The SubBytes (S-box) transformation is the most crucial operation in the AES algorithm, significantly impacting the implementation performance of AES chips. To design a high-performance S-box, a segmented optimization...The SubBytes (S-box) transformation is the most crucial operation in the AES algorithm, significantly impacting the implementation performance of AES chips. To design a high-performance S-box, a segmented optimization implementation of the S-box is proposed based on the composite field inverse operation in this paper. This proposed S-box implementation is modeled using Verilog language and synthesized using Design Complier software under the premise of ensuring the correctness of the simulation result. The synthesis results show that, compared to several current S-box implementation schemes, the proposed implementation of the S-box significantly reduces the area overhead and critical path delay, then gets higher hardware efficiency. This provides strong support for realizing efficient and compact S-box ASIC designs.展开更多
Reconfigurable computing has grown to become an important and large field of research, it offers advantages over traditional hardware and software implementations of computational algorithms. The Advanced Encryption S...Reconfigurable computing has grown to become an important and large field of research, it offers advantages over traditional hardware and software implementations of computational algorithms. The Advanced Encryption Standard (AES) algorithm is widely applied in government department and commerce. This paper analyzed the AES algorithms with different cipher keys, adopted a novel key scheduler that generated the round key real-time, proposed a dynamically reconfigurable encryption system which supported the AES algorithm with different cipher keys, and designed the architecture of the reconfigurable system. The dynamically reconfigurable AES system had been realized on FPGA. The result proves that the reconfigurable AES system is flexible, lower cost and high security level.展开更多
A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential pro...A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential probability (LDP). Moreover, we present a new method for upper bounding the maximum linear-differential probability (MLDP) for 2 rounds of substitution permutation network (SPN) cipher structure. When our result applies to 2-round advanced encryption standard(AES), It is shown that the upper bound of MLDP is up to 1.68×2^-19, which extends the known results for the 2-round SPN. Furthermore, when using a recursive technique, we obtain that the MLDP for 4 rounds of AES is bounded by 2^-73.展开更多
Securing digital data from unauthorized access throughout its entire lifecycle has been always a critical concern.A robust data security system should protect the information assets of any organization against cybercr...Securing digital data from unauthorized access throughout its entire lifecycle has been always a critical concern.A robust data security system should protect the information assets of any organization against cybercriminal activities.The Twofish algorithm is one of the well-known symmetric key block cipher cryptographic algorithms and has been known for its rapid convergence.But when it comes to security,it is not the preferred cryptographic algorithm to use compared to other algorithms that have shown better security.Many applications and social platforms have adopted other symmetric key block cipher cryptographic algorithms such as the Advanced Encryption Standard(AES)algorithm to construct their main security wall.In this paper,a new modification for the original Twofish algorithm is proposed to strengthen its security and to take advantage of its fast convergence.The new algorithm has been named Split-n-Swap(SnS).Performance analysis of the new modification algorithm has been performed using different measurement metrics.The experimental results show that the complexity of the SnS algorithm exceeds that of the original Twofish algorithm while maintaining reasonable values for encryption and decryption times as well as memory utilization.A detailed analysis is given with the strength and limitation aspects of the proposed algorithm.展开更多
Application of embedded systems is faced with multiple threats against security. To solve this problem, this article proposes a new program memory encryption mechanism (PEM) to enhance the security of embedded proce...Application of embedded systems is faced with multiple threats against security. To solve this problem, this article proposes a new program memory encryption mechanism (PEM) to enhance the security of embedded processor. The new mechanism encrypts all the programs via a secure cache structure. It not only caches the instructions read from the off-chip memory, but also stores the pad values used to encrypt the plaintext. It effectively accelerates encryption and reduces the performance overhead. Besides the encryption, PEM also monitors the program modifications and reset behaviors to reduce the risk of vicious tamper. The experiment indicates that PEM has an average of 2.3 % performance improvement and results in a 25.71% power reduction in the write-back stage. The new scheme offers a good balance between performance and security. It is fully practicable for embedded processor.展开更多
Data security plays a vital role in the current scenario due to the advanced and sophisticated data access techniques. Present development in data access is always a threat to data that are stored in electronic device...Data security plays a vital role in the current scenario due to the advanced and sophisticated data access techniques. Present development in data access is always a threat to data that are stored in electronic devices. Among all the forms of data, image is an important aspect that still needs methodologies to be stored securely. This work focuses on a novel technique to secure images using inter block difference and advanced encryption standard (AES). The AES algorithm is chosen for encryption since there is no prevalent attack that is successful in analyzing it. Instead of encrypting the entire image, only a part of the image is encrypted. The proposed work is found to reduce the encryption overhead in a significant way and at the same time preserves the safety of the image. It is also observed that the decryption is done in an efficient and time preserving manner.展开更多
