A TUTORIAL ON LINEAR AND DIFFERENTIAL CRYPTANALYSIS

In this paper, we present a detailed tutorial on linear cryptanalysis and differential cryptanalysis, the two most significant attacks applicable to symmetric-key block ciphers. The intent of the paper is to present a lucid explanation of the attacks, detailing the practical application of the attacks to a cipher in a simple, conceptually revealing manner for the novice cryptanalyst. The tutorial is based on the analysis of a simple, yet realistically structured, basic Substitution-Permutation Network cipher. Understanding the attacks as they apply to this structure is useful, as the Rijndael cipher, recently selected for the Advanced Encryption Standard (AES), has been derived from the basic SPN architecture. As well, experimental data from the attacks is presented as confirmation of the applicability of the concepts as outlined.     

低成本有源RFID双向认证加密方案

针对射频识别(RFID)系统自身在认证和通信过程中存在的安全隐患问题,提出了一种低成本、高效、安全的RFID节点间身份认证与数据加密方案。该方案采用改进的椭圆曲线Diffie-Hellman(ECDH)算法与高级加密标准(AES)相结合的方式实现密钥分发、身份认证、通信加密功能,同时采用动态密钥算法增强了通信过程中的安全性。此外,该方案在不破坏安全强度的情况下缩减了运算规模,减少了系统资源开销。验证表明,该方案资源开销低,能够抵抗重放、假冒、中间人、拒绝服务等攻击,在对安全性能及低成本有一定要求的物联网领域具有一定的实用意义。     

Faults, Injection Methods, and Fault Attacks

An active attacker can induce errors during the computation of the cryptographic algorithm and exploit the faulty results to extract information about the secret key in embedded systems. We call this kind of attack a fault attack. Fault attacks can break an unprotected system more quickly than any other kind of side-channel attack such as simple power analysis (SPA), differential power analysis (DPA), or electromagnetic analysis (EMA). For example, the attacker can break RSA-CRT (RSA with Chinese Remainder Theorem) with one faulty result, and Data Encryption Standard (DES) and Advanced Encryption Standard (AES) with two. Furthermore, the protection of fault attacks is more costly in terms of chip area. Here, we survey fault injection methods, types of faults, and fault attack models.     

AES加密算法电路设计

AES(Advanced Encryption Standard)加密算法是美国国家标准与技术研究所(NIST)用于加密电子数据的最新规范,用于取代加密安全性已经日渐降低的DES(Data Encryption Standard)算法。本文主要讨论AES算法的电路设计。AES加解密可以共用一套电路并且某些步骤可以合并。     

抗差分功耗分析攻击的AES S盒电路设计

提出一种抗差分功耗分析攻击的高级加密标准(AES)异步S盒电路。采用复合域算法实现精简的S盒结构,通过引入单轨异步流水线降低整个S盒的功耗,在单轨电路中局部采用异步双轨电路,利用随机数控制下的数据扰乱机制,改善电路的抗差分功耗分析攻击性能,建立S盒差分功耗分析攻击仿真平台,对设计的相关性能进行了仿真验证和测试。     

THE ADVANCED ENCRYPTION STANDARD

In this paper, we describe the Advanced Encryption Standard (AES), which has been approved after an international competition by the National Institute of Standards and Technology.     

IMPOSSIBLE DIFFERENTIAL CRYPTANALYSIS OF MINI-AES

Impossible differential cryptanalysis is one of the cryptanalysis methods that are applicable to the new Advanced Encryption Standard (AES). In this paper, we present an introduction to the method by applying it on Mini-AES, the mini version of the AES published in Cryptologia recently.     

一种抗DPA及HO-DPA攻击的AES算法实现技术

对Akkar提出的基于随机掩码的AES(Advanced Encryption Standard)算法实现技术进行了安全性分析,指出了可行的DPA(differential power analysis)及HO-DPA(high order DPA)攻击.在此基础上,提出了AES算法的一种改进实现技术,其核心是用不同的随机量对密码运算过程中的中间结果进行掩码,以消除AES算法实现中可被功耗攻击的漏洞.在各随机量相互独立且服从均匀分布的前提下,进一步证明了改进的实现技术能够有效抗DPA及HO-DPA攻击;给出了改进实现中所需的大量随机量的产生技术.与其他典型防护技术相比,改进的AES算法实现以一定的芯片面积开销获得了高安全性.     

