FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware
|
|
- Clare French
- 5 years ago
- Views:
Transcription
1 FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware Begül Bilgin, Andrey Bogdanov, Miroslav Knežević, Florian Mendel, and Qingju Wang DIAC 2013, Chicago 1
2 Side Channel Resistance 2
3 Side Channel Resistance The Game... 2
4 Side Channel Resistance The Game... Mathematically secure crypto algorithms 2
5 Side Channel Resistance The Game... Mathematically secure crypto algorithms AES, RSA, Keccak, OCB, 2
6 Side Channel Resistance The Game... Mathematically secure crypto algorithms AES, RSA, Keccak, OCB, Weak implementation 2
7 Side Channel Resistance The Game... Mathematically secure crypto algorithms AES, RSA, Keccak, OCB, Weak implementation 2
8 Side Channel Resistance The Game... Mathematically secure crypto algorithms AES, RSA, Keccak, OCB, Weak implementation Dependency between power consumption and intermediate value (depends on the key) 2
9 Side Channel Resistance 3
10 Side Channel Resistance x Change the key frequently 3
11 Side Channel Resistance x Change the key frequently x Equalize power consumption 3
12 Side Channel Resistance x Change the key frequently x Equalize power consumption Randomize power consumption 3
13 Side Channel Resistance x Change the key frequently x Equalize power consumption Randomize power consumption - Boolean masking 3
14 Side Channel Resistance x Change the key frequently inp^m0 L out^m1 x Equalize power consumption m0 L m1 Randomize power consumption - Boolean masking 3
15 Side Channel Resistance x Change the key frequently x Equalize power consumption Randomize power consumption - Boolean masking 3
16 Side Channel Resistance x Change the key frequently inp^m0 S out^m1 x Equalize power consumption m0 S m1 Randomize power consumption - Boolean masking 3
17 Side Channel Resistance x Change the key frequently inp^m0 S out^m1 x Equalize power consumption m0 S m1 Randomize power consumption - Boolean masking - Multiplicative masking 3
18 Side Channel Resistance x Change the key frequently x Equalize power consumption Randomize power consumption - Boolean masking - Multiplicative masking 3
19 Side Channel Resistance x Change the key frequently x Equalize power consumption Randomize power consumption - Boolean masking - Multiplicative masking - Secret sharing e.g. Threshold Implementations [Nikova 11] 3
20 Side Channel Resistance x Change the key frequently inp^m0^m1 S out^m2^m3 x Equalize power consumption m0 S m2 Randomize power consumption - Boolean masking - Multiplicative masking m1 S m3 - Secret sharing e.g. Threshold Implementations [Nikova 11] 3
21 Side Channel Resistance 4
22 Side Channel Resistance Have the design 4
23 Side Channel Resistance Need efficient impl. Have the design 4
24 Side Channel Resistance Need efficient impl. Have the design Need secure impl. 4
25 Side Channel Resistance Need efficient impl. Have the design Need secure impl. 1 st Order Boolean Mask Multipl. Mask TI 2 nd Order SW?? Still efficient?? HW 4
26 Side Channel Resistance Need efficient impl. Have the design Need secure impl. 1 st Order Boolean Mask Multipl. Mask TI 2 nd Order SW Still efficient HW 5
27 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 6
28 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge 6
29 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge - Rounds are not keyed 6
30 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge - Rounds are not keyed Online 6
31 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge - Rounds are not keyed Online Single pass 6
32 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge - Rounds are not keyed Online Single pass b k/n/t r FIDES FIDES
33 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge - Rounds are not keyed Online Single pass b k/n/t r FIDES FIDES
34 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge - Rounds are not keyed Online Single pass b k/n/t r FIDES FIDES
35 Design - Structure a A 1 A 2 A v C 1 M 1 C u M u K N 16R R T K 0 - Similar to duplex sponge - Rounds are not keyed Online Single pass b k/n/t r FIDES FIDES
36 Design - Structure State SubBytes ShiftRows MixColumns ConstantAddition 10
37 Design - Structure State SubBytes ShiftRows MixColumns ConstantAddition 11
38 Design - Structure State SubBytes ShiftRows MixColumns ConstantAddition 12
39 Design - Structure State SubBytes ShiftRows MixColumns ConstantAddition Almost MDS branch number is 4 13
40 Design - Structure State SubBytes ShiftRows MixColumns ConstantAddition 14
41 Design - S-boxes FIDES-80: 5-bit Almost Bent (AB) - - optimal resistance against differential & linear cryptanalysis degree 2 (two), 3(one), 4(one) FIDES-96: 6-bit Almost Perfect Nonlinear (APN) - optimal resistance against differential cryptanalysis - degree 4 15
