This page has only limited features, please log in for full access.
Since Advanced Encryption Standard (AES) in stream modes, such as counter (CTR), output feedback (OFB) and cipher feedback (CFB), can meet most industrial requirements, the range of applications for dedicated stream ciphers is decreasing. There are many attack results using algebraic properties and side channel information against stream ciphers for hardware applications. Al-Hinai et al. presented an algebraic attack approach to a family of irregularly clock-controlled linear feedback shift register systems: the stop and go generator, self-decimated generator and alternating step generator. Other clock-controlled systems, such as shrinking and cascade generators, are indeed vulnerable against side channel attacks. To overcome these threats, new clock-controlled systems were presented, e.g., the generalized alternating step generator, cascade jump-controlled generator and mutual clock-controlled generator. However, the algebraic attack could be applied directly on these new systems. In this paper, we propose a new clock-controlled generator: the switching generator, which has resistance to algebraic and side channel attacks. This generator also preserves both security properties and the efficiency of existing clock-controlled generators.
Jun Choi; Dukjae Moon; Seokhie Hong; Jaechul Sung. The Switching Generator: New Clock-Controlled Generator with Resistance against the Algebraic and Side Channel Attacks. Entropy 2015, 17, 3692 -3709.
AMA StyleJun Choi, Dukjae Moon, Seokhie Hong, Jaechul Sung. The Switching Generator: New Clock-Controlled Generator with Resistance against the Algebraic and Side Channel Attacks. Entropy. 2015; 17 (6):3692-3709.
Chicago/Turabian StyleJun Choi; Dukjae Moon; Seokhie Hong; Jaechul Sung. 2015. "The Switching Generator: New Clock-Controlled Generator with Resistance against the Algebraic and Side Channel Attacks." Entropy 17, no. 6: 3692-3709.
In this paper, we evaluate the security of lightweight block ciphers mCrypton and LED against biclique cryptanalysis. In cases of mCryton-64/96/128, our attacks require computational complexities of \(2^{63.18}, 2^{94.81}\) and \(2^{126.56}\) , respectively. These results are the first known biclique cryptanalytic results on mCrypton. The attack on a 29-round reduced LED-64 needs \(2^{63.58}\) 29-round reduced LED-64 encryptions. In the cases of LED-80/96/128, we propose the attacks on two versions. First, to recover the secret key of 45-round reduced LED-80/96/128, our attacks require computational complexities of \(2^{79.45}, 2^{95.45}\) and \(2^{127.45}\) , respectively. To attack the full version, we require computational complexities of \(2^{79.37}, 2^{95.37}\) and \(2^{127.37}\) , respectively. However, in these cases, we need the full codebook. These results are superior to known biclique cryptanalytic results on LED.
Kitae Jeong; HyungChul Kang; Changhoon Lee; Jaechul Sung; Seokhie Hong; Jong In Lim. Weakness of lightweight block ciphers mCrypton and LED against biclique cryptanalysis. Peer-to-Peer Networking and Applications 2013, 8, 716 -732.
AMA StyleKitae Jeong, HyungChul Kang, Changhoon Lee, Jaechul Sung, Seokhie Hong, Jong In Lim. Weakness of lightweight block ciphers mCrypton and LED against biclique cryptanalysis. Peer-to-Peer Networking and Applications. 2013; 8 (4):716-732.
Chicago/Turabian StyleKitae Jeong; HyungChul Kang; Changhoon Lee; Jaechul Sung; Seokhie Hong; Jong In Lim. 2013. "Weakness of lightweight block ciphers mCrypton and LED against biclique cryptanalysis." Peer-to-Peer Networking and Applications 8, no. 4: 716-732.
PRESENT is a hardware-optimized 64-bit lightweight block cipher which supports 80- and 128-bit secret keys. In this paper, we propose a differential fault analysis (DFA) on PRESENT-80/128. The proposed attack is based on a 2-byte random fault model. In detail, by inducing several 2-byte random faults in input registers after 28 rounds, our attack recovers the secret key of the target algorithm. From simulation results, our attacks on PRESENT-80/128 can recover the secret key by inducing only two and three 2-byte random faults, respectively. These are superior to known DFA results on them.
Kitae Jeong; Yuseop Lee; Jaechul Sung; Seokhie Hong. Improved differential fault analysis on PRESENT-80/128. International Journal of Computer Mathematics 2013, 90, 2553 -2563.
