proposed system, we directly compute the multiplication module instead of repeat use of Xtime. In this deduced format the equation 4 is rewritten as following 08 op (xc 1 + xc 3 ) + 0 (xc 1 + xc ) + op 1 + xc 1 ; (8.1) 08 op op + 0 op 3 + op 1 + xc 1 ; (8.) 94
4 It reduces the number of the XOR gates as 08 which significantly reduced the total number of XOR gates used in AES operation. OP1 0 MUL OP OP3 04 MUL XOR 08 MUL Figure 6: Inverse MCT Operation C8 = * FA Forward MCT 3 0E 0B 0D 09 3 = 09 0E 0B 0D * 56 0D 09 0E 0B 64 0B 0D 09 0E Inverse MCT Figure 7: Example Result of MCT 00 C8 00 FA Simulation Result In proposed system, both forward and inverse MCT operation results are verified using the ISim Simulator. This is shown in the Fig 8 and Fig 9. Figure 9: Simulation Result of Inverse MCT Discussion and Conclusion In this proposed system, the number of XOR gates used for multiplication module of 04 is five gates where as multiplication module of 08 modified as use of only seven gates. Based on this, we designed the proposed circuit with fifteen single bit XOR gate against eighteen XOR gate in standard design [6] for single column. Meanwhile there is only nine 8 bit XOR gates are used to compare thirteen gates in [6] design. Table 1: Comparison Gates for AES MixColumn Design [6] 176 [7] 176 [8] [9] 140 Proposed Design 89 No. of XOR Gates From the above result, we conclude that the reduction in the XOR in 8 bit 39% and single bit XOR 37 %.This reduction leads significant contribution of power minimizing the AES operation. The summarized XOR gates for forward and inverse MCT is shown in Table 1. The power consumption is analyzed using Xpower tool which observed as 03mw. Table : Device utilization summary Selected Device : 3s1600efg30-5 Number of Slices: 9 out of 1475 Number of 4 input LUTs: 165 out of 9504 Number of IOs: 67 Number of bonded IOBs: 67 out of 50 IOB Flip Flops: 3 Number of GCLKs: 1 out of 4 Figure 8: Simulation Result of Forward MCT 95
5 The overview of the technology map and device utilization of Xilinx FPGA SPARTAN 3E family is shown in Fig10 and table. Figure 10: Technologies Mapping Report of MCT papers / 08-aelbirt.pdf. [5] Rudra, P.K. Dubey, C.S. Jutla, V. Kumar, J.R. Rao, and P. Rohatgi. Efficient Rijndael Encryption Implementation with Composite Field Arithmetic. In Workshop on Cryptographic Hardware and Embedded Systems (CHES001), pages , May 00 [6] H. Kuo, I. Verbauwhede, and P. Schaumont, A.9 gbits/sec, 56 mw non-pipelined Rijndael AES encryption IC in a 1.8v, 0.18 um cmos technology. [Online]. Available: citeseer.nj. nec.com/kuo0gbitssec.html [7] A. Rudra, P. Dubey, C. Jutla, V. Kumar, J. Rao, and P. Rohatgi, Efficient rijndael encryption implementation with composite field arithmetic, in Proc. Workshop Cryptographic Hardware and Embedded Systems,ser.CHES, 001, pp [8] Akashi Satoh et al, 001, A Compact Rijndael Hardware Architecture with S-Box Optimization. Advances in Cryptology ASIACRYPT. Volume 48, PP [9] Hua L,i Zac Friggstad, An Efficient Architecture for the AES Mix Columns Operation, Dept. of Math. & Comput. Sci.,Lethbridge Univ., Alta., Canada, May 005 Figure 11: Power Report of MCT References [1] National Institute of Standards and Technology (NIST),"Advanced Encryption Standard (AES)," Nov [] FIPS, announcing the advanced encryption standard (AES).Federal Information Processing Standards Publication 197(FIPS-197), 001 [3] B.A.Forouzan and D.Mukhopadhyay, 01, Cryptogrpah and Network Security. nd Ed, Tata McGraw Hill, New Delhi, [4] A. J. Elbirt, W. Yip, B. Chetwynd, and C. Paar. An FPGA Implementation and Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists. In The Third Advanced Encryption Standard Candidate Conference, pages NIST, April 000. Available at 96
Outline. 1 Arithmetic on Bytes and 4-Byte Vectors. 2 The Rijndael Algorithm. 3 AES Key Schedule and Decryption. 4 Strengths and Weaknesses of Rijndael
