Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES

Size: px
Start display at page:

Download "Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES"

Transcription

1 Design of Low Power Optimized MixColumn/Inverse MixColumn Architecture for AES Rajasekar P Assistant Professor, Department of Electronics and Communication Engineering, Kathir College of Engineering, Neelambur, Coimbatore, India. rajasekarkpr@gmail.com, Dr. H. Mangalam Professor, Department of Electronics and Communication Engineering Sri Krishna College of Engineering and Technology Coimbatore, India. hmangalam@gmail.com. Abstract Information security has become an important issue in the modern world. To ensure secure communication in the field of information, various cryptography algorithms have been used. Advanced Encryption standard is one of the most popular security algorithms. Power reduction and compact size are playing vital role in the security based application design, especially smart card application. In this paper, we proposed low power architectural model of MixColumn Transformation which is part of the Advanced Encryption Standard. Generally, MixColumn Transformation requires matrix multiplication which takes more number of gates, in both encryption and decryption operation. The forward MixColumn Transformation is used in Encryption operation where as inverse Mix Column Transformation is used in decryption process. In this paper, analysis of optimized power and area model Mix Column Transformation based on Galois Field model is done. The proposed Mix Column Transformation architecture has been analyzed with the help of the Galois finite field, which is tower field Advanced Encryption Standard model. For this implementation, we have used Xilinx 14.1 synthesis tool, Xpower analyzer for analyze the gate count and power model. The proposed model can be implemented in Xilinx SPARATN 3E device. Keywords: Advanced Encryption Standard, MixColumn optimization, Low power, Forward and Inverse MixColumn Transformation, Architecture Design, GF. Introduction In the modern advancement of digital era, there is an increasing demand of secure devices for use of data transmission over insecure channel. Security designs are presently dominates and importance in the communication field, but there are limiting factors to this design are excess power consumption, area and throughput. There are many number of algorithms have been implemented based on the various criteria such as cost, complexity, power, throughput etc. Due to the improvement of system advancement and design tools, most of the algorithms have been broken it. In this historical time line, DES was the secured till the 1998, after that advancement computational speed and various crypt analysis process where DES proved to be an insecure algorithm[1]. Hence, National Institute of Standards and Technology (NIST), USA has decided to find the secure algorithm which one is replaced to DES. There are so many research works carried out in this area and submitted to NIST. In this connection, five algorithms have been finalized namely, MARS, RC6, Rijndael, Serpent, Twofish, After the third AES candidate conference,in October 000, NIST announced that Rijndael algorithm has been secured one and replaced DES because of complexity and implementation process. In addition that, the security issue has been met with 18 bit key length which focused on resistance to cryptanalysis other than brute force attacks. It also covers cost, which covers the computational efficiency and storage requirement for different implementations such as hardware, software, or smart card. This algorithm has been standardized as Advanced Encryption Standard (AES). [1],[]. This paper is organized as follows: Section II describes the AES operation.section III describes the Mathematical Model of MixColumn Transformation. Section IV describes Mathematical Model of MixColumn Transformation. Section V gives the simulation results and section VI Discussion and Conclusion. AES Encryption AES is a symmetric chiper, which means it uses the same key for both encryption and decryption, also operation carried out by block. In encryption, it takes plain text as input and chiper text as output where as in decryption it is reverse process. Unlike DES, it uses 18,19,56 bit keys and also not supported Fiestel structure. In Fiestel, only half of the data block is used to process the encryption in each round by applying substitution and permutation, after that the entire block is shuffled and forwarded to the next round. But the AES implementation, entire data block is used for encryption process. It also has different three versions based on number of the rounds used in encryption/decryption operation. This round depends on the key length in which10 rounds operation uses 18 bit key length. Similarly for 1 and 14 round of operation uses 19 bits and 56 bits keys respectively. In each round of operation, there is four functional modules used namely AddRoundKey, SubByte Transformation, MixColumn Transformation (MCT), and ShiftRow in encryption process [1] []. In Decryption operation, SubByte 9

2 Transformation, and MixColumn Transformation is replaced by its inverse module. For all of these operations inputs are assigned as sate array matrix which is shown in Fig1. S S S S S S S S S S S S S S S S Figure 1: State Array Representation Substitute byte Transformation This operation is a non-linear model byte substitution. Each state is replaced by another substituted byte which is carried by multiplicative inverse and Affine Transformation. Here the diffusion process is being carried by only in byte level. There are various implementation methods have been adapted for SBOX Transformation such as lookup table, composite field, Galois field and combinational structure etc. it is the one of the most power consume module in AES[3]. ShiftRow Transformation This is simple transformation operation based on the permutation process which operates on individual rows, in this operation; each row of the array is rotated by a certain number of byte positions; No shift in first row, one left shift in second row, two left shift in row three and there has been three left shift operation in last row [3]. MixColumn Transformation This is also one of the more power consumption module which is operated as nonlinear process like as SBOX that makes use of arithmetic over Galois Field(GF) ( 8 ).In this operation the input data is represented four 4*1 matrix which is multiplied (in GF ( 8 )) by a constant 4*4 matrix shown Fig. In input data bytes are represented as a polynomial form which has the degree of less than 4 [3] [4].Unlike the SBOX, MCT confusion and diffusion have been carried out in inter byte. In this paper we investigate and design the low power MCT for both forward and inverse operation. AddRoundKey Each byte of the array is added to a byte of the corresponding array of round sub keys. These add round key has been generated using key expansion module. The key expansion unit creates round keys word by word. This routine creates N r +1 round key where N r is number round. For 18 key schedules, 10 round processes, there have been 11 round keys generated. In which first key is used for pre computation process. Mathematical Model of MixColumn Transformation All byte values in the AES algorithm have been presented as the concatenation of the individual bit values, (0 or 1), between braces in the order {,,,,, b,, }.These bytes are interpreted as finite field elements using a polynomial representation by equation (1) 7 x i b i=0 i (1) It is also convenient to denote byte values using hexadecimal notation with each of two groups of four bits being denoted by a single hexadecimal character In the polynomial representation, multiplication in GF ( 8 ) corresponds with the multiplication of polynomials modulo an irreducible polynomial of degree 8. A polynomial is irreducible if its only divisors are one and itself. For the AES algorithm, this irreducible polynomial is given by the equation () m(x) = x 8 + x 4 + x 3 + x () In AES, MixColumn operation is implemented with help of the diffusion operation which shuffles the data based on mathematical model. In Rijndael AES, the model has been defined in GF. Using GF, MixColumn operation the input data s are made as the 4*4 matrix where each element named as state. From [5] this MixColumn operation, each column is treated as a polynomial over GF ( 8 ) and is then multiplied a fixed polynomial for forward operation as represented in equation (3) and for inverse operation, the polynomial is represented in equation (4) 3 c( x) 3x x x ; (3) 3 c( x) 0Bx 0Dx 09x 0E. (4) The input data is spilt in to word format each word will be operated in the MCT matrix and inverse MCT. The generalized format is shown in Fig.1(a) and Fig.(b). wc xc0 wc 1 = * xc 1 ; wc xc wc xc3 Figure : (a) Forward MCT wc ' 0 0E 0B 0D 09 wc ' 1 = 09 0E 0B 0D * wc ' 0D 09 0E 0B wc ' 3 0B 0D 09 0E xc0 xc 1 xc xc3 Figure : (b) Inverse MCT Proposed Model of Forward MCT & Inverse MCT In GF, matrix multiplication operation is performed by basic XOR operation. For multiplication of 0, the operation is done in shift addition method which consumes more area and power. To implement the square operation in GF, It requires eight bit shift operation by using eight FF and eight bit XOR gate. To get the minimized, we use the GF operation which simplifies it and implemented with 93