AMA StyleKitae Jeong, Yuseop Lee, Jaechul Sung, Seokhie Hong. Improved differential fault analysis on PRESENT-80/128. International Journal of Computer Mathematics. 2013; 90 (12):2553-2563.
Chicago/Turabian StyleKitae Jeong; Yuseop Lee; Jaechul Sung; Seokhie Hong. 2013. "Improved differential fault analysis on PRESENT-80/128." International Journal of Computer Mathematics 90, no. 12: 2553-2563.
In this paper, we propose a new bimodal cryptographic algorithm BAT. BAT provides a hash function BAT-H and a block cipher BAT-B. Moreover, according to some parameters, it is possible to combine BAT-H and BAT-B to one integrated module. Thus, the algorithm is suitable for various environments, such as RFID and USN, where a hash function and a block cipher are required simultaneously. From our implementation results, our integrated module is more efficient than the case of the combination of known dedicated hash functions and block ciphers.
Jesang Lee; Kitae Jeong; Jinkeon Kang; Yuseop Lee; Jaechul Sung; Ku-Young Chang; Seokhie Hong. BAT: Bimodal Cryptographic Algorithm Suitable for Various Environments. Lecture Notes in Electrical Engineering 2012, 371 -387.
AMA StyleJesang Lee, Kitae Jeong, Jinkeon Kang, Yuseop Lee, Jaechul Sung, Ku-Young Chang, Seokhie Hong. BAT: Bimodal Cryptographic Algorithm Suitable for Various Environments. Lecture Notes in Electrical Engineering. 2012; ():371-387.
Chicago/Turabian StyleJesang Lee; Kitae Jeong; Jinkeon Kang; Yuseop Lee; Jaechul Sung; Ku-Young Chang; Seokhie Hong. 2012. "BAT: Bimodal Cryptographic Algorithm Suitable for Various Environments." Lecture Notes in Electrical Engineering , no. : 371-387.
A Korean standard block cipher ARIA is a 128-bit block cipher supporting 128-, 192- and 256-bit secret keys. It is well known that an attacker should obtain at least four consecutive round keys or particular two round keys in order to recover the secret key of ARIA-128. In this paper, we propose the method to recover the secret key by using only the last round key. The proposed method is based on a guess-and-determine attack, which requires the computational complexity of $ O\left( {2^{68} } \right) $ . To our knowledge, this result did not introduced so far.
HyungChul Kang; Yuseop Lee; Kitae Jeong; Jaechul Sung; Seokhie Hong. Security Analysis of the Keyschedule of ARIA-128. Lecture Notes in Electrical Engineering 2012, 243 -251.
AMA StyleHyungChul Kang, Yuseop Lee, Kitae Jeong, Jaechul Sung, Seokhie Hong. Security Analysis of the Keyschedule of ARIA-128. Lecture Notes in Electrical Engineering. 2012; ():243-251.
Chicago/Turabian StyleHyungChul Kang; Yuseop Lee; Kitae Jeong; Jaechul Sung; Seokhie Hong. 2012. "Security Analysis of the Keyschedule of ARIA-128." Lecture Notes in Electrical Engineering , no. : 243-251.
In FDTC 2011, Hemme et al. proposed differential fault analysis on SHA-1 compression function. Based on word-oriented fault models, this attack can recover the chaining value and the input message block of SHA-1 compression function with 1,002 random word fault injections. In this paper, we show that their attack can be applied to HAS-160 compression function. As a result, our attack can extract the chaining value and the input message block of it with about 1,000 random word fault injections. This is the first known cryptanalytic result on HAS-160 by using side channel attacks.
Jinkeon Kang; Kitae Jeong; Jaechul Sung; Seokhie Hong. Differential Fault Analysis on HAS-160 Compression Function. Lecture Notes in Electrical Engineering 2012, 97 -105.
AMA StyleJinkeon Kang, Kitae Jeong, Jaechul Sung, Seokhie Hong. Differential Fault Analysis on HAS-160 Compression Function. Lecture Notes in Electrical Engineering. 2012; ():97-105.
Chicago/Turabian StyleJinkeon Kang; Kitae Jeong; Jaechul Sung; Seokhie Hong. 2012. "Differential Fault Analysis on HAS-160 Compression Function." Lecture Notes in Electrical Engineering , no. : 97-105.