Outline CPSC 418/MATH 318 Introduction to Cryptography Advanced Encryption Standard Renate Scheidler Department of Mathematics & Statistics Department of Computer Science University of Calgary Based in
More informationAustralian Journal of Basic and Applied Sciences
AENSI Journals Australian Journal of Basic and Applied Sciences ISSN:1991-8178 Journal home page: www.ajbasweb.com of SubBytes and InvSubBytes s of AES Algorithm Using Power Analysis Attack Resistant Reversible
More informationA Five-Round Algebraic Property of the Advanced Encryption Standard
A Five-Round Algebraic Property of the Advanced Encryption Standard Jianyong Huang, Jennifer Seberry and Willy Susilo Centre for Computer and Information Security Research (CCI) School of Computer Science
More informationSecret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design:
Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design: Secret Key Systems Encrypting a small block of text (say 64 bits) General considerations
More informationModule 2 Advanced Symmetric Ciphers
Module 2 Advanced Symmetric Ciphers Dr. Natarajan Meghanathan Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Data Encryption Standard (DES) The DES algorithm
More informationHardware Design and Analysis of Block Cipher Components
Hardware Design and Analysis of Block Cipher Components Lu Xiao and Howard M. Heys Electrical and Computer Engineering Faculty of Engineering and Applied Science Memorial University of Newfoundland St.
More informationThe Advanced Encryption Standard
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 48 The Advanced Encryption Standard Successor of DES DES considered insecure; 3DES considered too slow. NIST competition in 1997 15
More informationIntroduction. CSC/ECE 574 Computer and Network Security. Outline. Introductory Remarks Feistel Cipher DES AES
CSC/ECE 574 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms CSC/ECE 574 Dr. Peng Ning 1 Outline Introductory Remarks Feistel Cipher DES AES CSC/ECE 574 Dr. Peng Ning 2 Introduction
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 9: Encryption modes. AES
CS355: Cryptography Lecture 9: Encryption modes. AES Encryption modes: ECB } Message is broken into independent blocks of block_size bits; } Electronic Code Book (ECB): each block encrypted separately.
More informationEfficient Hardware Calculation of Inverses in GF (2 8 )
Efficient Hardware Calculation of Inverses in GF (2 8 ) R. W. Ward, Dr. T. C. A. Molteno 1 Physics Department University of Otago Box 56, Dunedin, New Zealand 1 Email: tim@physics.otago.ac.nz Abstract:
More informationA New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES
A New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES Hanem M. El-Sheikh, Omayma A. El-Mohsen, Senior Member, IACSIT, Talaat Elgarf, and Abdelhalim Zekry, Senior Member, IACSIT
More informationAccelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography. Stefan Tillich, Johann Großschädl
Accelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography International Workshop on Information Security & Hiding (ISH '05) Institute for Applied Information Processing and Communications
More informationPARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM
PARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM Nabihah Ahmad Department of Electronic Engineering, Faculty of Electrical and Electronic Engineering, Universiti
More informationA Very Compact Perfectly Masked S-Box
A Very Compact Perfectly Masked S-Box for AES D. Canright 1 and Lejla Batina 2 1 Applied Math., Naval Postgraduate School, Monterey CA 93943, USA, dcanright@nps.edu 2 K.U. Leuven ESAT/COSIC, Kasteelpark
More information(Solution to Odd-Numbered Problems) Number of rounds. rounds
CHAPTER 7 AES (Solution to Odd-Numbered Problems) Review Questions. The criteria defined by NIST for selecting AES fall into three areas: security, cost, and implementation. 3. The number of round keys
More informationThe Rijndael Block Cipher
The Rijndael Block Cipher Vincent Leith MATH 27.2 May 3, 2 A brief look at the mathematics behind the Rijndael Block Chiper. Introduction The Rijndael Block Chiper was brought about by Joan Daemen and