3 only three XOR gates which is shown in Fig 3, and also multiply by 03 it simplified using multiply by two and XORed with the result. This also requires only four XOR gates. Generalized equation (5) of MixColumn is wc 0 = 0E. xc 0 + 0B. xc 1 + 0D. xc xc 3 (5) b b Where 0E, 0B,0D,09 are constant multiplier as hexadecimal notation, wc 1,wc,wc 3,wc 4 are 8 bit data which is generally called as state values and + symbols are modulo addition operation. i.e, XORed operation. The elaborated operation of equation (5) has been written as wc 0 = 08 (xc 1 + xc + xc 3 + xc 0 ) + 04 (xc 0 + xc ) + 0 (xc 0 + xc 1 ) + xc 0 + xc + xc 3 + xc 1 + xc 0 (6) For the simplification and reuse, the XOR operation of four byte words xc 1, xc, xc 3, xc 0 have been arranged op 1 = xc 1 + xc + xc 3 + xc 0 ; (6.1) op = xc 0 + xc (6.) op 3 = xc 0 + xc 1. (6.3) From the above assumption we made the equation 6 is rewritten as wc i = 08 (op 1 ) +.04 (op ) + 0 (op 3 ) + op 1 + xc i (7) In general, op 1 = xc i + xc i+1 + xc i+ + xc i+3 mod 4; (7.1) op = xc i + xc i+ ; (7.) op 3 = xc i + xc i+1 ; (7.3) i = 0,1,,3 Figure 4: 04 Multiplication This proposed structure is shown in Fig5. xc 0, xc 1, xc,xc3 are represented as bit format of b individually b = ; =+b ; =b +b ; =b +b ; =+b 1 =++ ; b = + ; =+; =. b b b Fig 5: 08 Multiplication Figure 3: 0 Multiplication Xtime From the Fig.(b), the multiplication of wc 0 is expressed as follows wc 0 = 0E. xc 0 + 0B. xc 1 + 0D. xc xc 3. (8). Instead of taking the multiplication of 0E, 0B, 0D, 09, we consider the factorization term of 08, 04, and 0. For example, multiplication of state value with 0E will be sub divided as ie. x 0E = x 08 + x 04 + x 0. This factorization term will reduce the multiplication operation as much as possible [9].From the [6] 08 and 04 multiplication modules are implemented by recursive use Xtime 0 module which takes three XOR gates. Hence, it takes six and nine XOR gates to implement 04 and 08 multiplication respectively. Instead of using multiplication 08 by using Xtime of 03, we have used the combinational model of seven XOR gates. Likewise all the columns wc 1, wc, wc 3 are represented as similar format. This above equation has been implemented in the reference paper [6] with help of the XTime multiplier module. In our proposed system, we directly compute the multiplication module instead of repeat use of Xtime. In this deduced format the equation 4 is rewritten as following 08 op (xc 1 + xc 3 ) + 0 (xc 1 + xc ) + op 1 + xc 1 ; (8.1) 08 op op + 0 op 3 + op 1 + xc 1 ; (8.) 94

4 It reduces the number of the XOR gates as 08 which significantly reduced the total number of XOR gates used in AES operation. OP1 0 MUL OP OP3 04 MUL XOR 08 MUL Figure 6: Inverse MCT Operation C8 = * FA Forward MCT 3 0E 0B 0D 09 3 = 09 0E 0B 0D * 56 0D 09 0E 0B 64 0B 0D 09 0E Inverse MCT Figure 7: Example Result of MCT 00 C8 00 FA Simulation Result In proposed system, both forward and inverse MCT operation results are verified using the ISim Simulator. This is shown in the Fig 8 and Fig 9. Figure 9: Simulation Result of Inverse MCT Discussion and Conclusion In this proposed system, the number of XOR gates used for multiplication module of 04 is five gates where as multiplication module of 08 modified as use of only seven gates. Based on this, we designed the proposed circuit with fifteen single bit XOR gate against eighteen XOR gate in standard design [6] for single column. Meanwhile there is only nine 8 bit XOR gates are used to compare thirteen gates in [6] design. Table 1: Comparison Gates for AES MixColumn Design [6] 176 [7] 176 [8] [9] 140 Proposed Design 89 No. of XOR Gates From the above result, we conclude that the reduction in the XOR in 8 bit 39% and single bit XOR 37 %.This reduction leads significant contribution of power minimizing the AES operation. The summarized XOR gates for forward and inverse MCT is shown in Table 1. The power consumption is analyzed using Xpower tool which observed as 03mw. Table : Device utilization summary Selected Device : 3s1600efg30-5 Number of Slices: 9 out of 1475 Number of 4 input LUTs: 165 out of 9504 Number of IOs: 67 Number of bonded IOBs: 67 out of 50 IOB Flip Flops: 3 Number of GCLKs: 1 out of 4 Figure 8: Simulation Result of Forward MCT 95