42 Design - S-boxes FIDES-80: 5-bit Almost Bent (AB) - - optimal resistance against differential & linear cryptanalysis degree 2 (two), 3(one), 4(one) FIDES-96: 6-bit Almost Perfect Nonlinear (APN) - optimal resistance against differential cryptanalysis - degree 4 ++Low latency++ 15
43 Design - S-boxes FIDES-80: 5-bit Almost Bent (AB) - - optimal resistance against differential & linear cryptanalysis degree 2 (two), 3(one), 4(one) FIDES-96: 6-bit Almost Perfect Nonlinear (APN) - optimal resistance against differential cryptanalysis - degree 4 ++Low latency++ 15
44 Design - S-boxes FIDES-80: 5-bit Almost Bent (AB) - - optimal resistance against differential & linear cryptanalysis degree 2 (two), 3(one), 4(one) FIDES-96: 6-bit Almost Perfect Nonlinear (APN) - optimal resistance against differential cryptanalysis - degree 4 ++Low latency++ 16
45 Design - S-boxes 17
46 Design - S-boxes Affine Equivalent to AB permutation with degree 2 17
47 Design - S-boxes Affine Equivalent to AB permutation with degree 2 Unshared S-box Shared S-box # of S-boxes # of GE (UMC 180nm)
48 Design - S-boxes Affine Equivalent to AB permutation with degree 2 Unshared S-box Shared S-box # of S-boxes # of GE (UMC 180nm)
49 Design - S-boxes Affine Equivalent to AB permutation with degree 2 Unshared S-box Shared S-box # of S-boxes # of GE (UMC 180nm) Similar for APN 18
50 Security Analysis # # Active S-box rnd. any diff. zero diff
51 Security Analysis # # Active S-box rnd. any diff. zero diff Differential & Linear Cryptanalysis 19
52 Security Analysis # # Active S-box rnd. any diff. zero diff Differential & Linear Cryptanalysis 16 rounds: 2-4x48x2 =
53 Security Analysis # # Active S-box rnd. any diff. zero diff Differential & Linear Cryptanalysis 16 rounds: 2-4x48x2 = Collision Trails 19
54 Security Analysis # # Active S-box rnd. any diff. zero diff Differential & Linear Cryptanalysis 16 rounds: 2-4x48x2 = Collision Trails 16 rounds: 2-4x(48+48) =
55 Security Analysis # # Active S-box rnd. any diff. zero diff Differential & Linear Cryptanalysis 16 rounds: 2-4x48x2 = Collision Trails 16 rounds: 2-4x(48+48) = Impossible Differential 19
56 Security Analysis # # Active S-box rnd. any diff. zero diff Differential & Linear Cryptanalysis 16 rounds: 2-4x48x2 = Collision Trails 16 rounds: 2-4x(48+48) = Impossible Differential 9 rounds 19
57 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 20
58 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 21
59 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 21
60 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 21
61 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 21
62 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 21
63 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 22
64 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 23
65 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 23
66 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 23
67 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 23
68 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 23
69 Implementation - FIDES-S - FIDES-4S - FIDES-R - FIDES-T 24
70 Performance FIDES on Different Technologies Area in GE NXP 90nm NANGATE 45nm UMC 130nm FIDES-80-S FIDES-80-4S FIDES-80-R FIDES-80-T FIDES-96-S FIDES-96-4S FIDES-96-R FIDES-96-T 25
71 Performance FIDES-80 FIDES-96 ALE AES-CCM ASC-1 A ASC-1 B c-quark KECCAK-200-MD Hummingbird2 Throughput (kb/s) Area (GE) 26
72 Conclusion FIDES 27
73 Conclusion Lightweight AE - - less than 1500GE online, single-pass FIDES 27
74 Conclusion Lightweight AE - - less than 1500GE online, single-pass with Side Channel Resistance - TI less than 5000 GE FIDES 27
75 Conclusion Lightweight AE - - less than 1500GE online, single-pass with Side Channel Resistance - TI less than 5000 GE and 80-bit or 90-bit security FIDES - - AB and APN permutations almost MDS 27
76 THANK YOU! 28
Threshold Implementations. Svetla Nikova
Threshold Implementations Svetla Nikova Threshold Implementations A provably secure countermeasure Against (first) order power analysis based on multi party computation and secret sharing 2 Outline Threshold
More informationConstructing TI-Friendly Substitution Boxes using Shift-Invariant Permutations. Si Gao, Arnab Roy, and Elisabeth Oswald
Constructing TI-Friendly Substitution Boxes using Shift-Invariant Permutations Si Gao, Arnab Roy, and Elisabeth Oswald Outline Introduction Design Philosophy Sbox Constructions Implementations Summary
More informationTime-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers. Praveen Vadnala
Time-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers Praveen Vadnala Differential Power Analysis Implementations of cryptographic systems leak Leaks from bit 1 and bit 0 are
More information4. Design Principles of Block Ciphers and Differential Attacks