More informationThe Hash Function JH 1
The Hash Function JH 1 16 January, 2011 Hongjun Wu 2,3 wuhongjun@gmail.com 1 The design of JH is tweaked in this report. The round number of JH is changed from 35.5 to 42. This new version may be referred
More informationThe XL and XSL attacks on Baby Rijndael. Elizabeth Kleiman. A thesis submitted to the graduate faculty
The XL and XSL attacks on Baby Rijndael by Elizabeth Kleiman A thesis submitted to the graduate faculty in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE Major: Mathematics
More informationAES [and other Block Ciphers] Implementation Tricks
AES [and other Bloc Ciphers] Implementation Trics Cryptographic algorithms Basic primitives Survey by Stephen et al, LNCS 1482, Sep. 98 General Structure of a Bloc Cipher Useful Properties for Implementing
More informationA New Algorithm to Construct. Secure Keys for AES
Int. J. Contemp. Math. Sciences, Vol. 5, 2010, no. 26, 1263-1270 A New Algorithm to Construct Secure Keys for AES Iqtadar Hussain Department of Mathematics Quaid-i-Azam University, Islamabad, Pakistan
More informationImproved Impossible Differential Cryptanalysis of Rijndael and Crypton
Improved Impossible Differential Cryptanalysis of Rijndael and Crypton Jung Hee Cheon 1, MunJu Kim 2, Kwangjo Kim 1, Jung-Yeun Lee 1, and SungWoo Kang 3 1 IRIS, Information and Communications University,
More informationAffine equivalence in the AES round function
Discrete Applied Mathematics 148 (2005) 161 170 www.elsevier.com/locate/dam Affine equivalence in the AES round function A.M. Youssef a, S.E. Tavares b a Concordia Institute for Information Systems Engineering,
More informationA Polynomial Description of the Rijndael Advanced Encryption Standard
A Polynomial Description of the Rijndael Advanced Encryption Standard arxiv:cs/0205002v1 [cs.cr] 2 May 2002 Joachim Rosenthal Department of Mathematics University of Notre Dame Notre Dame, Indiana 46556,
More informationON THE SECURITY OF THE ADVANCED ENCRYPTION STANDARD
ON THE SECURITY OF THE ADVANCED ENCRYPTION STANDARD Paul D. Yacoumis Supervisor: Dr. Robert Clarke November 2005 Thesis submitted for the degree of Honours in Pure Mathematics Contents 1 Introduction
More informationHardware Implementation of Compact AES S-box
IAENG International Journal of Computer Science : IJCS 7 Hardware Implementation of Compact AES S-box Xiaoqiang ZHANG Ning WU Gaizhen YAN and Liling DONG Abstract In this paper a detailed study on compact
More informationTHE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018
THE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018 CPSC 418/MATH 318 L01 October 17, 2018 Time: 50 minutes
More informationDifferential Fault Analysis of AES using a Single Multiple-Byte Fault
Differential Fault Analysis of AES using a Single Multiple-Byte Fault Subidh Ali 1, Debdeep Mukhopadhyay 1, and Michael Tunstall 2 1 Department of Computer Sc. and Engg, IIT Kharagpur, West Bengal, India.
More informationApplying Grover s algorithm to AES: quantum resource estimates
Applying Grover s algorithm to AES: quantum resource estimates Markus Grassl 1, Brandon Langenberg 2, Martin Roetteler 3 and Rainer Steinwandt 2 1 Universität Erlangen-Nürnberg & Max Planck Institute for
More informationExtended Criterion for Absence of Fixed Points
Extended Criterion for Absence of Fixed Points Oleksandr Kazymyrov, Valentyna Kazymyrova Abstract One of the criteria for substitutions used in block ciphers is the absence of fixed points. In this paper
More informationIntroduction to Modern Cryptography. (1) Finite Groups, Rings and Fields. (2) AES - Advanced Encryption Standard
Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard +,0, and -a are only notations! Review - Groups Def (group): A set G with a binary
More informationIntroduction on Block cipher Yoyo Game Application on AES Conclusion. Yoyo Game with AES. Navid Ghaedi Bardeh. University of Bergen.