Due to its provable security and remarkable device-independence,masking has been widely accepted as a noteworthy algorithmic-level countermeasure against side-channel attacks.However,relatively high cost of masking se...Due to its provable security and remarkable device-independence,masking has been widely accepted as a noteworthy algorithmic-level countermeasure against side-channel attacks.However,relatively high cost of masking severely limits its applicability.Considering the high tackling complexity of non-linear operations,most masked AES implementations focus on the security and cost reduction of masked S-boxes.In this paper,we focus on linear operations,which seems to be underestimated,on the contrary.Specifically,we discover some security flaws and redundant processes in popular first-order masked AES linear operations,and pinpoint the underlying root causes.Then we propose a provably secure and highly efficient masking scheme for AES linear operations.In order to show its practical implications,we replace the linear operations of state-of-the-art first-order AES masking schemes with our proposal,while keeping their original non-linear operations unchanged.We implement four newly combined masking schemes on an Intel Core i7-4790 CPU,and the results show they are roughly 20%faster than those original ones.Then we select one masked implementation named RSMv2 due to its popularity,and investigate its security and efficiency on an AVR ATMega163 processor and four different FPGA devices.The results show that no exploitable first-order side-channel leakages are detected.Moreover,compared with original masked AES implementations,our combined approach is nearly 25%faster on the AVR processor,and at least 70%more efficient on four FPGA devices.展开更多
With the large scale adoption of Internet of Things(IoT)applications in people’s lives and industrial manufacturing processes,IoT security has become an important problem today.IoT security significantly relies on th...With the large scale adoption of Internet of Things(IoT)applications in people’s lives and industrial manufacturing processes,IoT security has become an important problem today.IoT security significantly relies on the security of the underlying hardware chip,which often contains critical information,such as encryption key.To understand existing IoT chip security,this study analyzes the security of an IoT security chip that has obtained an Arm Platform Security Architecture(PSA)Level 2 certification.Our analysis shows that the chip leaks part of the encryption key and presents a considerable security risk.Specifically,we use commodity equipment to collect electromagnetic traces of the chip.Using a statistical T-test,we find that the target chip has physical leakage during the AES encryption process.We further use correlation analysis to locate the detailed encryption interval in the collected electromagnetic trace for the Advanced Encryption Standard(AES)encryption operation.On the basis of the intermediate value correlation analysis,we recover half of the 16-byte AES encryption key.We repeat the process for three different tests;in all the tests,we obtain the same result,and we recover around 8 bytes of the 16-byte AES encryption key.Therefore,experimental results indicate that despite the Arm PSA Level 2 certification,the target security chip still suffers from physical leakage.Upper layer application developers should impose strong security mechanisms in addition to those of the chip itself to ensure IoT application security.展开更多
文摘The SubBytes (S-box) transformation is the most crucial operation in the AES algorithm, significantly impacting the implementation performance of AES chips. To design a high-performance S-box, a segmented optimization implementation of the S-box is proposed based on the composite field inverse operation in this paper. This proposed S-box implementation is modeled using Verilog language and synthesized using Design Complier software under the premise of ensuring the correctness of the simulation result. The synthesis results show that, compared to several current S-box implementation schemes, the proposed implementation of the S-box significantly reduces the area overhead and critical path delay, then gets higher hardware efficiency. This provides strong support for realizing efficient and compact S-box ASIC designs.
基金Supported by the National Natural Science Foun-dation of China (60374008)
文摘Reconfigurable computing has grown to become an important and large field of research, it offers advantages over traditional hardware and software implementations of computational algorithms. The Advanced Encryption Standard (AES) algorithm is widely applied in government department and commerce. This paper analyzed the AES algorithms with different cipher keys, adopted a novel key scheduler that generated the round key real-time, proposed a dynamically reconfigurable encryption system which supported the AES algorithm with different cipher keys, and designed the architecture of the reconfigurable system. The dynamically reconfigurable AES system had been realized on FPGA. The result proves that the reconfigurable AES system is flexible, lower cost and high security level.
基金Supported by the National Natural Science Foun-dation of China(60503010) and the Foundation of National Laboratory for Modern communications(51436030105DZ0105)
文摘A new attack on block ciphers is introduced, which is termed linear-differential cryptanalysis. It bases the combining of linear cryptanalysis and differential cryptanalysis, and works by using linear-differential probability (LDP). Moreover, we present a new method for upper bounding the maximum linear-differential probability (MLDP) for 2 rounds of substitution permutation network (SPN) cipher structure. When our result applies to 2-round advanced encryption standard(AES), It is shown that the upper bound of MLDP is up to 1.68×2^-19, which extends the known results for the 2-round SPN. Furthermore, when using a recursive technique, we obtain that the MLDP for 4 rounds of AES is bounded by 2^-73.