5 The overview of the technology map and device utilization of Xilinx FPGA SPARTAN 3E family is shown in Fig10 and table. Figure 10: Technologies Mapping Report of MCT papers / 08-aelbirt.pdf. [5] Rudra, P.K. Dubey, C.S. Jutla, V. Kumar, J.R. Rao, and P. Rohatgi. Efficient Rijndael Encryption Implementation with Composite Field Arithmetic. In Workshop on Cryptographic Hardware and Embedded Systems (CHES001), pages , May 00 [6] H. Kuo, I. Verbauwhede, and P. Schaumont, A.9 gbits/sec, 56 mw non-pipelined Rijndael AES encryption IC in a 1.8v, 0.18 um cmos technology. [Online]. Available: citeseer.nj. nec.com/kuo0gbitssec.html [7] A. Rudra, P. Dubey, C. Jutla, V. Kumar, J. Rao, and P. Rohatgi, Efficient rijndael encryption implementation with composite field arithmetic, in Proc. Workshop Cryptographic Hardware and Embedded Systems,ser.CHES, 001, pp [8] Akashi Satoh et al, 001, A Compact Rijndael Hardware Architecture with S-Box Optimization. Advances in Cryptology ASIACRYPT. Volume 48, PP [9] Hua L,i Zac Friggstad, An Efficient Architecture for the AES Mix Columns Operation, Dept. of Math. & Comput. Sci.,Lethbridge Univ., Alta., Canada, May 005 Figure 11: Power Report of MCT References [1] National Institute of Standards and Technology (NIST),"Advanced Encryption Standard (AES)," Nov [] FIPS, announcing the advanced encryption standard (AES).Federal Information Processing Standards Publication 197(FIPS-197), 001 [3] B.A.Forouzan and D.Mukhopadhyay, 01, Cryptogrpah and Network Security. nd Ed, Tata McGraw Hill, New Delhi, [4] A. J. Elbirt, W. Yip, B. Chetwynd, and C. Paar. An FPGA Implementation and Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists. In The Third Advanced Encryption Standard Candidate Conference, pages NIST, April 000. Available at 96

Outline. 1 Arithmetic on Bytes and 4-Byte Vectors. 2 The Rijndael Algorithm. 3 AES Key Schedule and Decryption. 4 Strengths and Weaknesses of Rijndael

Outline. 1 Arithmetic on Bytes and 4-Byte Vectors. 2 The Rijndael Algorithm. 3 AES Key Schedule and Decryption. 4 Strengths and Weaknesses of Rijndael Outline CPSC 418/MATH 318 Introduction to Cryptography Advanced Encryption Standard Renate Scheidler Department of Mathematics & Statistics Department of Computer Science University of Calgary Based in

More information

Australian Journal of Basic and Applied Sciences

Australian Journal of Basic and Applied Sciences AENSI Journals Australian Journal of Basic and Applied Sciences ISSN:1991-8178 Journal home page: www.ajbasweb.com of SubBytes and InvSubBytes s of AES Algorithm Using Power Analysis Attack Resistant Reversible

More information

A Five-Round Algebraic Property of the Advanced Encryption Standard

A Five-Round Algebraic Property of the Advanced Encryption Standard A Five-Round Algebraic Property of the Advanced Encryption Standard Jianyong Huang, Jennifer Seberry and Willy Susilo Centre for Computer and Information Security Research (CCI) School of Computer Science

More information

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design:

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design: Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design: Secret Key Systems Encrypting a small block of text (say 64 bits) General considerations

More information

Module 2 Advanced Symmetric Ciphers

Module 2 Advanced Symmetric Ciphers Module 2 Advanced Symmetric Ciphers Dr. Natarajan Meghanathan Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Data Encryption Standard (DES) The DES algorithm

More information

Hardware Design and Analysis of Block Cipher Components

Hardware Design and Analysis of Block Cipher Components Hardware Design and Analysis of Block Cipher Components Lu Xiao and Howard M. Heys Electrical and Computer Engineering Faculty of Engineering and Applied Science Memorial University of Newfoundland St.

More information

The Advanced Encryption Standard

The Advanced Encryption Standard Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 48 The Advanced Encryption Standard Successor of DES DES considered insecure; 3DES considered too slow. NIST competition in 1997 15

More information

Introduction. CSC/ECE 574 Computer and Network Security. Outline. Introductory Remarks Feistel Cipher DES AES

Introduction. CSC/ECE 574 Computer and Network Security. Outline. Introductory Remarks Feistel Cipher DES AES CSC/ECE 574 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms CSC/ECE 574 Dr. Peng Ning 1 Outline Introductory Remarks Feistel Cipher DES AES CSC/ECE 574 Dr. Peng Ning 2 Introduction

More information

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 9: Encryption modes. AES

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 9: Encryption modes. AES CS355: Cryptography Lecture 9: Encryption modes. AES Encryption modes: ECB } Message is broken into independent blocks of block_size bits; } Electronic Code Book (ECB): each block encrypted separately.

More information

Efficient Hardware Calculation of Inverses in GF (2 8 )

Efficient Hardware Calculation of Inverses in GF (2 8 ) Efficient Hardware Calculation of Inverses in GF (2 8 ) R. W. Ward, Dr. T. C. A. Molteno 1 Physics Department University of Otago Box 56, Dunedin, New Zealand 1 Email: tim@physics.otago.ac.nz Abstract:

More information

A New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES

A New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES A New Approach for Designing Key-Dependent S-Box Defined over GF (2 4 ) in AES Hanem M. El-Sheikh, Omayma A. El-Mohsen, Senior Member, IACSIT, Talaat Elgarf, and Abdelhalim Zekry, Senior Member, IACSIT

More information

Accelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography. Stefan Tillich, Johann Großschädl

Accelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography. Stefan Tillich, Johann Großschädl Accelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography International Workshop on Information Security & Hiding (ISH '05) Institute for Applied Information Processing and Communications

More information

PARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM

PARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM PARITY BASED FAULT DETECTION TECHNIQUES FOR S-BOX/ INV S-BOX ADVANCED ENCRYPTION SYSTEM Nabihah Ahmad Department of Electronic Engineering, Faculty of Electrical and Electronic Engineering, Universiti

More information

A Very Compact Perfectly Masked S-Box

A Very Compact Perfectly Masked S-Box A Very Compact Perfectly Masked S-Box for AES D. Canright 1 and Lejla Batina 2 1 Applied Math., Naval Postgraduate School, Monterey CA 93943, USA, dcanright@nps.edu 2 K.U. Leuven ESAT/COSIC, Kasteelpark

