Search Results 1-20 of 160

  • Side-channel leakage from sensor-based countermeasures against fault injection attack

    Sugawara Takeshi , Shoji Natsu , Sakiyama Kazuo , Matsuda Kohei , Miura Noriyuki , Nagata Makoto

    In laser fault injection, an attacker injects laser to a chip implementing cryptography and exploits a fault to attack the cryptography. A promising approach to counteract fault injection attack is to …

    Microelectronics Journal (90), 63-71, 2019-08

    IR 

  • New Classes of Efficient MDS Transformations

    LI Yubo , LI Kangquan , QU Longjiang , LI Chao

    … <p>MDS transformation plays an important role in resisting against differential cryptanalysis (DC) and linear cryptanalysis (LC). … Moreover, they obtained an MDS transformation which is related to a linear function and the inverse is as lightweight as itself. … Based on this work, we consider one specific form of linear functions to get the diffusion layer with low XOR gates for the hardware implementation by using temporary registers. …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E102.A(11), 1504-1511, 2019

    J-STAGE 

  • Related-Key Differential Attack on Round-Reduced Bel-T-256

    ABDELKHALEK Ahmed , TOLBA Mohamed , YOUSSEF Amr M.

    … In this work, we use a Mixed Integer Linear Programming (MILP) approach to find a a related-key differential characteristic that extends for 4 rounds and 5 S-box layers ($4 \frac{5}{7}$ rounds) with probability higher than 2<sup>-128</sup>. … According to the best of our knowledge, this is the first public cryptanalysis of Bel-T in the black-box attack model.</p> …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E101.A(5), 859-862, 2018

    J-STAGE 

  • Impossible Differential Attack on Reduced Round SPARX-128/256

    ELSHEIKH Muhammad , TOLBA Mohamed , M. YOUSSEF Amr

    … SPARX has been developed using ARX-based S-boxes with the aim of achieving provable security against single-trail differential and linear cryptanalysis. …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E101.A(4), 731-733, 2018

    J-STAGE 

  • Improved Multiple Impossible Differential Cryptanalysis of Midori128

    TOLBA Mohamed , ABDELKHALEK Ahmed , M. YOUSSEF Amr

    … By exploiting the special structure of the S-boxes and the binary linear transformation layer in Midori128, we present impossible differential distinguishers that cover 7 full rounds including the mix column operations. …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E100.A(8), 1733-1737, 2017

    J-STAGE 

  • A Meet-in-the-Middle Attack on Reduced-Round Kalyna-<i>b</i>/2<i>b</i>

    ALTAWY Riham , ABDELKHALEK Ahmed , YOUSSEF Amr M.

    … We also exploit the linear relation between consecutive odd and even indexed round keys, which enables us to attack seven rounds and recover all the round keys incrementally. …

    IEICE Transactions on Information and Systems E99.D(4), 1246-1250, 2016

    J-STAGE 

  • Efficient Implementations for Practical Linear Cryptanalysis and Its Application to FEAL-8X

    SAKIKOYAMA Sho , TODO Yosuke , AOKI Kazumaro , MORII Masakatu

    Linear cryptanalysis proposed by Matsui is one of the most effective attacks on block ciphers. … Some attempts to improve linear cryptanalysis have been made since Matsui introduced. … We focus on how to optimize linear cryptanalysis with such techniques, and we apply the optimized linear cryptanalysis on FEAL-8X. …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E99.A(1), 31-38, 2016

    J-STAGE 

  • Better Lattice Constructions for Solving Multivariate Linear Equations Modulo Unknown Divisors

    TAKAYASU Atsushi , KUNIHIRO Noboru

    … At CaLC 2001, Howgrave-Graham proposed the polynomial time algorithm for solving univariate linear equations modulo an unknown divisor of a known composite integer, the so-called partially approximate common divisor problem. … So far, two forms of multivariate generalizations of the problem have been considered in the context of cryptanalysis. … The first is simultaneous modular univariate linear equations, whose polynomial time algorithm was proposed at ANTS 2012 by Cohn and Heninger. …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E97.A(6), 1259-1272, 2014

    J-STAGE 

  • Improving Impossible Differential Cryptanalysis with Concrete Investigation of Key Scheduling Algorithm and Its Application to Lblock

    Chen Jiageng , Futa Yuichi , Miyaji Atsuko , Su Chunhua

    … Impossible differential cryptanalysis has been proved to be one of the most powerful techniques to attack block ciphers. … Impossible differential cryptanalysis is powerful not only because the number of rounds it can break is very competitive compared to other attacks, but also unlike differential attacks which are statistical attacks in the essential, impossible differential analysis does not require many statistical assumptions. …

    Lecture Notes in Computer Science (8792), 184-197, 2014

    IR 

  • Improvement and Evaluation of Mutable S-box  [in Japanese]

    NAKABAYASHI TAKEAKI , SAITO RYO , NAGASE TOMOYUKI

    本研究では,ユーザが使用する暗号鍵によって出力値が変化するように,AESのS-boxを発展させた,New Mutable S-boxを提案した.New Mutable S-boxは,AESのS-boxよりも差分/線形攻撃法への耐性があることを確認している.また,プログラム上でAESに実装し,暗号における安全性評価の基本となる乱数性の評価を行った結果として,基のAESと同等の乱数性を持つことが確認さ …

