16,636 research outputs found
A new method for format preserving encryption in high-data rate communications
In some encryption systems it is necessary to preserve the format and length of the encrypted data. This kind of encryption is called FPE (Format Preserving Encryption). Currently, only two AES (Advanced Encryption Standard) modes of operation recommended by the NIST (National Institute of Standards and Technology) are able to implement FPE algorithms, FF1 and FF3. These modes work in an electronic codebook fashion and can be configured to encrypt databases with an arbitrary format and length. However, there are no stream cipher proposals able to implement FPE encryption for high data rate information flows. The main novelty of this work is a new block cipher operation mode proposal to implement an FPE algorithm in a stream cipher fashion. It has been called CTR-MOD and it is based on a standard block cipher working in CTR (Counter) mode and a modulo operation. The confidentiality of this mode is analyzed in terms of its IND- CPA (Indistinguishability under Chosen Plaintext Attack) advantage of any adversary attacking it. Moreover, the encryption scheme has been implemented on an FPGA (Field Programmable Gate Array) and has been integrated in a Gigabit Ethernet interface to test an encrypted optical link with a real high data rate traffic flow
An efficient 2048-bit block cipher
An Advanced Encryption Standard (AES) has been the most popular block cipher in the last two decades. It has been extensively analyzed and efficiently implemented. Since 2000, an AES has been preset to be upgradable from the current 128-bit key to 192-bit key and finally 256-bit key on the same 128-bit plain text-cipher text block. A new call for 256-bit standard symmetric cipher is expected by 2030. Currently, an input file runs in kilobytes. It is apparent that a more practical cipher is much needed in handling daily task of protecting an important document from a user stand point of view without having to go through technical knowledge of encryption. A symmetric cipher has been traditionally operated on a small block. In this paper, however, a new
proposal on a large 2048-bit block cipher using 256-bit key is presented
A Faster Version of Rijndael Cryptographic Algorithm Using Cyclic Shift and Bitwise Operations
Doing arithmetic in finite field is the key part to the implementation of
communication and coding system including the newly developed Rijndael the
Advanced Encryption Standard (AES). This encryption standard uses
KeyExpansion, ByteSub, Mixcolumn and Shiftrow functions which consists of
XOR, inverse, multiplying and swap modules. Among them, inverse and
multiplier are the most complex modules with longer delay. These modules are
included in the Mixcolumn function. From the proposal of AES, the
Mixcolumn function was suggested to solve the problem of delay by using
look-up tables. This function can be integrated into a bigger table to replace the
calculations of inverse and multiply operations, if it provides enough memory.
In fact, too many tables are needed for various irreducible polynomials that this
system is not flexible and expandable. The area for lookup tables becomes huge when multiple round units are implemented. This research proposes the use of
cyclic shift and bit wise XOR operation as new approach to replace the lookup
table. The principle benefit of using this new approach over the transform from
Rijndael block cipher is speed. This new approach has shown the excellent
result, which faster then Rijndael. The new approach algorithm speed
increment has consistently increased in between 18% to 22% microsecond for
encryption and 30% to 34% for decryption compared to Rijndael algorithm
Hardware architecture implemented on FPGA for protecting cryptographic keys against side-channel attacks
This paper presents a new hardware architecture designed for protecting the key of cryptographic algorithms against attacks by side-channel analysis (SCA). Unlike previous approaches already published, the fortress of the proposed architecture is based on revealing a false key. Such a false key is obtained when the leakage information, related to either the power consumption or the electromagnetic radiation (EM) emitted by the hardware device, is analysed by means of a classical statistical method. In fact, the trace of power consumption (or the EM) does not reveal any significant sign of protection in its behaviour or shape. Experimental results were obtained by using a Virtex 5 FPGA, on which a 128-bit version of the standard AES encryption algorithm was implemented. The architecture could easily be extrapolated to an ASIC device based on standard cell libraries. The system is capable of concealing the real key when various attacks are performed on the AES algorithm, using two statistical methods which are based on correlation, the Welch’s t-test and the difference of means.Peer ReviewedPostprint (author's final draft
FAST: Disk Encryption and Beyond
This work introduces \sym{FAST} which is a new family of tweakable enciphering schemes. Several instantiations of \sym{FAST} are
described. These are targeted towards two goals, the specific task of disk encryption and a more general scheme suitable for
a wide variety of practical applications. A major contribution of this work is to present detailed and careful software implementations of
all of these instantiations. For disk encryption, the results from the implementations show
that \sym{FAST} compares very favourably to the IEEE disk encryption standards XCB and EME2 as well as the more recent proposal
AEZ.