More information

(Solution to Odd-Numbered Problems) Number of rounds. rounds

(Solution to Odd-Numbered Problems) Number of rounds. rounds CHAPTER 7 AES (Solution to Odd-Numbered Problems) Review Questions. The criteria defined by NIST for selecting AES fall into three areas: security, cost, and implementation. 3. The number of round keys

More information

The Rijndael Block Cipher

The Rijndael Block Cipher The Rijndael Block Cipher Vincent Leith MATH 27.2 May 3, 2 A brief look at the mathematics behind the Rijndael Block Chiper. Introduction The Rijndael Block Chiper was brought about by Joan Daemen and

More information

The Hash Function JH 1

The Hash Function JH 1 The Hash Function JH 1 16 January, 2011 Hongjun Wu 2,3 wuhongjun@gmail.com 1 The design of JH is tweaked in this report. The round number of JH is changed from 35.5 to 42. This new version may be referred

More information

The XL and XSL attacks on Baby Rijndael. Elizabeth Kleiman. A thesis submitted to the graduate faculty

The XL and XSL attacks on Baby Rijndael. Elizabeth Kleiman. A thesis submitted to the graduate faculty The XL and XSL attacks on Baby Rijndael by Elizabeth Kleiman A thesis submitted to the graduate faculty in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE Major: Mathematics

More information

AES [and other Block Ciphers] Implementation Tricks

AES [and other Block Ciphers] Implementation Tricks AES [and other Bloc Ciphers] Implementation Trics Cryptographic algorithms Basic primitives Survey by Stephen et al, LNCS 1482, Sep. 98 General Structure of a Bloc Cipher Useful Properties for Implementing

More information

A New Algorithm to Construct. Secure Keys for AES

A New Algorithm to Construct. Secure Keys for AES Int. J. Contemp. Math. Sciences, Vol. 5, 2010, no. 26, 1263-1270 A New Algorithm to Construct Secure Keys for AES Iqtadar Hussain Department of Mathematics Quaid-i-Azam University, Islamabad, Pakistan

More information

Improved Impossible Differential Cryptanalysis of Rijndael and Crypton

Improved Impossible Differential Cryptanalysis of Rijndael and Crypton Improved Impossible Differential Cryptanalysis of Rijndael and Crypton Jung Hee Cheon 1, MunJu Kim 2, Kwangjo Kim 1, Jung-Yeun Lee 1, and SungWoo Kang 3 1 IRIS, Information and Communications University,

More information

Affine equivalence in the AES round function

Affine equivalence in the AES round function Discrete Applied Mathematics 148 (2005) 161 170 www.elsevier.com/locate/dam Affine equivalence in the AES round function A.M. Youssef a, S.E. Tavares b a Concordia Institute for Information Systems Engineering,

More information

A Polynomial Description of the Rijndael Advanced Encryption Standard

A Polynomial Description of the Rijndael Advanced Encryption Standard A Polynomial Description of the Rijndael Advanced Encryption Standard arxiv:cs/0205002v1 [cs.cr] 2 May 2002 Joachim Rosenthal Department of Mathematics University of Notre Dame Notre Dame, Indiana 46556,

More information

ON THE SECURITY OF THE ADVANCED ENCRYPTION STANDARD

ON THE SECURITY OF THE ADVANCED ENCRYPTION STANDARD ON THE SECURITY OF THE ADVANCED ENCRYPTION STANDARD Paul D. Yacoumis Supervisor: Dr. Robert Clarke November 2005 Thesis submitted for the degree of Honours in Pure Mathematics Contents 1 Introduction

More information

Hardware Implementation of Compact AES S-box

Hardware Implementation of Compact AES S-box IAENG International Journal of Computer Science : IJCS 7 Hardware Implementation of Compact AES S-box Xiaoqiang ZHANG Ning WU Gaizhen YAN and Liling DONG Abstract In this paper a detailed study on compact

More information

THE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018

THE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018 THE UNIVERSITY OF CALGARY FACULTY OF SCIENCE DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF MATHEMATICS & STATISTICS MIDTERM EXAMINATION 1 FALL 2018 CPSC 418/MATH 318 L01 October 17, 2018 Time: 50 minutes

More information

Differential Fault Analysis of AES using a Single Multiple-Byte Fault

Differential Fault Analysis of AES using a Single Multiple-Byte Fault Differential Fault Analysis of AES using a Single Multiple-Byte Fault Subidh Ali 1, Debdeep Mukhopadhyay 1, and Michael Tunstall 2 1 Department of Computer Sc. and Engg, IIT Kharagpur, West Bengal, India.

More information

Applying Grover s algorithm to AES: quantum resource estimates

Applying Grover s algorithm to AES: quantum resource estimates Applying Grover s algorithm to AES: quantum resource estimates Markus Grassl 1, Brandon Langenberg 2, Martin Roetteler 3 and Rainer Steinwandt 2 1 Universität Erlangen-Nürnberg & Max Planck Institute for

More information

Extended Criterion for Absence of Fixed Points

Extended Criterion for Absence of Fixed Points Extended Criterion for Absence of Fixed Points Oleksandr Kazymyrov, Valentyna Kazymyrova Abstract One of the criteria for substitutions used in block ciphers is the absence of fixed points. In this paper

More information

Introduction to Modern Cryptography. (1) Finite Groups, Rings and Fields. (2) AES - Advanced Encryption Standard

Introduction to Modern Cryptography. (1) Finite Groups, Rings and Fields. (2) AES - Advanced Encryption Standard Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard +,0, and -a are only notations! Review - Groups Def (group): A set G with a binary

More information

Introduction on Block cipher Yoyo Game Application on AES Conclusion. Yoyo Game with AES. Navid Ghaedi Bardeh. University of Bergen.