Yoyo Game with AES Navid Ghaedi Bardeh University of Bergen May 8, 2018 1 / 33 Outline 1 Introduction on Block cipher 2 Yoyo Game 3 Application on AES 4 Conclusion 2 / 33 Classical Model of Symmetric Cryptography
More informationAN FPGA IMPLEMENTATION OF RIJNDAEL: TRADE-OFFS FOR SIDE-CHANNEL SECURITY. Nele Mentens, Lejla Batina, Bart Preneel and Ingrid Verbauwhede
AN FPGA IMPLEMENTATION OF RIJNDAEL: TRADE-OFFS FOR SIDE-CHANNEL SECURIT Nele Mentens, Lejla Batina, Bart Preneel and Ingrid Verbauwhede {Nele.Mentens,Lejla.Batina,Bart.Preneel,Ingrid.Verbauwhede} @esat.kuleuven.ac.be
More information7 Cryptanalysis. 7.1 Structural Attacks CA642: CRYPTOGRAPHY AND NUMBER THEORY 1
CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 7 Cryptanalysis Cryptanalysis Attacks such as exhaustive key-search do not exploit any properties of the encryption algorithm or implementation. Structural attacks
More informationHighly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design
Saint-Malo, September 13th, 2015 Cryptographic Hardware and Embedded Systems Highly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design Rei Ueno 1, Naofumi
More informationImage Encryption and Decryption Algorithm Using Two Dimensional Cellular Automata Rules In Cryptography
Image Encryption and Decryption Algorithm Using Two Dimensional Cellular Automata Rules In Cryptography P. Sanoop Kumar Department of CSE, Gayatri Vidya Parishad College of Engineering(A), Madhurawada-530048,Visakhapatnam,
More informationOn the Masking Countermeasure and Higher-Order Power Analysis Attacks
1 On the Masking Countermeasure and Higher-Order Power Analysis Attacks François-Xavier Standaert, Eric Peeters, Jean-Jacques Quisquater UCL Crypto Group, Place du Levant, 3, B-1348 Louvain-La-Neuve, Belgium.
More informationApplications of Finite Sets Jeremy Knight Final Oral Exam Texas A&M University March 29 th 2012
Finite Fields and Cryptography Applications of Finite Sets Jeremy Knight Final Oral Exam Texas A&M University March 29 th 2012 A field is a set that 1. is associative, commutative, and distributive for
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Appendix A: Symmetric Techniques Block Ciphers A block cipher f of block-size
More informationApplications of Two Dimensional Cellular Automata rules for Block Cipher in Cryptography
Applications of Two Dimensional Cellular Automata rules for Block Cipher in Cryptography Sambhu Prasad Panda 1, Madhusmita Sahu 2, Manas Kumar Swain 3 C V Raman Computer Academy 1,2, C V Raman College
More informationUNDERSTANDING THE COST OF GROVER'S ALGORITHM FOR FINDING A SECRET KEY
UNDERSTANDING THE COST OF GROVER'S ALGORITHM FOR FINDING A SECRET KEY Rainer Steinwandt 1,2 Florida Atlantic University, USA (joint work w/ B. Amento, M. Grassl, B. Langenberg 2, M. Roetteler) 1 supported
More informationHigh Performance GHASH Function for Long Messages
High Performance GHASH Function for Long Messages Nicolas Méloni 1, Christophe Négre 2 and M. Anwar Hasan 1 1 Department of Electrical and Computer Engineering University of Waterloo, Canada 2 Team DALI/ELIAUS
More informationA SIMPLIFIED RIJNDAEL ALGORITHM AND ITS LINEAR AND DIFFERENTIAL CRYPTANALYSES
A SIMPLIFIED RIJNDAEL ALGORITHM AND ITS LINEAR AND DIFFERENTIAL CRYPTANALYSES MOHAMMAD MUSA, EDWARD F SCHAEFER, AND STEPHEN WEDIG Abstract In this paper, we describe a simplified version of the Rijndael
More informationIntroduction. Outline. CSC/ECE 574 Computer and Network Security. Secret Keys or Secret Algorithms? Secrets? (Cont d) Secret Key Cryptography
Outline CSC/ECE 574 Computer and Network Security Introductory Remarks Feistel Cipher DES AES Topic 3.1 Secret Key Cryptography Algorithms CSC/ECE 574 Dr. Peng Ning 1 CSC/ECE 574 Dr. Peng Ning 2 Secret
More informationHigh Performance Computing techniques for attacking reduced version of AES using XL and XSL methods