4. Design Principles of Block Ciphers and Differential Attacks Nonli near 28-bits Trans forma tion 28-bits Model of Block Ciphers @G. Gong A. Introduction to Block Ciphers A Block Cipher Algorithm: E and
More informationSHA-3 and permutation-based cryptography
SHA-3 and permutation-based cryptography Joan Daemen 1 Joint work with Guido Bertoni 1, Michaël Peeters 2 and Gilles Van Assche 1 1 STMicroelectronics 2 NXP Semiconductors Crypto summer school Šibenik,
More informationVariety of scalable shuffling countermeasures against side channel attacks
Variety of scalable shuffling countermeasures against side channel attacks Nikita Veshchikov, Stephane Fernandes Medeiros, Liran Lerman Department of computer sciences, Université libre de Bruxelles, Brussel,
More informationSIDE-CHANNEL attacks exploit the leaked physical information
546 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS II: EXPRESS BRIEFS, VOL. 57, NO. 7, JULY 2010 A Low Overhead DPA Countermeasure Circuit Based on Ring Oscillators Po-Chun Liu, Hsie-Chia Chang, Member, IEEE,
More informationSecret Key Systems (block encoding) Encrypting a small block of text (say 128 bits) General considerations for cipher design:
Secret Key Systems (block encoding) Encrypting a small block of text (say 128 bits) General considerations for cipher design: Secret Key Systems (block encoding) Encrypting a small block of text (say 128
More informationConditional Cube Attack on Reduced-Round Keccak Sponge Function
Conditional Cube Attack on Reduced-Round Keccak Sponge Function Senyang Huang 1, Xiaoyun Wang 1,2,3, Guangwu Xu 4, Meiqin Wang 2,3, Jingyuan Zhao 5 1 Institute for Advanced Study, Tsinghua University,
More informationCESEL: Flexible Crypto Acceleration. Kevin Kiningham Dan Boneh, Mark Horowitz, Philip Levis
CESEL: Flexible Crypto Acceleration Kevin Kiningham Dan Boneh, Mark Horowitz, Philip Levis Cryptography Mathematical operations to secure data Fundamental for building secure systems Computationally intensive:
More informationSide-Channel Leakage through Static Power
Side-Channel Leakage through Static Power Should We Care about in Practice? Amir Moradi Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany amir.moradi@rub.de Abstract. By shrinking
More informationJournal of Discrete Mathematical Sciences & Cryptography Vol. ( ), No., pp. 1 10
Dynamic extended DES Yi-Shiung Yeh 1, I-Te Chen 2, Ting-Yu Huang 1, Chan-Chi Wang 1, 1 Department of Computer Science and Information Engineering National Chiao-Tung University 1001 Ta-Hsueh Road, HsinChu
More informationDedicated Cryptanalysis of Lightweight Block Ciphers
Dedicated Cryptanalysis of Lightweight Block Ciphers María Naya-Plasencia INRIA, France Šibenik 2014 Outline Introduction Impossible Differential Attacks Meet-in-the-middle and improvements Multiple Differential
More informationOFDM Based Low Power Secured Communication using AES with Vedic Mathematics Technique for Military Applications
OFDM Based Low Power Secured Communication using AES with Vedic Mathematics Technique for Military Applications Elakkiya.V 1, Sharmila.S 2, Swathi Priya A.S 3, Vinodha.K 4 1,2,3,4 Department of Electronics
More informationFrom New Technologies to New Solutions: Exploiting FRAM Memories to Enhance Physical Security
From New Technologies to New Solutions: Exploiting FRAM Memories to Enhance Physical Security Stéphanie Kerckhof, François-Xavier Standaert, Eric Peeters CARDIS 2013 November 2013 Microelectronics Laboratory
More informationMethodologies for power analysis attacks on hardware implementations of AES
Rochester Institute of Technology RIT Scholar Works Theses Thesis/Dissertation Collections 8-1-2009 Methodologies for power analysis attacks on hardware implementations of AES Kenneth James Smith Follow
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously Pseudorandom Functions and Permutaitons Modes of Operation Pseudorandom Functions Functions that look like random
More informationDesign of a High Throughput 128-bit AES (Rijndael Block Cipher)
Design of a High Throughput 128-bit AES (Rijndael Block Cipher Tanzilur Rahman, Shengyi Pan, Qi Zhang Abstract In this paper a hardware implementation of a high throughput 128- bits Advanced Encryption
More informationGlitch-Free Implementation of Masking in Modern FPGAs
Glitch-Free Imementation of Masking in Modern FPGAs Amir Moradi and Oliver Mischke Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany {moradi, mischke}@crypto.rub.de Abstract Due to
More informationDiffie-Hellman key-exchange protocol
Diffie-Hellman key-exchange protocol This protocol allows two users to choose a common secret key, for DES or AES, say, while communicating over an insecure channel (with eavesdroppers). The two users
More informationDPA Leakage Models for CMOS Logic Circuits