Introduction on Block cipher Yoyo Game Application on AES Conclusion. Yoyo Game with AES. Navid Ghaedi Bardeh. University of Bergen. Yoyo Game with AES Navid Ghaedi Bardeh University of Bergen May 8, 2018 1 / 33 Outline 1 Introduction on Block cipher 2 Yoyo Game 3 Application on AES 4 Conclusion 2 / 33 Classical Model of Symmetric Cryptography

More information

AN FPGA IMPLEMENTATION OF RIJNDAEL: TRADE-OFFS FOR SIDE-CHANNEL SECURITY. Nele Mentens, Lejla Batina, Bart Preneel and Ingrid Verbauwhede

AN FPGA IMPLEMENTATION OF RIJNDAEL: TRADE-OFFS FOR SIDE-CHANNEL SECURITY. Nele Mentens, Lejla Batina, Bart Preneel and Ingrid Verbauwhede AN FPGA IMPLEMENTATION OF RIJNDAEL: TRADE-OFFS FOR SIDE-CHANNEL SECURIT Nele Mentens, Lejla Batina, Bart Preneel and Ingrid Verbauwhede {Nele.Mentens,Lejla.Batina,Bart.Preneel,Ingrid.Verbauwhede} @esat.kuleuven.ac.be

More information

7 Cryptanalysis. 7.1 Structural Attacks CA642: CRYPTOGRAPHY AND NUMBER THEORY 1

7 Cryptanalysis. 7.1 Structural Attacks CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 CA642: CRYPTOGRAPHY AND NUMBER THEORY 1 7 Cryptanalysis Cryptanalysis Attacks such as exhaustive key-search do not exploit any properties of the encryption algorithm or implementation. Structural attacks

More information

Highly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design

Highly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design Saint-Malo, September 13th, 2015 Cryptographic Hardware and Embedded Systems Highly Efficient GF(2 8 ) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design Rei Ueno 1, Naofumi

More information

Image Encryption and Decryption Algorithm Using Two Dimensional Cellular Automata Rules In Cryptography

Image Encryption and Decryption Algorithm Using Two Dimensional Cellular Automata Rules In Cryptography Image Encryption and Decryption Algorithm Using Two Dimensional Cellular Automata Rules In Cryptography P. Sanoop Kumar Department of CSE, Gayatri Vidya Parishad College of Engineering(A), Madhurawada-530048,Visakhapatnam,

More information

On the Masking Countermeasure and Higher-Order Power Analysis Attacks

On the Masking Countermeasure and Higher-Order Power Analysis Attacks 1 On the Masking Countermeasure and Higher-Order Power Analysis Attacks François-Xavier Standaert, Eric Peeters, Jean-Jacques Quisquater UCL Crypto Group, Place du Levant, 3, B-1348 Louvain-La-Neuve, Belgium.

More information

Applications of Finite Sets Jeremy Knight Final Oral Exam Texas A&M University March 29 th 2012

Applications of Finite Sets Jeremy Knight Final Oral Exam Texas A&M University March 29 th 2012 Finite Fields and Cryptography Applications of Finite Sets Jeremy Knight Final Oral Exam Texas A&M University March 29 th 2012 A field is a set that 1. is associative, commutative, and distributive for

More information

Public-key Cryptography: Theory and Practice

Public-key Cryptography: Theory and Practice Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Appendix A: Symmetric Techniques Block Ciphers A block cipher f of block-size

More information

Applications of Two Dimensional Cellular Automata rules for Block Cipher in Cryptography

Applications of Two Dimensional Cellular Automata rules for Block Cipher in Cryptography Applications of Two Dimensional Cellular Automata rules for Block Cipher in Cryptography Sambhu Prasad Panda 1, Madhusmita Sahu 2, Manas Kumar Swain 3 C V Raman Computer Academy 1,2, C V Raman College

More information

UNDERSTANDING THE COST OF GROVER'S ALGORITHM FOR FINDING A SECRET KEY

UNDERSTANDING THE COST OF GROVER'S ALGORITHM FOR FINDING A SECRET KEY UNDERSTANDING THE COST OF GROVER'S ALGORITHM FOR FINDING A SECRET KEY Rainer Steinwandt 1,2 Florida Atlantic University, USA (joint work w/ B. Amento, M. Grassl, B. Langenberg 2, M. Roetteler) 1 supported

More information

High Performance GHASH Function for Long Messages

High Performance GHASH Function for Long Messages High Performance GHASH Function for Long Messages Nicolas Méloni 1, Christophe Négre 2 and M. Anwar Hasan 1 1 Department of Electrical and Computer Engineering University of Waterloo, Canada 2 Team DALI/ELIAUS

More information

A SIMPLIFIED RIJNDAEL ALGORITHM AND ITS LINEAR AND DIFFERENTIAL CRYPTANALYSES

A SIMPLIFIED RIJNDAEL ALGORITHM AND ITS LINEAR AND DIFFERENTIAL CRYPTANALYSES A SIMPLIFIED RIJNDAEL ALGORITHM AND ITS LINEAR AND DIFFERENTIAL CRYPTANALYSES MOHAMMAD MUSA, EDWARD F SCHAEFER, AND STEPHEN WEDIG Abstract In this paper, we describe a simplified version of the Rijndael

More information

Introduction. Outline. CSC/ECE 574 Computer and Network Security. Secret Keys or Secret Algorithms? Secrets? (Cont d) Secret Key Cryptography

Introduction. Outline. CSC/ECE 574 Computer and Network Security. Secret Keys or Secret Algorithms? Secrets? (Cont d) Secret Key Cryptography Outline CSC/ECE 574 Computer and Network Security Introductory Remarks Feistel Cipher DES AES Topic 3.1 Secret Key Cryptography Algorithms CSC/ECE 574 Dr. Peng Ning 1 CSC/ECE 574 Dr. Peng Ning 2 Secret

More information

High Performance Computing techniques for attacking reduced version of AES using XL and XSL methods

High Performance Computing techniques for attacking reduced version of AES using XL and XSL methods Graduate Theses and Dissertations Iowa State University Capstones, Theses and Dissertations 2010 High Performance Computing techniques for attacking reduced version of AES using XL and XSL methods Elizabeth

More information

LOOKING INSIDE AES AND BES

LOOKING INSIDE AES AND BES 23 LOOKING INSIDE AES AND BES Ilia Toli, Alberto Zanoni Università degli Studi di Pisa Dipartimento di Matematica Leonida Tonelli Via F. Buonarroti 2, 56127 Pisa, Italy {toli, zanoni}@posso.dm.unipi.it

More information

Block ciphers. Block ciphers. Data Encryption Standard (DES) DES: encryption circuit

Block ciphers. Block ciphers. Data Encryption Standard (DES) DES: encryption circuit Block ciphers Block ciphers Myrto Arapinis School o Inormatics University o Edinburgh January 22, 2015 A block cipher with parameters k and l is a pair o deterministic algorithms (E, D) such that Encryption