Graduate Theses and Dissertations Iowa State University Capstones, Theses and Dissertations 2010 High Performance Computing techniques for attacking reduced version of AES using XL and XSL methods Elizabeth
More informationLOOKING INSIDE AES AND BES
23 LOOKING INSIDE AES AND BES Ilia Toli, Alberto Zanoni Università degli Studi di Pisa Dipartimento di Matematica Leonida Tonelli Via F. Buonarroti 2, 56127 Pisa, Italy {toli, zanoni}@posso.dm.unipi.it
More informationBlock ciphers. Block ciphers. Data Encryption Standard (DES) DES: encryption circuit
Block ciphers Block ciphers Myrto Arapinis School o Inormatics University o Edinburgh January 22, 2015 A block cipher with parameters k and l is a pair o deterministic algorithms (E, D) such that Encryption
More informationDIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD *
DIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD * Mark Karpovsky, Konrad J. Kulikowski, Alexander Taubin Reliable Computing Laboratory,Department of Electrical
More informationNAVAL POSTGRADUATE SCHOOL
NPS-MA-05-001 NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA A Very Compact Rijndael S-box by D. Canright 17 May 2005 (revised) Approved for public release; distribution is unlimited. Prepared for: National
More informationLinear Cryptanalysis of Reduced-Round PRESENT
Linear Cryptanalysis of Reduced-Round PRESENT Joo Yeon Cho 1 Helsinki University of Technology, Finland 2 Nokia A/S, Denmark joo.cho@tkk.fi Abstract. PRESENT is a hardware-oriented block cipher suitable
More informationCryptographically Robust Large Boolean Functions. Debdeep Mukhopadhyay CSE, IIT Kharagpur
Cryptographically Robust Large Boolean Functions Debdeep Mukhopadhyay CSE, IIT Kharagpur Outline of the Talk Importance of Boolean functions in Cryptography Important Cryptographic properties Proposed
More informationTable Of Contents. ! 1. Introduction to AES
1 Table Of Contents! 1. Introduction to AES! 2. Design Principles behind AES Linear Cryptanalysis Differential Cryptanalysis Square Attack Biclique Attack! 3. Quantum Cryptanalysis of AES Applying Grover
More informationSymmetric Crypto Systems
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Symmetric Crypto Systems EECE 412 Copyright 2004-2008 Konstantin Beznosov 09/16/08 Module Outline Stream ciphers under the hood Block ciphers
More informationA Sound Method for Switching between Boolean and Arithmetic Masking
A Sound Method for Switching between Boolean and Arithmetic Masking Louis Goubin CP8 Crypto Lab, SchlumbergerSema 36-38 rue de la Princesse, BP45 78430 Louveciennes Cedex, France Louis.Goubin@louveciennes.tt.slb.com
More informationSymmetric Crypto Systems
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Symmetric Crypto Systems EECE 412 Copyright 2004-2012 Konstantin Beznosov 1 Module Outline! Stream ciphers under the hood Block ciphers under
More informationPerfect Diffusion Primitives for Block Ciphers
Perfect Diffusion Primitives for Block Ciphers Building Efficient MDS Matrices Pascal Junod and Serge Vaudenay École Polytechnique Fédérale de Lausanne (Switzerland) {pascaljunod, sergevaudenay}@epflch
More informationHighly Efficient GF (2 8 )InversionCircuit Based on Redundant GF Arithmetic and Its Application to AES Design
Highly Efficient GF (2 8 )InversionCircuit Based on Redundant GF Arithmetic and Its Application to AES Design Rei Ueno 1,NaofumiHomma 1, Yukihiro Sugawara 1, Yasuyuki Nogami 2, and Takafumi Aoki 1 1 Graduate
More informationChapter 2 Symmetric Encryption Algorithms
Chapter 2 Symmetric Encryption Algorithms February 15, 2010 2 The term symmetric means that the same key used to encrypt is used decrypt. In the widest sense all pre-pkc encryption algorithms are symmetric,
More informationA Lightweight Concurrent Fault Detection Scheme for the AES S-boxes Using Normal Basis