CHES 25 in Edinburgh DPA Leakage Models for CMOS Logic Circuits Daisuke Suzuki Minoru Saeki Mitsubishi Electric Corporation, Information Technology R&D Center Tetsuya Ichikawa Mitsubishi Electric Engineering
More informationCDMA Physical Layer Built-in Security Enhancement
CDMA Physical Layer Built-in Security Enhancement Jian Ren Tongtong Li 220 Engineering Building Department of Electrical & Computer Engineering Michigan State University East Landing, MI 48864-226 Email:
More informationNew Linear Cryptanalytic Results of Reduced-Round of CAST-128 and CAST-256
New Linear Cryptanalytic Results of Reduced-Round of CAST-28 and CAST-256 Meiqin Wang, Xiaoyun Wang, and Changhui Hu Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education,
More informationPower Analysis Attacks on SASEBO January 6, 2010
Power Analysis Attacks on SASEBO January 6, 2010 Research Center for Information Security, National Institute of Advanced Industrial Science and Technology Table of Contents Page 1. OVERVIEW... 1 2. POWER
More informationSome Cryptanalysis of the Block Cipher BCMPQ
Some Cryptanalysis of the Block Cipher BCMPQ V. Dimitrova, M. Kostadinoski, Z. Trajcheska, M. Petkovska and D. Buhov Faculty of Computer Science and Engineering Ss. Cyril and Methodius University, Skopje,
More informationLightweight Mixcolumn Architecture for Advanced Encryption Standard
Volume 6 No., February 6 Lightweight Micolumn Architecture for Advanced Encryption Standard K.J. Jegadish Kumar Associate professor SSN college of engineering kalvakkam, Chennai-6 R. Balasubramanian Post
More informationCourse Business. Harry. Hagrid. Homework 2 Due Now. Midterm is on March 1. Final Exam is Monday, May 1 (7 PM) Location: Right here
Course Business Homework 2 Due Now Midterm is on March 1 Final Exam is Monday, May 1 (7 PM) Location: Right here Harry Hagrid 1 Cryptography CS 555 Topic 17: DES, 3DES 2 Recap Goals for This Week: Practical
More informationA Block Cipher Based Pseudo Random Number Generator Secure against Side-Channel Key Recovery
A Block Cipher Based Pseudo Random Number Generator Secure against Side-Channel Key Recovery Christophe Petit 1, François-Xavier Standaert 1, Olivier Pereira 1, Tal G. Malkin 2, Moti Yung 2 1, Université
More informationGeneration of AES Key Dependent S-Boxes using RC4 Algorithm
3 th International Conference on AEROSPACE SCIENCES & AVIATION TECHNOLOGY, ASAT- 3, May 26 28, 29, E-Mail: asat@mtc.edu.eg Military Technical College, Kory Elkoah, Cairo, Egypt Tel : +(22) 2425292 243638,
More informationDifferential Cryptanalysis of REDOC III
Differential Cryptanalysis of REDOC III Ken Shirriff Address: Sun Microsystems Labs, 2550 Garcia Ave., MS UMTV29-112, Mountain View, CA 94043. Ken.Shirriff@eng.sun.com Abstract: REDOC III is a recently-developed
More informationHigh Diffusion Cipher: Encryption and Error Correction in a Single Cryptographic Primitive
High Diffusion Cipher: Encryption and Error Correction in a Single Cryptographic Primitive Chetan Nanjunda Mathur, Karthik Narayan and K.P. Subbalakshmi Department of Electrical and Computer Engineering
More informationCorrelation Power Analysis of Lightweight Block Ciphers
Correlation Power Analysis of Lightweight Block Ciphers From Theory to Practice Alex Biryukov Daniel Dinu Johann Großschädl SnT, University of Luxembourg ESC 2017 (University of Luxembourg) CPA of Lightweight
More informationFinding the key in the haystack
A practical guide to Differential Power hunz Zn000h AT gmail.com December 30, 2009 Introduction Setup Procedure Tunable parameters What s DPA? side channel attack introduced by Paul Kocher et al. 1998
More informationDATA SECURITY USING ADVANCED ENCRYPTION STANDARD (AES) IN RECONFIGURABLE HARDWARE FOR SDR BASED WIRELESS SYSTEMS
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 6367(Print) ISSN 0976 6375(Online)
More informationLessons Learned from Designing a 65 nm ASIC for Third Round SHA-3 Candidates
Lessons Learned from Designing a 65 nm ASIC for Third Round SHA-3 Candidates Frank K. Gürkaynak, Kris Gaj, Beat Muheim, Ekawat Homsirikamol, Christoph Keller, Marcin Rogawski, Hubert Kaeslin, Jens-Peter
More informationClassical Cryptography
Classical Cryptography CS 6750 Lecture 1 September 10, 2009 Riccardo Pucella Goals of Classical Cryptography Alice wants to send message X to Bob Oscar is on the wire, listening to all communications Alice
More informationMeet-in-the-Middle Attacks on Reduced-Round Midori-64
Meet-in-the-Middle Attacks on Reduced-Round Midori-64 Li Lin and Wenling Wu Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China
More informationThe number theory behind cryptography
The University of Vermont May 16, 2017 What is cryptography? Cryptography is the practice and study of techniques for secure communication in the presence of adverse third parties. What is cryptography?