\sym{FAST} is built using a fixed input length pseudo-random function
and an appropriate hash function. It uses a single-block key, is parallelisable and can be instantiated using only the encryption
function of a block cipher.
The hash function can be instantiated using either the Horner\u27s rule based usual polynomial hashing or hashing based on the more efficient
Bernstein-Rabin-Winograd polynomials. Security of \sym{FAST} has been rigorously analysed using the standard provable security
approach and concrete security bounds have been derived.
Based on our implementation results, we put forward \sym{FAST} as a serious candidate for standardisation and deployment
A new countermeasure against side-channel attacks based on hardware-software co-design
This paper aims at presenting a new countermeasure against Side-Channel Analysis (SCA) attacks, whose implementation is based on a hardware-software co-design. The hardware architecture consists of a microprocessor, which executes the algorithm using a false key, and a coprocessor that performs several operations that are necessary to retrieve the original text that was encrypted with the real key. The coprocessor hardly affects the power consumption of the device, so that any classical attack based on such power consumption would reveal a false key. Additionally, as the operations carried out by the coprocessor are performed in parallel with the microprocessor, the execution time devoted for encrypting a specific text is not affected by the proposed countermeasure. In order to verify the correctness of our proposal, the system was implemented on a Virtex 5 FPGA. Different SCA attacks were performed on several functions of AES algorithm. Experimental results show in all cases that the system is effectively protected by revealing a false encryption key.Peer ReviewedPreprin
Revisiting Shared Data Protection Against Key Exposure
This paper puts a new light on secure data storage inside distributed
systems. Specifically, it revisits computational secret sharing in a situation
where the encryption key is exposed to an attacker. It comes with several
contributions: First, it defines a security model for encryption schemes, where
we ask for additional resilience against exposure of the encryption key.
Precisely we ask for (1) indistinguishability of plaintexts under full
ciphertext knowledge, (2) indistinguishability for an adversary who learns: the
encryption key, plus all but one share of the ciphertext. (2) relaxes the
"all-or-nothing" property to a more realistic setting, where the ciphertext is
transformed into a number of shares, such that the adversary can't access one
of them. (1) asks that, unless the user's key is disclosed, noone else than the
user can retrieve information about the plaintext. Second, it introduces a new
computationally secure encryption-then-sharing scheme, that protects the data
in the previously defined attacker model. It consists in data encryption
followed by a linear transformation of the ciphertext, then its fragmentation
into shares, along with secret sharing of the randomness used for encryption.
The computational overhead in addition to data encryption is reduced by half
with respect to state of the art. Third, it provides for the first time
cryptographic proofs in this context of key exposure. It emphasizes that the
security of our scheme relies only on a simple cryptanalysis resilience
assumption for blockciphers in public key mode: indistinguishability from
random, of the sequence of diferentials of a random value. Fourth, it provides
an alternative scheme relying on the more theoretical random permutation model.
It consists in encrypting with sponge functions in duplex mode then, as before,
secret-sharing the randomness
Self-Partial and Dynamic Reconfiguration Implementation for AES using FPGA
This paper addresses efficient hardware/software implementation approaches for the AES (Advanced Encryption Standard) algorithm and describes the design and performance testing algorithm for embedded system. Also, with the spread of reconfigurable hardware such as FPGAs (Field Programmable Gate Array) embedded cryptographic hardware became cost-effective. Nevertheless, it is worthy to note that nowadays, even hardwired cryptographic algorithms are not so safe. From another side, the self-reconfiguring platform is reported that enables an FPGA to dynamically reconfigure itself under the control of an embedded microprocessor. Hardware acceleration significantly increases the performance of embedded systems built on programmable logic. Allowing a FPGA-based MicroBlaze processor to self-select the coprocessors uses can help reduce area requirements and increase a system's versatility. The architecture proposed in this paper is an optimal hardware implementation algorithm and takes dynamic partially reconfigurable of FPGA. This implementation is good solution to preserve confidentiality and accessibility to the information in the numeric communication
- …