    IEICE technical report. Information and communication management 113(23), 193-198, 2013-05-09

  • Guess and Determine Attack on Simplified Stream Cipher KCipher-2 with Non Linear Function  [in Japanese]

    伊藤 竜馬 , 岩切 宗利

    … In the previous study, we suggested the bit slice cryptanalysis based on Guess and Determine Attack without clock control estimate on simplified K2 which made except for Substitution and Permutation Functions. … In this study, we improved the previous method, investigated a method of Guess and Determine Attack on simplified KCipher-2 with non linear function, could break the experimental model. …

    研究報告マルチメディア通信と分散処理(DPS) 2013-DPS-154(7), 1-7, 2013-03-07

  • Guess and Determine Attack on Simplified Stream Cipher KCipher-2 with Non Linear Function  [in Japanese]

    伊藤 竜馬 , 岩切 宗利

    … In the previous study, we suggested the bit slice cryptanalysis based on Guess and Determine Attack without clock control estimate on simplified K2 which made except for Substitution and Permutation Functions. … In this study, we improved the previous method, investigated a method of Guess and Determine Attack on simplified KCipher-2 with non linear function, could break the experimental model. …

    研究報告コンピュータセキュリティ(CSEC) 2013-CSEC-60(7), 1-7, 2013-03-07

  • Provable Security against Cryptanalysis with Impossible Differentials

    AOKI Kazumaro

    … This letter discusses with cryptanalysis with impossible differentials. … This letter first introduces the measure that can evaluate the resistance against cryptanalysis with impossible differentials. … Then, we propose a construction that resists cryptanalysis with impossible differentials. … Moreover, a cipher that is based on the construction also provably resists differential cryptanalysis and linear cryptanalysis. …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences 96(1), 233-236, 2013-01-01

    J-STAGE  References (12)

  • Cryptanalysis on Common Key Ciphers  [in Japanese]

    KANEKO Toshinobu

    共通鍵ブロック暗号の安全性評価技術は,全数探索法とショートカット法に分類される.ショートカット法は,暗号アルゴリズムの内部構造の知識を利用して,攻撃の効率化を図る方法である.本稿では,1990 年以降の代表的な,ショートカット法である,差分攻撃,線形攻撃,高階差分攻撃から最近の,AES に対する関連鍵攻撃やBiclique 攻撃まで,その原理を紹介する.

    IEICE ESS Fundamentals Review 7(1), 14-29, 2013

    J-STAGE 

  • Cryptanalysis of a GL(r,Z_n)-Based Public Key System

    KAMAL Abdel Alim , YOUSSEF Amr

    IEICE transactions on fundamentals of electronics, communications and computer sciences 95(4), 829-831, 2012-04-01

    References (6)

  • An exhaustive search method to find all small solutions of a multivariate modular linear equation

    Zhang Hui , Takagi Tsuyoshi

    … We present an exhaustive search method to find all small solutions of a multivariate modular linear equation over the integers on the basis of lattice enumeration technique. …

    JSIAM Letters 4(0), 37-40, 2012

    J-STAGE 

  • Cryptanalysis of a <i>GL</i>(<i>r</i>,Z<i><sub>n</sub></i>)-Based Public Key System

    KAMAL Abdel Alim , YOUSSEF Amr

    … Keith Salvin presented a key exchange protocol using matrices in the general linear group, <i>GL</i>(<i>r</i>,Z<i><sub>n</sub></i>), where <i>n</i> … linear equations in 2<i>r</i> …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E95.A(4), 829-831, 2012

    J-STAGE 

  • Finding Higher Order Differentials of MISTY1

    TSUNOO Yukiyasu , SAITO Teruo , KAWABATA Takeshi , NAKAGAWA Hirokatsu

    … MISTY1 is a 64-bit block cipher that has provable security against differential and linear cryptanalysis. …

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E95.A(6), 1049-1055, 2012

    J-STAGE 

  • Security Level Evaluation of a Mutable S-box  [in Japanese]

    鎌田 真吾 , 山内 志保 , 長瀬 智行

    コンピュータセキュリティシンポジウム2011 論文集 2011(3), 223-228, 2011-10-12

    IPSJ 

  • L-021 Security evaluation of Enocoro against Differential Linear Cryptanalysis  [in Japanese]

    Tokuda Kouhei , Kaneko Toshinobu

    Enocoroは日立製作所によって2007年にISECで提案されたストリーム暗号向け擬似乱数生成器である。パラメータ指定アルゴリズムとしてEnocoro-80/128v1.1/v2が提案されている。本稿では、Enocoro-80/128v1.1について差分線形攻撃耐性評価を行った。その際、最良差分線形パスを与える可能性が高い、バッファb_7のみ、b_<17>のみactiveとしたパスを …

    情報科学技術フォーラム講演論文集 10(4), 221-224, 2011-09-07

    IPSJ 

Page Top