More informationOverview. The Big Picture... CSC 580 Cryptography and Computer Security. January 25, Math Basics for Cryptography
CSC 580 Cryptography and Computer Security Math Basics for Cryptography January 25, 2018 Overview Today: Math basics (Sections 2.1-2.3) To do before Tuesday: Complete HW1 problems Read Sections 3.1, 3.2
More informationGeneric Attacks on Feistel Schemes
Generic Attacks on Feistel Schemes -Extended Version- Jacques Patarin PRiSM, University of Versailles, 45 av. des États-Unis, 78035 Versailles Cedex, France This paper is the extended version of the paper
More informationDES Data Encryption standard
DES Data Encryption standard DES was developed by IBM as a modification of an earlier system Lucifer DES was adopted as a standard in 1977 Was replaced only in 2001 with AES (Advanced Encryption Standard)
More informationIs Your Mobile Device Radiating Keys?
Is Your Mobile Device Radiating Keys? Benjamin Jun Gary Kenworthy Session ID: MBS-401 Session Classification: Intermediate Radiated Leakage You have probably heard of this before App Example of receiving
More informationFormal Hardware Verification: Theory Meets Practice
Formal Hardware Verification: Theory Meets Practice Dr. Carl Seger Senior Principal Engineer Tools, Flows and Method Group Server Division Intel Corp. June 24, 2015 1 Quiz 1 Small Numbers Order the following
More informationHardware Bit-Mixers. Laszlo Hars January, 2016
Hardware Bit-Mixers Laszlo Hars January, 2016 Abstract A new concept, the Bit-Mixer is introduced. It is a function of fixed, possibly different size of input and output, which computes statistically uncorrelated
More informationLessons Learned from Designing a 65 nm ASIC for Third Round SHA-3 Candidates
Lessons Learned from Designing a 65 nm ASIC for Third Round SHA-3 Candidates Frank K. Gürkaynak, Kris Gaj, Beat Muheim, Ekawat Homsirikamol, Christoph Keller, Marcin Rogawski, Hubert Kaeslin, Jens-Peter
More informationAn Architecture-Independent Instruction Shuffler to Protect against Side-Channel Attacks
An Architecture-Independent Instruction Shuffler to Protect against Side-Channel Attacks ALI GALIP BAYRAK, NIKOLA VELICKOVIC, and PAOLO IENNE, Ecole Polytechnique Fédérale de Lausanne (EPFL) WAYNE BURLESON,
More informationJICE: Joint Data Compression and Encryption for Wireless Energy Auditing Networks
JICE: Joint Data Compression and Encryption for Wireless Energy Auditing Networks Sheng-Yuan Chiu 1,2, Hoang Hai Nguyen 1, Rui Tan 1, David K.Y. Yau 1,3,Deokwoo Jung 1 1 Advanced Digital Science Center,
More informationPublic Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014
7 Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014 Cryptography studies techniques for secure communication in the presence of third parties. A typical
More informationDUBLIN CITY UNIVERSITY
DUBLIN CITY UNIVERSITY SEMESTER ONE EXAMINATIONS 2013 MODULE: (Title & Code) CA642 Cryptography and Number Theory COURSE: M.Sc. in Security and Forensic Computing YEAR: 1 EXAMINERS: (Including Telephone
More informationNetwork Security: Secret Key Cryptography
1 Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York schulzrinne@cs.columbia.edu Columbia University, Fall 2000 cfl1999-2000, Henning Schulzrinne Last modified
More informationGeneric Attacks on Feistel Schemes
Generic Attacks on Feistel Schemes Jacques Patarin 1, 1 CP8 Crypto Lab, SchlumbergerSema, 36-38 rue de la Princesse, BP 45, 78430 Louveciennes Cedex, France PRiSM, University of Versailles, 45 av. des
More informationKeywords: dynamic P-Box and S-box, modular calculations, prime numbers, key encryption, code breaking.
INTRODUCING DYNAMIC P-BOX AND S-BOX BASED ON MODULAR CALCULATION AND KEY ENCRYPTION FOR ADDING TO CURRENT CRYPTOGRAPHIC SYSTEMS AGAINST THE LINEAR AND DIFFERENTIAL CRYPTANALYSIS M. Zobeiri and B. Mazloom-Nezhad
More informationOn Permutation Operations in Cipher Design
On Permutation Operations in Cipher Design Ruby B. Lee, Z. J. Shi and Y. L. Yin Princeton University Department of Electrical Engineering B-218, Engineering Quadrangle Princeton, NJ 08544, U.S.A. Email:
More informationVoice Data Encryption AT Crypt One
Voice Data Encryption AT Crypt One Example: Customised Add-on Unit AT Crypt One-01 Add-on Unit for voice and data encryption AT Crypt One-02 Encryption Board for radio integration AT Crypt-03 Handset with
More informationRandom Bit Generation and Stream Ciphers
Random Bit Generation and Stream Ciphers Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 8-1 Overview 1.