高级数据加密标准的差分电磁分析

为研究高级数据加密标准(AES)针对电磁旁路攻击的脆弱性,分析了微处理器的电磁信息泄漏模型和攻击AES时D函数的选择问题.针对PHILIPS 89C51实现的AES-128密码系统,采用差分电磁分析的方法进行了密码破译实验,成功获得了128位密钥.经分析发现AES的字节替代变换可产生密钥泄露,为密码系统实施相关防护措施提供了依据.     

抗电磁侧信道攻击的AES S盒设计

根据改进的动态差分掩码防护逻辑以及集成电路的半定制流程设计高级加密标准S盒,采用TSMC0.18 μm工艺实现基于3种不同逻辑单元的S盒,并对其抗电磁侧信道攻击性能进行评估.实验结果表明,基于掩码防护逻辑的S盒电磁辐射与输入数据相互独立,能克服双轨电路信号线不平衡导致的信息泄漏问题,从而增强电路的抗电磁侧信道攻击能力.     

Reducing the exhaustive key search of the Data Encryption Standard (DES)

The Data Encryption Standard (DES) is among the most popular encryption method that has become the de facto standard to protect confidential information ranging from Automatic Teller Machines (ATMs) and smart cards to emails and online websites. Although recently a successor — the Advanced Encryption Standard (AES) has emerged, DES and its variants remain being used in various applications as the complete roll out of the AES will take some years to materialize. To date, the only practical attack on the DES is the exhaustive key search. In this paper, we exploit a recently presented sliding property of the DES key schedule to show that the exhaustive key search of the DES can be further reduced from previous known results.     

AES专用指令处理器的研究与实现

随着加密算法在嵌入式可信计算领域的广泛应用,如何提高其执行效率成为研究的热点问题.高级加密标准(AES)凭借其在安全性、费用开销和可执行性等方面的内在优势,成为使用最为广泛的对称密钥加密算法.采用指令集架构(ISA)扩展优化的方法对AES算法进行指令扩展优化.基于电子系统级(ESL)方法设计流程,使用基于LISA语言的处理器生成工具构建了一个高效AES专用指令处理器(AES_ASIP)模型,最终实现于FPGA中.经过一系列的仿真和验证,对比ARM处理器指令集架构,实验结果显示AES_ASIP以增加少许硬件资源为代价,提高了算法58.4x%的执行效率并节省了47.4x%的指令代码存储空间.     

基于高级加密标准的混合加密系统的实现

本文运用VC++设计实现了网络通信数据加密系统,该系统对高级加密标准AES与公钥加密算法RSA相结合对数据加密,用RSA和单向散列函数MD5实现文件的数字签名。     

MINI ADVANCED ENCRYPTION STANDARD (MINI-AES): A TESTBED FOR CRYPTANALYSIS STUDENTS

In this paper, we present a mini version of Rijndael, the symmetric-key block cipher selected as the Advanced Encryption Standard (AES) recently. Mini-AES has all the parameters significantly reduced while at the same time preserving its original structure. It is meant to be a purely educational cipher and is not considered secure for actual applications. The purpose is such that once undergraduate students and amateur cryptanalysts have grasped the basic principles behind how Mini-AES works, it will be easy for them to move on to the real AES. At the same time, an illustration of how the Square attack can be applied to Mini-AES is presented in the hope that Mini-AES would also serve as a testbed for students to begin their cryptanalysis efforts.     

A high-speed AES design resistant to fault injection attacks

To secure the Advanced Encryption Standard against physical attacks known as fault injection attacks, different countermeasures have been proposed. The AES is used in many embedded systems to provide security. It has become the default choice for security services in numerous applications. However, the natural and malicious injected faults reduce its robustness and may cause private information leakage. In this paper, we study the concurrent fault detection schemes for achieving a reliable AES implementation. We specifically propose a new fault detection scheme based on modification of the AES architecture. For this purpose, the round AES transformation is broken into two parts and a pipeline stage is inserted in between.The proposed scheme is independent of the way the S-Box and the Inv_S-Box are implemented. Hence, it can be used for both the S-Box and the Inv_S-Box using Look-Up Table and those using logic gates based on Galois Fields. Our simulation results show the fault coverage reaches 98.54% for the proposed scheme. Moreover, the proposed and the previously reported fault detection schemes have been implemented on the most recent Xilinx Virtex FPGAs. Their area overhead, the frequency and throughput have been compared and it is shown that the proposed fault detection scheme outperform the previously reported ones.     