文摘Securing digital data from unauthorized access throughout its entire lifecycle has been always a critical concern.A robust data security system should protect the information assets of any organization against cybercriminal activities.The Twofish algorithm is one of the well-known symmetric key block cipher cryptographic algorithms and has been known for its rapid convergence.But when it comes to security,it is not the preferred cryptographic algorithm to use compared to other algorithms that have shown better security.Many applications and social platforms have adopted other symmetric key block cipher cryptographic algorithms such as the Advanced Encryption Standard(AES)algorithm to construct their main security wall.In this paper,a new modification for the original Twofish algorithm is proposed to strengthen its security and to take advantage of its fast convergence.The new algorithm has been named Split-n-Swap(SnS).Performance analysis of the new modification algorithm has been performed using different measurement metrics.The experimental results show that the complexity of the SnS algorithm exceeds that of the original Twofish algorithm while maintaining reasonable values for encryption and decryption times as well as memory utilization.A detailed analysis is given with the strength and limitation aspects of the proposed algorithm.
基金supported by the National Natural Science Foundation of China (60973034)the Program for New Century Excellent Talents in University (NCET-07-0328)
文摘Application of embedded systems is faced with multiple threats against security. To solve this problem, this article proposes a new program memory encryption mechanism (PEM) to enhance the security of embedded processor. The new mechanism encrypts all the programs via a secure cache structure. It not only caches the instructions read from the off-chip memory, but also stores the pad values used to encrypt the plaintext. It effectively accelerates encryption and reduces the performance overhead. Besides the encryption, PEM also monitors the program modifications and reset behaviors to reduce the risk of vicious tamper. The experiment indicates that PEM has an average of 2.3 % performance improvement and results in a 25.71% power reduction in the write-back stage. The new scheme offers a good balance between performance and security. It is fully practicable for embedded processor.
文摘Data security plays a vital role in the current scenario due to the advanced and sophisticated data access techniques. Present development in data access is always a threat to data that are stored in electronic devices. Among all the forms of data, image is an important aspect that still needs methodologies to be stored securely. This work focuses on a novel technique to secure images using inter block difference and advanced encryption standard (AES). The AES algorithm is chosen for encryption since there is no prevalent attack that is successful in analyzing it. Instead of encrypting the entire image, only a part of the image is encrypted. The proposed work is found to reduce the encryption overhead in a significant way and at the same time preserves the safety of the image. It is also observed that the decryption is done in an efficient and time preserving manner.
基金National Natural Science Foundation of China(No.61632020,No.U1936209 and No.62002353)Beijing Natural Science Foundation(No.4192067).
文摘Due to its provable security and remarkable device-independence,masking has been widely accepted as a noteworthy algorithmic-level countermeasure against side-channel attacks.However,relatively high cost of masking severely limits its applicability.Considering the high tackling complexity of non-linear operations,most masked AES implementations focus on the security and cost reduction of masked S-boxes.In this paper,we focus on linear operations,which seems to be underestimated,on the contrary.Specifically,we discover some security flaws and redundant processes in popular first-order masked AES linear operations,and pinpoint the underlying root causes.Then we propose a provably secure and highly efficient masking scheme for AES linear operations.In order to show its practical implications,we replace the linear operations of state-of-the-art first-order AES masking schemes with our proposal,while keeping their original non-linear operations unchanged.We implement four newly combined masking schemes on an Intel Core i7-4790 CPU,and the results show they are roughly 20%faster than those original ones.Then we select one masked implementation named RSMv2 due to its popularity,and investigate its security and efficiency on an AVR ATMega163 processor and four different FPGA devices.The results show that no exploitable first-order side-channel leakages are detected.Moreover,compared with original masked AES implementations,our combined approach is nearly 25%faster on the AVR processor,and at least 70%more efficient on four FPGA devices.
基金This work was partially supported by the National Natural Science Foundation of China(Nos.61872243 and U1713212)Guangdong Basic and Applied Basic Research Foundation(No.2020A1515011489)+1 种基金the Natural Science Foundation of Guangdong Province-Outstanding Youth Program(No.2019B151502018)Shenzhen Science and Technology Innovation Commission(No.R2020A045).
文摘With the large scale adoption of Internet of Things(IoT)applications in people’s lives and industrial manufacturing processes,IoT security has become an important problem today.IoT security significantly relies on the security of the underlying hardware chip,which often contains critical information,such as encryption key.To understand existing IoT chip security,this study analyzes the security of an IoT security chip that has obtained an Arm Platform Security Architecture(PSA)Level 2 certification.Our analysis shows that the chip leaks part of the encryption key and presents a considerable security risk.Specifically,we use commodity equipment to collect electromagnetic traces of the chip.Using a statistical T-test,we find that the target chip has physical leakage during the AES encryption process.We further use correlation analysis to locate the detailed encryption interval in the collected electromagnetic trace for the Advanced Encryption Standard(AES)encryption operation.On the basis of the intermediate value correlation analysis,we recover half of the 16-byte AES encryption key.We repeat the process for three different tests;in all the tests,we obtain the same result,and we recover around 8 bytes of the 16-byte AES encryption key.Therefore,experimental results indicate that despite the Arm PSA Level 2 certification,the target security chip still suffers from physical leakage.Upper layer application developers should impose strong security mechanisms in addition to those of the chip itself to ensure IoT application security.