More informationPermutation Operations in Block Ciphers
Chapter I Permutation Operations in Block Ciphers R. B. Lee I.1, I.2,R.L.Rivest I.3,M.J.B.Robshaw I.4, Z. J. Shi I.2,Y.L.Yin I.2 New and emerging applications can change the mix of operations commonly
More informationCryptanalysis on short messages encrypted with M-138 cipher machine
Cryptanalysis on short messages encrypted with M-138 cipher machine Tsonka Baicheva Miroslav Dimitrov Institute of Mathematics and Informatics Bulgarian Academy of Sciences 10-14 July, 2017 Sofia Introduction
More informationA low-cost UHF RFID tag chip with AES cryptography engine
SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 214; 7:365 375 Published online 9 May 213 in Wiley Online Library (wileyonlinelibrary.com)..723 SPECIAL ISSUE PAPER A low-cost UHF RFID tag chip
More informationSmashing the Implementation Records of AES S-box
Smashing the Implementation Records of AES S-box Arash Reyhani-Masoleh, Mostafa Taha, and Doaa Ashmawy Western University London, Ontario, Canada CHES-2018 1 Outline Introduction. Proposed AES S-box Architecture.
More informationCryptology and Graph Theory
Cryptology and Graph Theory Jean-Jacques Quisquater jjq@dice.ucl.ac.be November 16, 2005 http://www.uclcrypto.org Mierlo, Netherlands Warning: Audience may be addicted by Powerpoint. Use with moderation.
More informationHow cryptographic benchmarking goes wrong. Thanks to NIST 60NANB12D261 for funding this work, and for not reviewing these slides in advance.
How cryptographic benchmarking goes wrong 1 Daniel J. Bernstein Thanks to NIST 60NANB12D261 for funding this work, and for not reviewing these slides in advance. PRESERVE, ending 2015.06.30, was a European
More informationCryptanalysis of HMAC/NMAC-Whirlpool
Cryptanalysis of HMAC/NMAC-Whirlpool Jian Guo, Yu Sasaki, Lei Wang, Shuang Wu ASIACRYPT, Bangalore, India 4 December 2013 Talk Overview 1 Introduction HMAC and NMAC The Whirlpool Hash Function Motivation
More informationUnderstanding Cryptography: A Textbook For Students And Practitioners PDF
Understanding Cryptography: A Textbook For Students And Practitioners PDF Cryptography is now ubiquitous â moving beyond the traditional environments, such as government communications and banking systems,
More informationExplaining Differential Fault Analysis on DES. Christophe Clavier Michael Tunstall
Explaining Differential Fault Analysis on DES Christophe Clavier Michael Tunstall 5/18/2006 References 2 Bull & Innovatron Patents Fault Injection Equipment: Laser 3 Bull & Innovatron Patents Fault Injection
More informationAdvances in SCA and RF-DNA Fingerprinting Through Enhanced Linear Regression Attacks and Application of Random Forest Classifiers
Air Force Institute of Technology AFIT Scholar Theses and Dissertations 9-18-2014 Advances in SCA and RF-DNA Fingerprinting Through Enhanced Linear Regression Attacks and Application of Random Forest Classifiers
More informationLecture 1: Introduction
Lecture 1: Introduction Instructor: Omkant Pandey Spring 2018 (CSE390) Instructor: Omkant Pandey Lecture 1: Introduction Spring 2018 (CSE390) 1 / 13 Cryptography Most of us rely on cryptography everyday
More informationPower Analysis an overview. Agenda. Measuring power consumption. Measuring power consumption (2) Benedikt Gierlichs, KU Leuven - COSIC.