A Lightweight Concurrent Fault Detection Scheme for the AES S-boxes Using Normal Basis Mehran Mozaffari-Kermani and Arash Reyhani-Masoleh Department of Electrical and Computer Engineering, The University
More informationNew Implementations of the WG Stream Cipher
New Implementations of the WG Stream Cipher Hayssam El-Razouk, Arash Reyhani-Masoleh, and Guang Gong Abstract This paper presents two new hardware designs of the WG-28 cipher, one for the multiple output
More informationSmashing the Implementation Records of AES S-box
Smashing the Implementation Records of AES S-box Arash Reyhani-Masoleh, Mostafa Taha and Doaa Ashmawy Department of Electrical and Computer Engineering Western University, London, Ontario, Canada {areyhani,mtaha9,dashmawy}@uwo.ca
More informationAES side channel attacks protection using random isomorphisms
Rostovtsev A.G., Shemyakina O.V., St. Petersburg State Polytechnic University AES side channel attacks protection using random isomorphisms General method of side-channel attacks protection, based on random
More informationPart (02) Modem Encryption techniques
Part (02) Modem Encryption techniques Dr. Ahmed M. ElShafee 1 Block Ciphers and Feistel cipher Dr. Ahmed M. ElShafee 2 introduction Modern block ciphers are widely used to provide encryption of quantities
More informationAn Analytical Approach to S-Box Generation
An Analytical Approach to Generation K. J. Jegadish Kumar 1, K. Hariprakash 2, A.Karunakaran 3 1 (Department of ECE, SSNCE, India) 2 (Department of ECE, SSNCE, India) 3 (Department of ECE, SSNCE, India)
More informationA Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/ Counter Mode
Western University Scholarship@Western Electronic Thesis and Dissertation Repository October 2014 A Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/ Counter Mode
More informationV.U.K. Sastry et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 3 (1), 2012,
VUK Sastry et al, / (IJCSIT) International Journal of Computer Science Information Technologies, Vol 3 (1), 2012, 3119-3128 A Modified Feistel Cipher involving a pair of key matrices,supplemented with
More informationElliptic Curve Cryptography and Security of Embedded Devices
Elliptic Curve Cryptography and Security of Embedded Devices Ph.D. Defense Vincent Verneuil Institut de Mathématiques de Bordeaux Inside Secure June 13th, 2012 V. Verneuil - Elliptic Curve Cryptography
More informationA Block Cipher using an Iterative Method involving a Permutation
Journal of Discrete Mathematical Sciences & Cryptography Vol. 18 (015), No. 3, pp. 75 9 DOI : 10.1080/097059.014.96853 A Block Cipher using an Iterative Method involving a Permutation Lakshmi Bhavani Madhuri
More informationLow Complexity Differential Cryptanalysis and Fault Analysis of AES
Low Complexity Differential Cryptanalysis and Fault Analysis of AES Michael Tunstall May/June, 2011 Michael Tunstall (University of Bristol) May/June, 2011 1 / 34 Introduction We present a survey of low
More informationIntroduction to Side Channel Analysis. Elisabeth Oswald University of Bristol
Introduction to Side Channel Analysis Elisabeth Oswald University of Bristol Outline Part 1: SCA overview & leakage Part 2: SCA attacks & exploiting leakage and very briefly Part 3: Countermeasures Part
More information2. Accelerated Computations
2. Accelerated Computations 2.1. Bent Function Enumeration by a Circular Pipeline Implemented on an FPGA Stuart W. Schneider Jon T. Butler 2.1.1. Background A naive approach to encoding a plaintext message
More informationHigh Performance GHASH Function for Long Messages
High Performance GHASH Function for Long Messages Nicolas Méloni, Christophe Negre, M. Anwar Hasan To cite this version: Nicolas Méloni, Christophe Negre, M. Anwar Hasan. High Performance GHASH Function
More informationDifferential Fault Analysis on A.E.S.
