23 research outputs found

    Techniques for random maskin in hardware

    No full text
    A new technique for Boolean random masking of the logic AND operation in terms of NAND logic gates is presented and its potential for masking arbitrary cryptographic functions is pointed out. The new technique is much more efficient than a previously known technique, recently applied to AES. It is also applied for masking the integer addition. In addition, new techniques for the conversions from Boolean to arithmetic random masking and vice versa are developed. They are hardware oriented and do not require additional random bits. Unlike the previous, software-oriented techniques showing a substantial difference in the complexity of the two conversions, they have a comparable complexity being about the same as that of one integer addition only. All the techniques proposed are in theory secure against the first-order differential power analysis on the logic gate level. They can be applied in hardware implementations of various cryptographic functions, including AES, (keyed) SHA-1, IDEA, and RC6

    Vectorial Boolean Functions and Induced Algebraic Equations

    No full text
    A general mathematical framework behind algebraic cryptanalytic attacks is developed. The framewor

    New paradigms for digital generation and post-processing of random data

    No full text
    A new method for digital true random number generation based on asynchronous logic circuits with feedback is introduced. In particular, a concrete technique using the so-called Fibonacci and Galois ring oscillators is developed and experimentally tested in FPGA technology. The generated random binary sequences inherently have a high speed and a very high and robust entropy rate in comparison with previous proposals for digital random number generators. A new method for digital post-processing of random data based on non-autonomous synchronous logic circuits with feedback is also introduced and a concrete technique using a self-clock-controlled linear feedback shift register is proposed. The post-processing can provide both randomness extraction and computationally secure speed increase of input random data

    Multiplicative Masking and Power Analysis of AES

    No full text
    The recently proposed multiplicative masking counter measure against power analysis attacks on AES is interesting as it does not require the costly recomputation and RAM storage of S-boxes for every run of AES. This is important for applications where the available space is very limited such as the smart card applications. Unfortunately, it is here shown that this method is in fact inherently vulnerable to differential power analysis. Other possible random masking methods are also discussed

    Techniques for Random Masking in Hardware

    No full text

    Iterative Probabilistic Reconstruction of RC4 Internal States

    No full text
    It is shown that an improved version of a previously proposed iterative probabilistic algorithm, based on forward and backward probability recursions along a short keystream segment, is capable of reconstructing the RC4 internal states from a relatively small number of known initial permutation entries. Given a modulus NN, it is argued that about N/3N/3 and N/10N/10 known entries are sufficient for success, for consecutive and specially generated entries, respectively. The complexities of the corresponding guess-and-determine attacks are analyzed and, e.g., for N=256N=256, the data and time complexities are (conservatively) estimated to be around D241D \approx 2^{41}, C2689C \approx 2^{689} and D2211D \approx 2^{211}, C2262C \approx 2^{262}, for the two types of guessed entries considered, respectively

    Exact Probabilistic Analysis of Memoryless Combiners

    No full text

    Vectorial fast correlation attacks

    No full text
    A new, vectorial approach to fast correlation attacks on binary memoryless combiners is proposed. Instead of individual input sequences or their linear combinations, the new attack is targeting subsets of input sequences as a whole, thus exploiting the full correlation between the chosen subset and the output sequence. In particular, all the input sequences can be targeted simultaneously. The attack is based on a novel iterative probabilistic algorithm which is also applicable to general memoryless combiners over finite fields or finite rings. Experimental results obtained for randomly chosen binary combiners with balanced combining functions show that the vectorial approach yields a considerable improvement in comparison with the classical, scalar approach
    corecore