Power Analysis an overview Agenda Benedikt Gierlichs KU Leuven COSIC, Belgium benedikt.gierlichs@esat.kuleuven.be Measurements Analysis Pre-processing Summer School on Design and security of cryptographic
More informationLecture 1: Introduction to Digital System Design & Co-Design
Design & Co-design of Embedded Systems Lecture 1: Introduction to Digital System Design & Co-Design Computer Engineering Dept. Sharif University of Technology Winter-Spring 2008 Mehdi Modarressi Topics
More informationEvaluating a New Mac for Current and Next Generation Rfid
University of Massachusetts Amherst ScholarWorks@UMass Amherst Masters Theses 1911 - February 2014 2010 Evaluating a New Mac for Current and Next Generation Rfid Serge Zhilyaev University of Massachusetts
More informationEFFICIENT ASIC ARCHITECTURE OF RSA CRYPTOSYSTEM
EFFICIENT ASIC ARCHITECTURE OF RSA CRYPTOSYSTEM Varun Nehru 1 and H.S. Jattana 2 VLSI Design Division, Semi-Conductor Laboratory, Dept. of Space, S.A.S. Nagar. 1 nehruvarun@gmail.com, 2 hsj@scl.gov.in
More informationAtomic-AES: A Compact Implementation of the AES Encryption/Decryption Core
Atomic-AES: A Compact Implementation of the AES Encryption/Decryption Core Subhadeep Banik 1, Andrey Bogdanov 2 and Francesco Regazzoni 3 1 Temasek Labs, Nanyang Technological University, Singapore bsubhadeep@ntu.edu.sg
More informationEvaluation of On-chip Decoupling Capacitor s Effect on AES Cryptographic Circuit
R1-3 SASIMI 2013 Proceedings Evaluation of On-chip Decoupling Capacitor s Effect on AES Cryptographic Circuit Tsunato Nakai Mitsuru Shiozaki Takaya Kubota Takeshi Fujino Graduate School of Science and
More informationDETECTING POWER ATTACKS ON RECONFIGURABLE HARDWARE. Adrien Le Masle, Wayne Luk
DETECTING POWER ATTACKS ON RECONFIGURABLE HARDWARE Adrien Le Masle, Wayne Luk Department of Computing, Imperial College London 180 Queen s Gate, London SW7 2BZ, UK email: {al1108,wl}@doc.ic.ac.uk ABSTRACT
More informationThroughput vs. Area Trade-offs in High-Speed Architectures of Five Round 3 SHA-3 Candidates Implemented Using Xilinx and Altera FPGAs
Throughput vs. Area Trade-offs in High-Speed Architectures of Five Round 3 SHA-3 Candidates Implemented Using Xilinx and Altera FPGAs Ekawat Homsirikamol, Marcin Rogawski, and Kris Gaj George Mason University
More informationCourse Developer: Ranjan Bose, IIT Delhi
Course Title: Coding Theory Course Developer: Ranjan Bose, IIT Delhi Part I Information Theory and Source Coding 1. Source Coding 1.1. Introduction to Information Theory 1.2. Uncertainty and Information
More informationLinear Congruences. The solutions to a linear congruence ax b (mod m) are all integers x that satisfy the congruence.
Section 4.4 Linear Congruences Definition: A congruence of the form ax b (mod m), where m is a positive integer, a and b are integers, and x is a variable, is called a linear congruence. The solutions
More informationImage Encryption Based on the Modified Triple- DES Cryptosystem
International Mathematical Forum, Vol. 7, 2012, no. 59, 2929-2942 Image Encryption Based on the Modified Triple- DES Cryptosystem V. M. SILVA-GARCÍA 1, R. FLORES-CARAPIA 2, I. LÓPEZ-YAÑEZ 3 and C. RENTERÍA-MÁRQUEZ
More informationSide-Channel Attack Standard Evaluation Board SASEBO-W for Smartcard Testing
Side-Channel Attac Standard Evaluation Board -W for Smartcard Testing Toshihiro Katashita ), Yohei ori ), irofumi Saane,2), Aashi Satoh ) ) National Institute of Advanced Industrial Science and Technology,
More informationImage Encryption using Pseudo Random Number Generators
Image Encryption using Pseudo Random Number Generators Arihant Kr. Banthia Postgraduate student (MTech) Deptt. of CSE & IT, MANIT, Bhopal Namita Tiwari Asst. Professor Deptt. of CSE & IT, MANIT, Bhopal
More informationAlternative forms of representation of Boolean functions in Cryptographic Information Security Facilities. Kushch S.
Alternative forms of representation of Boolean functions in Cryptographic Information Security Facilities Kushch S. The work offers a new approach to the formation of functions which are used in cryptography
More informationInvestigating the DPA-Resistance Property of Charge Recovery Logics
Investigating the DPA-Resistance Property of Charge Recovery Logics Amir Moradi 1, Mehrdad Khatir 1, Mahmoud Salmasizadeh, and Mohammad T. Manzuri Shalmani 1 1 Department of Computer Engineering, Sharif
More informationSecure Function Evaluation
Secure Function Evaluation 1) Use cryptography to securely compute a function/program. 2) Secure means a) Participant s inputs stay secret even though they are used in the computation. b) No participant
More informationPermutation Polynomials Modulo 2 w
Finite Fields and Their Applications 7, 287}292 (2001) doi.10.1006/!ta.2000.0282, available online at http://www.idealibrary.com on Permutation Polynomials Modulo 2 w Ronald L. Rivest Laboratory for Computer
More informationArray-Based Statistical Analysis of the MK-3 Authenticated Encryption Scheme. P. Bajorski, A. Kaminsky, M. Kurdziel, M. Łukowiak, S.