Robust codes and robust,fault-tolerant architectures of the Advanced Encryption Standard

Hardware implementations of cryptographic algorithms are vulnerable to fault analysis attacks. Methods based on traditional fault-tolerant architectures are not suited for protection against these attacks. To detect these attacks we propose an architecture based on robust nonlinear systematic error-detecting codes. These nonlinear codes are capable of providing uniform error detecting coverage independently of the error distributions. They make no assumptions about what faults or errors will be injected by an attacker. Architectures based on these robust constructions have fewer undetectable errors than linear codes with the same n, k. We present the general properties and construction methods of these codes as well as their application for the protection of a cryptographic devices implementing the Advanced Encryption Standard.     

AES加密算法的研究与实现

分析了AWS加密算法的代数结构及其在实现上的一些弱点。最后指出当前分析中急待解决和信受关注的问题。     

王CC与AES混合加密算法在射频CPU卡安全机制扣的应用

针对无线射频CPU卡自身及其在射频识~IJ（RFID）的过程中存在的安全隐患问题,提出了一种将椭圆曲线加密算法（ECC）与高级加密标准（AES）相结合的混合加密算法．该方法用高密钥效率的ECC算法加密射频CPU卡中的重要信息,再用AES算法加密射频CPU卡与读写器之间的通讯信息,在通讯的过程中重要的信息经过了ECC和AES双重加密,攻击者即使得到射频卡或者截获信息,也不能很快就得到有用的信息．实验结果表明,该方法有效地提高了射频CPU卡自身及其在通信过程中的安全性及抵御攻击的可能性,充分发挥了混合加密算法的优势．     

FPGA implementation of highly scalable AES algorithm using modified mix column with gate replacement technique for security application in TCP/IP

Field Programmable Gate Arrays (FPGA) offers a faster, increasingly adjustable arrangement. Earlier Data Encryption Standard (DES) algorithms have been developed, however it could not keep up with advancement in a technology and it is no longer appropriate for security. With this motivation, this work developed an efficient FPGA implementation of Advanced Encryption Standard (AES) targets to investigate a huge number of security processes followed in the TCP/IP protocol suite and to suggest a novel new architecture for the existing version. The first contribution of the studies turned into to provide the safety for packages of the utility layer protocols. The AES cryptographic encryption, decryption and key management set of rules to for the safety of transmission control protocol/internet protocol (TCP/IP) protocol suite turned into carried out. AES is one of the maximum famous cryptographic algorithms used for records safety. The cost and consumption of power in the AES can be decreased substantially by way of optimizing the structure of AES. This research article projects an implementation based on modification in Mix column in AES techniques which gives a compact structure with efficient mix column Boolean expression the usage of resource sharing architecture and gate replacement method. The ON-chip power utilization and area overhead of the proposed hardware implementation outperforms the preceding work performed in this area. The proposed architecture have been carried out on the most latest virtex 6 lower power Field programmable gate array (FPGA), whereas overhead and on-chip utilization of power are compared with the previous works and it is proved that proposed method has lower area utilization and ON-Chip utilization of power.     

New impossible differential attacks on reduced-round Crypton

Crypton is a 128-bit block cipher which was submitted to the Advanced Encryption Standard competition. In this paper, we present two new impossible differential attacks to reduced-round Crypton. Using two new observations on the diffusion layer of Crypton, exploiting a 4-round impossible differential, and appropriately choosing three additional rounds, we mount the first impossible differential attack on 7-round Crypton. The proposed attacks require 2¹²¹ chosen plaintexts each. The first attack requires 2^125.2 encryptions. We then utilize more pre-computation and memory to reduce the time complexity to 2^116.2 encryptions in the second attack.