More information

DIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD *

DIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD * DIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD * Mark Karpovsky, Konrad J. Kulikowski, Alexander Taubin Reliable Computing Laboratory,Department of Electrical

More information

NAVAL POSTGRADUATE SCHOOL

NAVAL POSTGRADUATE SCHOOL NPS-MA-05-001 NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA A Very Compact Rijndael S-box by D. Canright 17 May 2005 (revised) Approved for public release; distribution is unlimited. Prepared for: National

More information

Linear Cryptanalysis of Reduced-Round PRESENT

Linear Cryptanalysis of Reduced-Round PRESENT Linear Cryptanalysis of Reduced-Round PRESENT Joo Yeon Cho 1 Helsinki University of Technology, Finland 2 Nokia A/S, Denmark joo.cho@tkk.fi Abstract. PRESENT is a hardware-oriented block cipher suitable

More information

Cryptographically Robust Large Boolean Functions. Debdeep Mukhopadhyay CSE, IIT Kharagpur

Cryptographically Robust Large Boolean Functions. Debdeep Mukhopadhyay CSE, IIT Kharagpur Cryptographically Robust Large Boolean Functions Debdeep Mukhopadhyay CSE, IIT Kharagpur Outline of the Talk Importance of Boolean functions in Cryptography Important Cryptographic properties Proposed

More information

Table Of Contents. ! 1. Introduction to AES

Table Of Contents. ! 1. Introduction to AES 1 Table Of Contents! 1. Introduction to AES! 2. Design Principles behind AES Linear Cryptanalysis Differential Cryptanalysis Square Attack Biclique Attack! 3. Quantum Cryptanalysis of AES Applying Grover

More information

Symmetric Crypto Systems

Symmetric Crypto Systems T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Symmetric Crypto Systems EECE 412 Copyright 2004-2008 Konstantin Beznosov 09/16/08 Module Outline Stream ciphers under the hood Block ciphers

More information

A Sound Method for Switching between Boolean and Arithmetic Masking

A Sound Method for Switching between Boolean and Arithmetic Masking A Sound Method for Switching between Boolean and Arithmetic Masking Louis Goubin CP8 Crypto Lab, SchlumbergerSema 36-38 rue de la Princesse, BP45 78430 Louveciennes Cedex, France Louis.Goubin@louveciennes.tt.slb.com

More information

Symmetric Crypto Systems

Symmetric Crypto Systems T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Symmetric Crypto Systems EECE 412 Copyright 2004-2012 Konstantin Beznosov 1 Module Outline! Stream ciphers under the hood Block ciphers under

More information

Perfect Diffusion Primitives for Block Ciphers

Perfect Diffusion Primitives for Block Ciphers Perfect Diffusion Primitives for Block Ciphers Building Efficient MDS Matrices Pascal Junod and Serge Vaudenay École Polytechnique Fédérale de Lausanne (Switzerland) {pascaljunod, sergevaudenay}@epflch

More information

Highly Efficient GF (2 8 )InversionCircuit Based on Redundant GF Arithmetic and Its Application to AES Design

Highly Efficient GF (2 8 )InversionCircuit Based on Redundant GF Arithmetic and Its Application to AES Design Highly Efficient GF (2 8 )InversionCircuit Based on Redundant GF Arithmetic and Its Application to AES Design Rei Ueno 1,NaofumiHomma 1, Yukihiro Sugawara 1, Yasuyuki Nogami 2, and Takafumi Aoki 1 1 Graduate

More information

Chapter 2 Symmetric Encryption Algorithms

Chapter 2 Symmetric Encryption Algorithms Chapter 2 Symmetric Encryption Algorithms February 15, 2010 2 The term symmetric means that the same key used to encrypt is used decrypt. In the widest sense all pre-pkc encryption algorithms are symmetric,

More information

A Lightweight Concurrent Fault Detection Scheme for the AES S-boxes Using Normal Basis

A Lightweight Concurrent Fault Detection Scheme for the AES S-boxes Using Normal Basis A Lightweight Concurrent Fault Detection Scheme for the AES S-boxes Using Normal Basis Mehran Mozaffari-Kermani and Arash Reyhani-Masoleh Department of Electrical and Computer Engineering, The University

More information

New Implementations of the WG Stream Cipher

New Implementations of the WG Stream Cipher New Implementations of the WG Stream Cipher Hayssam El-Razouk, Arash Reyhani-Masoleh, and Guang Gong Abstract This paper presents two new hardware designs of the WG-28 cipher, one for the multiple output

More information

Smashing the Implementation Records of AES S-box

Smashing the Implementation Records of AES S-box Smashing the Implementation Records of AES S-box Arash Reyhani-Masoleh, Mostafa Taha and Doaa Ashmawy Department of Electrical and Computer Engineering Western University, London, Ontario, Canada {areyhani,mtaha9,dashmawy}@uwo.ca

More information

AES side channel attacks protection using random isomorphisms

AES side channel attacks protection using random isomorphisms Rostovtsev A.G., Shemyakina O.V., St. Petersburg State Polytechnic University AES side channel attacks protection using random isomorphisms General method of side-channel attacks protection, based on random

More information

Part (02) Modem Encryption techniques

Part (02) Modem Encryption techniques Part (02) Modem Encryption techniques Dr. Ahmed M. ElShafee 1 Block Ciphers and Feistel cipher Dr. Ahmed M. ElShafee 2 introduction Modern block ciphers are widely used to provide encryption of quantities

More information

An Analytical Approach to S-Box Generation

An Analytical Approach to S-Box Generation An Analytical Approach to Generation K. J. Jegadish Kumar 1, K. Hariprakash 2, A.Karunakaran 3 1 (Department of ECE, SSNCE, India) 2 (Department of ECE, SSNCE, India) 3 (Department of ECE, SSNCE, India)

More information

A Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/ Counter Mode

A Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/ Counter Mode Western University Scholarship@Western Electronic Thesis and Dissertation Repository October 2014 A Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/ Counter Mode

More information

V.U.K. Sastry et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 3 (1), 2012,

V.U.K. Sastry et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 3 (1), 2012, VUK Sastry et al, / (IJCSIT) International Journal of Computer Science Information Technologies, Vol 3 (1), 2012, 3119-3128 A Modified Feistel Cipher involving a pair of key matrices,supplemented with