SEED is a Korean standard block cipher, and it is chosen as a 128-bit ISO/IEC standard block cipher together with AES and Camellia. In this paper, we propose a differential fault analysis on SEED on the basis of the bit-oriented model. Our fault model on SEED-128 is more flexible than the previous fault model on SEED-128. And our attack results on SEED-192/256 are the first known cryptanalytic results. From the simulation results, our attack on SEED-128 can recover a 128-bit secret key within a few seconds by inducing four faults. However, the computational complexities of our attack on SEED-192/256 are impractical.
Kitae Jeong; Yuseop Lee; Jaechul Sung; Seokhie Hong. Differential fault analysis on block cipher SEED. Mathematical and Computer Modelling 2012, 55, 26 -34.
AMA StyleKitae Jeong, Yuseop Lee, Jaechul Sung, Seokhie Hong. Differential fault analysis on block cipher SEED. Mathematical and Computer Modelling. 2012; 55 (1-2):26-34.
Chicago/Turabian StyleKitae Jeong; Yuseop Lee; Jaechul Sung; Seokhie Hong. 2012. "Differential fault analysis on block cipher SEED." Mathematical and Computer Modelling 55, no. 1-2: 26-34.
In this paper we introduce a general framework of related-key attack on block-wise stream ciphers which are suitable for the protection of multimedia and ubiquitous systems. As a case study, we show how our cryptanalytic framework is applied to a block-wise stream cipher TWOPRIME: we construct various related-key differentials of TWOPRIME and use them to show that recovering related keys of TWOPRIME can be performed with a data complexity of 214 known plaintext blocks and a time complexity of 232 8-bit table lookups. We expect that our general framework for a related-key attack would be useful tool for analyzing many of block-wise stream ciphers.
Deok Gyu Lee; Jongsung Kim; Jaechul Sung; Yang Sun Lee; Seungmin Rho. Cryptanalysis of block-wise stream ciphers suitable for the protection of multimedia and ubiquitous systems. Telecommunication Systems 2010, 44, 297 -306.
AMA StyleDeok Gyu Lee, Jongsung Kim, Jaechul Sung, Yang Sun Lee, Seungmin Rho. Cryptanalysis of block-wise stream ciphers suitable for the protection of multimedia and ubiquitous systems. Telecommunication Systems. 2010; 44 (3):297-306.
Chicago/Turabian StyleDeok Gyu Lee; Jongsung Kim; Jaechul Sung; Yang Sun Lee; Seungmin Rho. 2010. "Cryptanalysis of block-wise stream ciphers suitable for the protection of multimedia and ubiquitous systems." Telecommunication Systems 44, no. 3: 297-306.
Normally, it has been believed that the initial values of cryptographic schemes do not need to be managed secretly unlike the secret keys. However, we show that multiple modes of operation of block ciphers can suffer a loss of security by the state of the initial values. We consider several attacks according to the environment of the initial values; known-IV attack, known-in-advance-IV attack, and replayed-and-known-IV attack. Our attacks on cascaded three-key triple modes of operation requires 3-7 blocks of plaintexts (or ciphertexts) and 3 · 256-9 · 256 encryptions. We also give the attacks on multiple modes proposed by Biham.
Deukjo Hong; Seokhie Hong; Wonil Lee; Sangjin Lee; Jongin Lim; Jaechul Sung; Okyeon Yi. Known-IV, Known-in-Advance-IV, and Replayed-and-Known-IV Attacks on Multiple Modes of Operation of Block Ciphers. Journal of Cryptology 2006, 19, 441 -462.
AMA StyleDeukjo Hong, Seokhie Hong, Wonil Lee, Sangjin Lee, Jongin Lim, Jaechul Sung, Okyeon Yi. Known-IV, Known-in-Advance-IV, and Replayed-and-Known-IV Attacks on Multiple Modes of Operation of Block Ciphers. Journal of Cryptology. 2006; 19 (4):441-462.
Chicago/Turabian StyleDeukjo Hong; Seokhie Hong; Wonil Lee; Sangjin Lee; Jongin Lim; Jaechul Sung; Okyeon Yi. 2006. "Known-IV, Known-in-Advance-IV, and Replayed-and-Known-IV Attacks on Multiple Modes of Operation of Block Ciphers." Journal of Cryptology 19, no. 4: 441-462.