Differential Fault Analysis on A.E.S. P. Dusart, G. Letourneux, O. Vivolo 01/10/2002 Abstract We explain how a differential fault analysis (DFA) works on AES 128, 192 or 256 bits. Contents 1 Introduction
More informationA Large Block Cipher using an Iterative Method and the Modular Arithmetic Inverse of a key Matrix
A Large Block Cipher using an Iterative Method and the Modular Arithmetic Inverse of a key Matrix S. Udaya Kumar V. U. K. Sastry A. Vinaya babu Abstract In this paper, we have developed a block cipher
More information18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh
18733: Applied Cryptography Anupam Datta (CMU) Block ciphers Online Cryptography Course What is a block cipher? Block ciphers: crypto work horse n bits PT Block n bits E, D CT Block Key k bits Canonical
More informationDesign and Implementation of High Speed CRC Generators
Department of ECE, Adhiyamaan College of Engineering, Hosur, Tamilnadu, India Design and Implementation of High Speed CRC Generators ChidambarakumarS 1, Thaky Ahmed 2, UbaidullahMM 3, VenketeshK 4, JSubhash
More informationA Large Block Cipher Involving Key Dependent Permutation, Interlacing and Iteration
BULGARIAN ACADEMY OF SCIENCES CYBERNETICS AND INFORMATION TECHNOLOGIES Volume 13, No 3 Sofia 2013 Print ISSN: 1311-02; Online ISSN: 1314-4081 DOI: 10.2478/cait-2013-0025 A Large Block Cipher Involving
More informationMASKED INVERSION IN GF(2 N ) USING MIXED FIELD REPRESENTATIONS AND ITS EFFICIENT IMPLEMENTATION FOR AES
Chapter X MASKED INVERSION IN GF( N ) USING MIXED FIELD REPRESENTATIONS AND ITS EFFICIENT IMPLEMENTATION FOR AES SHAY GUERON 1,, ORI PARZANCHEVSKY 1 and OR ZUK 1,3 1 Discretix Technologies, Netanya, ISRAEL
More informationarxiv: v1 [cs.cr] 13 Sep 2016
Hacking of the AES with Boolean Functions Michel Dubois Operational Cryptology and Virology Laboratory Éric Filiol Operational Cryptology and Virology Laboratory September 14, 2016 arxiv:1609.03734v1 [cs.cr]
More informationFPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials
FPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials C. Shu, S. Kwon and K. Gaj Abstract: The efficient design of digit-serial multipliers
More informationA Collision-Attack on AES Combining Side Channel- and Differential-Attack
A Collision-Attack on AES Combining Side Channel- and Differential-Attack Kai Schramm, Gregor Leander, Patrick Felke, and Christof Paar Horst Görtz Institute for IT Security Ruhr-Universität Bochum, Germany
More information18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh
18733: Applied Cryptography Anupam Datta (CMU) Block ciphers Online Cryptography Course What is a block cipher? Block ciphers: crypto work horse n bits PT Block n bits E, D CT Block Key k bits Canonical
More informationStream ciphers I. Thomas Johansson. May 16, Dept. of EIT, Lund University, P.O. Box 118, Lund, Sweden
Dept. of EIT, Lund University, P.O. Box 118, 221 00 Lund, Sweden thomas@eit.lth.se May 16, 2011 Outline: Introduction to stream ciphers Distinguishers Basic constructions of distinguishers Various types
More informationComprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure
Comprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure Amir Moradi and Oliver Mischke Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany {moradi,mischke}@crypto.rub.de
More informationFPGA BASED DESIGN OF PARALLEL CRC GENERATION FOR HIGH SPEED APPLICATION
258 FPGA BASED DESIGN OF PARALLEL CRC GENERATION FOR HIGH SPEED APPLICATION Sri N.V.N.Prasanna Kumar 1, S.Bhagya Jyothi 2,G.K.S.Tejaswi 3 1 prasannakumar429@gmail.com, 2 sjyothi567@gmail.com, 3 tejaswikakatiya@gmail.com
More informationInside Keccak. Guido Bertoni 1 Joan Daemen 1 Michaël Peeters 2 Gilles Van Assche 1. Keccak & SHA-3 Day Université Libre de Bruxelles March 27, 2013
Inside Keccak Guido Bertoni 1 Joan Daemen 1 Michaël Peeters 2 Gilles Van Assche 1 1 STMicroelectronics 2 NXP Semiconductors Keccak & SHA-3 Day Université Libre de Bruxelles March 27, 2013 1 / 49 Outline
More informationAURORA: A Cryptographic Hash Algorithm Family