More information

Elliptic Curve Cryptography and Security of Embedded Devices

Elliptic Curve Cryptography and Security of Embedded Devices Elliptic Curve Cryptography and Security of Embedded Devices Ph.D. Defense Vincent Verneuil Institut de Mathématiques de Bordeaux Inside Secure June 13th, 2012 V. Verneuil - Elliptic Curve Cryptography

More information

A Block Cipher using an Iterative Method involving a Permutation

A Block Cipher using an Iterative Method involving a Permutation Journal of Discrete Mathematical Sciences & Cryptography Vol. 18 (015), No. 3, pp. 75 9 DOI : 10.1080/097059.014.96853 A Block Cipher using an Iterative Method involving a Permutation Lakshmi Bhavani Madhuri

More information

Low Complexity Differential Cryptanalysis and Fault Analysis of AES

Low Complexity Differential Cryptanalysis and Fault Analysis of AES Low Complexity Differential Cryptanalysis and Fault Analysis of AES Michael Tunstall May/June, 2011 Michael Tunstall (University of Bristol) May/June, 2011 1 / 34 Introduction We present a survey of low

More information

Introduction to Side Channel Analysis. Elisabeth Oswald University of Bristol

Introduction to Side Channel Analysis. Elisabeth Oswald University of Bristol Introduction to Side Channel Analysis Elisabeth Oswald University of Bristol Outline Part 1: SCA overview & leakage Part 2: SCA attacks & exploiting leakage and very briefly Part 3: Countermeasures Part

More information

2. Accelerated Computations

2. Accelerated Computations 2. Accelerated Computations 2.1. Bent Function Enumeration by a Circular Pipeline Implemented on an FPGA Stuart W. Schneider Jon T. Butler 2.1.1. Background A naive approach to encoding a plaintext message

More information

High Performance GHASH Function for Long Messages

High Performance GHASH Function for Long Messages High Performance GHASH Function for Long Messages Nicolas Méloni, Christophe Negre, M. Anwar Hasan To cite this version: Nicolas Méloni, Christophe Negre, M. Anwar Hasan. High Performance GHASH Function

More information

Differential Fault Analysis on A.E.S.

Differential Fault Analysis on A.E.S. Differential Fault Analysis on A.E.S. P. Dusart, G. Letourneux, O. Vivolo 01/10/2002 Abstract We explain how a differential fault analysis (DFA) works on AES 128, 192 or 256 bits. Contents 1 Introduction

More information

A Large Block Cipher using an Iterative Method and the Modular Arithmetic Inverse of a key Matrix

A Large Block Cipher using an Iterative Method and the Modular Arithmetic Inverse of a key Matrix A Large Block Cipher using an Iterative Method and the Modular Arithmetic Inverse of a key Matrix S. Udaya Kumar V. U. K. Sastry A. Vinaya babu Abstract In this paper, we have developed a block cipher

More information

18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh

18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh 18733: Applied Cryptography Anupam Datta (CMU) Block ciphers Online Cryptography Course What is a block cipher? Block ciphers: crypto work horse n bits PT Block n bits E, D CT Block Key k bits Canonical

More information

Design and Implementation of High Speed CRC Generators

Design and Implementation of High Speed CRC Generators Department of ECE, Adhiyamaan College of Engineering, Hosur, Tamilnadu, India Design and Implementation of High Speed CRC Generators ChidambarakumarS 1, Thaky Ahmed 2, UbaidullahMM 3, VenketeshK 4, JSubhash

More information

A Large Block Cipher Involving Key Dependent Permutation, Interlacing and Iteration

A Large Block Cipher Involving Key Dependent Permutation, Interlacing and Iteration BULGARIAN ACADEMY OF SCIENCES CYBERNETICS AND INFORMATION TECHNOLOGIES Volume 13, No 3 Sofia 2013 Print ISSN: 1311-02; Online ISSN: 1314-4081 DOI: 10.2478/cait-2013-0025 A Large Block Cipher Involving

More information

MASKED INVERSION IN GF(2 N ) USING MIXED FIELD REPRESENTATIONS AND ITS EFFICIENT IMPLEMENTATION FOR AES

MASKED INVERSION IN GF(2 N ) USING MIXED FIELD REPRESENTATIONS AND ITS EFFICIENT IMPLEMENTATION FOR AES Chapter X MASKED INVERSION IN GF( N ) USING MIXED FIELD REPRESENTATIONS AND ITS EFFICIENT IMPLEMENTATION FOR AES SHAY GUERON 1,, ORI PARZANCHEVSKY 1 and OR ZUK 1,3 1 Discretix Technologies, Netanya, ISRAEL

More information

arxiv: v1 [cs.cr] 13 Sep 2016

arxiv: v1 [cs.cr] 13 Sep 2016 Hacking of the AES with Boolean Functions Michel Dubois Operational Cryptology and Virology Laboratory Éric Filiol Operational Cryptology and Virology Laboratory September 14, 2016 arxiv:1609.03734v1 [cs.cr]

More information

FPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials

FPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials FPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials C. Shu, S. Kwon and K. Gaj Abstract: The efficient design of digit-serial multipliers

More information

A Collision-Attack on AES Combining Side Channel- and Differential-Attack

A Collision-Attack on AES Combining Side Channel- and Differential-Attack A Collision-Attack on AES Combining Side Channel- and Differential-Attack Kai Schramm, Gregor Leander, Patrick Felke, and Christof Paar Horst Görtz Institute for IT Security Ruhr-Universität Bochum, Germany

More information

18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh

18733: Applied Cryptography Anupam Datta (CMU) Block ciphers. Dan Boneh 18733: Applied Cryptography Anupam Datta (CMU) Block ciphers Online Cryptography Course What is a block cipher? Block ciphers: crypto work horse n bits PT Block n bits E, D CT Block Key k bits Canonical

More information

Stream ciphers I. Thomas Johansson. May 16, Dept. of EIT, Lund University, P.O. Box 118, Lund, Sweden

Stream ciphers I. Thomas Johansson. May 16, Dept. of EIT, Lund University, P.O. Box 118, Lund, Sweden Dept. of EIT, Lund University, P.O. Box 118, 221 00 Lund, Sweden thomas@eit.lth.se May 16, 2011 Outline: Introduction to stream ciphers Distinguishers Basic constructions of distinguishers Various types

More information

Comprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure

Comprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure Comprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure Amir Moradi and Oliver Mischke Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany {moradi,mischke}@crypto.rub.de