Array-Based Statistical Analysis of the MK-3 Authenticated Encryption Scheme P. Bajorski, A. Kaminsky, M. Kurdziel, M. Łukowiak, S. Radziszowski Array-Based Statistical Analysis of the MK-3 Authenticated
More informationRecommendations for Secure IC s and ASIC s
Recommendations for Secure IC s and ASIC s F. Mace, F.-X. Standaert, J.D. Legat, J.-J. Quisquater UCL Crypto Group, Microelectronics laboratory(dice), Universite Catholique de Louvain(UCL), Belgium email:
More informationSuccessful Implementation of the Hill and Magic Square Ciphers: A New Direction
Successful Implementation of the Hill and Magic Square Ciphers: A New Direction ISSN:319-7900 Tomba I. : Dept. of Mathematics, Manipur University, Imphal, Manipur (INDIA) Shibiraj N, : Research Scholar
More informationTriple-DES Block of 96 Bits: An Application to. Colour Image Encryption
Applied Mathematical Sciences, Vol. 7, 2013, no. 23, 1143-1155 HIKARI Ltd, www.m-hikari.com Triple-DES Block of 96 Bits: An Application to Colour Image Encryption V. M. Silva-García Instituto politécnico
More informationAnalysis of S-box in Image Encryption Using Root Mean Square Error Method
Analysis of S-box in Image Encryption Using Root Mean Square Error Method Iqtadar Hussain a, Tariq Shah a, Muhammad Asif Gondal b, and Hasan Mahmood c a Department of Mathematics, Quaid-i-Azam University,
More informationPower Analysis Based Side Channel Attack
CO411/2::Individual Project I & II Report arxiv:1801.00932v1 [cs.cr] 3 Jan 2018 Power Analysis Based Side Channel Attack Hasindu Gamaarachchi Harsha Ganegoda http://www.ce.pdn.ac.lk Department of Computer
More informationMinimum key length for cryptographic security
Journal of Applied Mathematics & Bioinformatics, vol.3, no.1, 2013, 181-191 ISSN: 1792-6602 (print), 1792-6939 (online) Scienpress Ltd, 2013 Minimum key length for cryptographic security George Marinakis
More informationTransform. Jeongchoon Ryoo. Dong-Guk Han. Seoul, Korea Rep.
978-1-4673-2451-9/12/$31.00 2012 IEEE 201 CPA Performance Comparison based on Wavelet Transform Aesun Park Department of Mathematics Kookmin University Seoul, Korea Rep. aesons@kookmin.ac.kr Dong-Guk Han
More informationTHE INTEGRATION of nanodevices with complementary
IEEE TRANSACTIONS ON NANOTECHNOLOGY, VOL. 8, NO. 3, MAY 2009 315 Efficient CMOL Gate Designs for Cryptography Applications Z. Abid, Member, IEEE, A. Alma aitah, Student Member, IEEE, M.Barua, Student Member,
More informationCRYPTANALYSIS OF THE PERMUTATION CIPHER OVER COMPOSITION MAPPINGS OF BLOCK CIPHER
CRYPTANALYSIS OF THE PERMUTATION CIPHER OVER COMPOSITION MAPPINGS OF BLOCK CIPHER P.Sundarayya 1, M.M.Sandeep Kumar 2, M.G.Vara Prasad 3 1,2 Department of Mathematics, GITAM, University, (India) 3 Department
More informationVoice and image encryption, and performance analysis of counter mode advanced encryption standard for WiMAX
The University of Toledo The University of Toledo Digital Repository Theses and Dissertations 2013 Voice and image encryption, and performance analysis of counter mode advanced encryption standard for
More informationTeacher s Notes. Problem of the Month: Courtney s Collection
Teacher s Notes Problem of the Month: Courtney s Collection Overview: In the Problem of the Month, Courtney s Collection, students use number theory, number operations, organized lists and counting methods
More informationSYNCHRONOUS stream ciphers are lightweight
IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 22, NO. 9, SEPTEMBER 204 865 New Implementations of the WG Stream Cipher Hayssam El-Razouk, Arash Reyhani-Masoleh, Member, IEEE, and
More informationLOSSLESS CRYPTO-DATA HIDING IN MEDICAL IMAGES WITHOUT INCREASING THE ORIGINAL IMAGE SIZE THE METHOD
LOSSLESS CRYPTO-DATA HIDING IN MEDICAL IMAGES WITHOUT INCREASING THE ORIGINAL IMAGE SIZE J.M. Rodrigues, W. Puech and C. Fiorio Laboratoire d Informatique Robotique et Microlectronique de Montpellier LIRMM,
More informationEmbedded System Hardware - Reconfigurable Hardware -
2 Embedded System Hardware - Reconfigurable Hardware - Peter Marwedel Informatik 2 TU Dortmund Germany GOPs/J Courtesy: Philips Hugo De Man, IMEC, 27 Energy Efficiency of FPGAs 2, 28-2- Reconfigurable
More informationPseudorandom Number Generation and Stream Ciphers
Pseudorandom Number Generation and Stream Ciphers Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationAssessing and. Rui Wang, Assistant professor Dept. of Information and Communication Tongji University.
Assessing and Understanding Performance Rui Wang, Assistant professor Dept. of Information and Communication Tongji University it Email: ruiwang@tongji.edu.cn 4.1 Introduction Pi Primary reason for examining
More information