AURORA: A Cryptographic Hash Algorithm Family Submitters: Sony Corporation 1 and Nagoya University 2 Algorithm Designers: Tetsu Iwata 2, Kyoji Shibutani 1, Taizo Shirai 1, Shiho Moriai 1, Toru Akishita
More information3-6 On Multi Rounds Elimination Method for Higher Order Differential Cryptanalysis
3-6 On Multi Rounds Elimination Method for Higher Order Differential Cryptanalysis TANAKA Hidema, TONOMURA Yuji, and KANEKO Toshinobu A multi rounds elimination method for higher order differential cryptanalysis
More informationModified Hill Cipher with Interlacing and Iteration
Journal of Computer Science 3 (11): 854-859, 2007 ISSN 1549-3636 2007 Science Publications Modified Hill Cipher with Interlacing and Iteration 1 V.U.K. Sastry and 2 N. Ravi Shankar 1 Department of R and
More informationAn Area Optimized Implementation of AES S-Box Based on Composite Field and Evolutionary Algorithm
, October 1-3, 015, San Francisco, USA An Area Optimized Implementation of AES S-Box Based on Composite Field and Evolutionary Algorithm Yaoping Liu, Ning Wu, Xiaoqiang Zhang, LilingDong, and Lidong Lan
More informationBlock Ciphers. Chester Rebeiro IIT Madras. STINSON : chapters 3
Block Ciphers Chester Rebeiro IIT Madras STINSON : chapters 3 Block Cipher K E K D Alice untrusted communication link E #%AR3Xf34^$ message encryption (ciphertext) Attack at Dawn!! D decryption Bob Attack
More informationComputing the Modular Inverse of a Polynomial Function over GF (2 P ) Using Bit Wise Operation
International Journal of Network Security, Vol.10, No.2, PP.107 113, Mar. 2010 107 Computing the Modular Inverse of a Polynomial Function over GF (2 P ) Using Bit Wise Operation Rajaram Ramasamy and Amutha
More informationChapter 4 Mathematics of Cryptography
Chapter 4 Mathematics of Cryptography Part II: Algebraic Structures Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 4.1 Chapter 4 Objectives To review the concept
More informationImproving Common Subexpression Elimination Algorithm with A New Gate-Level Delay Computing Method
, 23-25 October, 2013, San Francisco, USA Improving Common Subexpression Elimination Algorithm with A New Gate-Level Dela Computing Method Ning Wu, Xiaoqiang Zhang, Yunfei Ye, and Lidong Lan Abstract In
More informationABHELSINKI UNIVERSITY OF TECHNOLOGY
On Repeated Squarings in Binary Fields Kimmo Järvinen Helsinki University of Technology August 14, 2009 K. Järvinen On Repeated Squarings in Binary Fields 1/1 Introduction Repeated squaring Repeated squaring:
More informationBlock Ciphers and Feistel cipher
introduction Lecture (07) Block Ciphers and cipher Dr. Ahmed M. ElShafee Modern block ciphers are widely used to provide encryption of quantities of information, and/or a cryptographic checksum to ensure
More informationK Anup Kumar et al,int.j.comp.tech.appl,vol 3 (1), 23-31
K Anup Kumar et al,int.j.comp.tech.appl,vol 3 (1), 23-31 A Modified Feistel Cipher involving a key as a multiplicant on both the sides of the Plaintext matrix and supplemented with Mixing Permutation and
More informationCPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems
CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Some Number Theory
More informationA Fault Attack on the LED Block Cipher
A Fault Attack on the LED Block Cipher P. Jovanovic, M. Kreuzer and I. Polian Fakultät für Informatik und Mathematik Universität Passau D-94030 Passau, Germany philipp.jovanovic,martin.kreuzer,ilia.polian@uni-passau.de
More informationDistinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network
Distinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network Ruilin Li, Bing Sun, and Chao Li Department of Mathematics and System Science, Science College, National University of Defense
More informationCryptography Lecture 4 Block ciphers, DES, breaking DES
Cryptography Lecture 4 Block ciphers, DES, breaking DES Breaking a cipher Eavesdropper recieves n cryptograms created from n plaintexts in sequence, using the same key Redundancy exists in the messages
More information