More information

FPGA BASED DESIGN OF PARALLEL CRC GENERATION FOR HIGH SPEED APPLICATION

FPGA BASED DESIGN OF PARALLEL CRC GENERATION FOR HIGH SPEED APPLICATION 258 FPGA BASED DESIGN OF PARALLEL CRC GENERATION FOR HIGH SPEED APPLICATION Sri N.V.N.Prasanna Kumar 1, S.Bhagya Jyothi 2,G.K.S.Tejaswi 3 1 prasannakumar429@gmail.com, 2 sjyothi567@gmail.com, 3 tejaswikakatiya@gmail.com

More information

Inside Keccak. Guido Bertoni 1 Joan Daemen 1 Michaël Peeters 2 Gilles Van Assche 1. Keccak & SHA-3 Day Université Libre de Bruxelles March 27, 2013

Inside Keccak. Guido Bertoni 1 Joan Daemen 1 Michaël Peeters 2 Gilles Van Assche 1. Keccak & SHA-3 Day Université Libre de Bruxelles March 27, 2013 Inside Keccak Guido Bertoni 1 Joan Daemen 1 Michaël Peeters 2 Gilles Van Assche 1 1 STMicroelectronics 2 NXP Semiconductors Keccak & SHA-3 Day Université Libre de Bruxelles March 27, 2013 1 / 49 Outline

More information

AURORA: A Cryptographic Hash Algorithm Family

AURORA: A Cryptographic Hash Algorithm Family AURORA: A Cryptographic Hash Algorithm Family Submitters: Sony Corporation 1 and Nagoya University 2 Algorithm Designers: Tetsu Iwata 2, Kyoji Shibutani 1, Taizo Shirai 1, Shiho Moriai 1, Toru Akishita

More information

3-6 On Multi Rounds Elimination Method for Higher Order Differential Cryptanalysis

3-6 On Multi Rounds Elimination Method for Higher Order Differential Cryptanalysis 3-6 On Multi Rounds Elimination Method for Higher Order Differential Cryptanalysis TANAKA Hidema, TONOMURA Yuji, and KANEKO Toshinobu A multi rounds elimination method for higher order differential cryptanalysis

More information

Modified Hill Cipher with Interlacing and Iteration

Modified Hill Cipher with Interlacing and Iteration Journal of Computer Science 3 (11): 854-859, 2007 ISSN 1549-3636 2007 Science Publications Modified Hill Cipher with Interlacing and Iteration 1 V.U.K. Sastry and 2 N. Ravi Shankar 1 Department of R and

More information

An Area Optimized Implementation of AES S-Box Based on Composite Field and Evolutionary Algorithm

An Area Optimized Implementation of AES S-Box Based on Composite Field and Evolutionary Algorithm , October 1-3, 015, San Francisco, USA An Area Optimized Implementation of AES S-Box Based on Composite Field and Evolutionary Algorithm Yaoping Liu, Ning Wu, Xiaoqiang Zhang, LilingDong, and Lidong Lan

More information

Block Ciphers. Chester Rebeiro IIT Madras. STINSON : chapters 3

Block Ciphers. Chester Rebeiro IIT Madras. STINSON : chapters 3 Block Ciphers Chester Rebeiro IIT Madras STINSON : chapters 3 Block Cipher K E K D Alice untrusted communication link E #%AR3Xf34^$ message encryption (ciphertext) Attack at Dawn!! D decryption Bob Attack

More information

Computing the Modular Inverse of a Polynomial Function over GF (2 P ) Using Bit Wise Operation

Computing the Modular Inverse of a Polynomial Function over GF (2 P ) Using Bit Wise Operation International Journal of Network Security, Vol.10, No.2, PP.107 113, Mar. 2010 107 Computing the Modular Inverse of a Polynomial Function over GF (2 P ) Using Bit Wise Operation Rajaram Ramasamy and Amutha

More information

Chapter 4 Mathematics of Cryptography

Chapter 4 Mathematics of Cryptography Chapter 4 Mathematics of Cryptography Part II: Algebraic Structures Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 4.1 Chapter 4 Objectives To review the concept

More information

Improving Common Subexpression Elimination Algorithm with A New Gate-Level Delay Computing Method

Improving Common Subexpression Elimination Algorithm with A New Gate-Level Delay Computing Method , 23-25 October, 2013, San Francisco, USA Improving Common Subexpression Elimination Algorithm with A New Gate-Level Dela Computing Method Ning Wu, Xiaoqiang Zhang, Yunfei Ye, and Lidong Lan Abstract In

More information

ABHELSINKI UNIVERSITY OF TECHNOLOGY

ABHELSINKI UNIVERSITY OF TECHNOLOGY On Repeated Squarings in Binary Fields Kimmo Järvinen Helsinki University of Technology August 14, 2009 K. Järvinen On Repeated Squarings in Binary Fields 1/1 Introduction Repeated squaring Repeated squaring:

More information

Block Ciphers and Feistel cipher

Block Ciphers and Feistel cipher introduction Lecture (07) Block Ciphers and cipher Dr. Ahmed M. ElShafee Modern block ciphers are widely used to provide encryption of quantities of information, and/or a cryptographic checksum to ensure

More information

K Anup Kumar et al,int.j.comp.tech.appl,vol 3 (1), 23-31

K Anup Kumar et al,int.j.comp.tech.appl,vol 3 (1), 23-31 K Anup Kumar et al,int.j.comp.tech.appl,vol 3 (1), 23-31 A Modified Feistel Cipher involving a key as a multiplicant on both the sides of the Plaintext matrix and supplemented with Mixing Permutation and

More information

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Some Number Theory

More information

A Fault Attack on the LED Block Cipher

A Fault Attack on the LED Block Cipher A Fault Attack on the LED Block Cipher P. Jovanovic, M. Kreuzer and I. Polian Fakultät für Informatik und Mathematik Universität Passau D-94030 Passau, Germany philipp.jovanovic,martin.kreuzer,ilia.polian@uni-passau.de

More information

Distinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network

Distinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network Distinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network Ruilin Li, Bing Sun, and Chao Li Department of Mathematics and System Science, Science College, National University of Defense

More information

Cryptography Lecture 4 Block ciphers, DES, breaking DES

Cryptography Lecture 4 Block ciphers, DES, breaking DES Cryptography Lecture 4 Block ciphers, DES, breaking DES Breaking a cipher Eavesdropper recieves n cryptograms created from n plaintexts in sequence, using the same key Redundancy exists in the messages

More information