Learn More
This paper presents the results of applying an attack against the Data Encryption Standard (DES) implemented in some applications, using side-channel information based on CPU delay as proposed in [11]. This cryptanalysis technique uses side-channel information on encryption processing to select and collect effective plaintexts for cryptanalysis, and infers(More)
This paper reports impossible differential cryptanalysis on the 128-bit block cipher CLEFIA that was proposed in 2007, including new 9-round impossible differentials for CLEFIA, and the result of an impossible differential attack using them. For the case of a 128-bit key, it is possible to apply the impossible differential attack to CLEFIA reduced to 12(More)
This paper presents a cryptanalysis of the Salsa20 stream cipher proposed in 2005. Salsa20 was submitted to eSTREAM, the ECRYPT Stream Cipher Project. The cipher uses bitwise XOR, addition modulo 2 32 , and constant-distance rotation operations on an internal state of 16 32-bit words. It is reported that there is a significant bias in the differential(More)
We propose message authentication codes (MACs) that combine a block cipher and an additional (keyed or unkeyed) permutation. Our MACs are provably secure if the block cipher is pseudorandom and the additional permutation has a small differential probability. We also demonstrate that our MACs are easily implemented with AES and its 4-round version to obtain(More)
This paper reports the greater bias found in the output sequence of VMPC, a modified RC4 stream cipher proposed in 2004. Using the bias with approximately 2 38 output bytes allows us to distinguish VMPC from truly random sequence. Distinguishing attack can also break RC4A, an algorihm based on RC4, more efficiently than any existing attacks. With about 2 23(More)
A concrete attack using side channel information from cache memory behaviour was proposed for the first time at ISITA 2002. The attack uses the difference between execution times associated with S-box cache-hits and cache-misses to recover the intermediate key. Recently, a theoretical estimation of the number of messages needed for the attack was proposed(More)
This paper reports impossible differential cryptanalysis on the 128-bit block cipher CLEFIA that was proposed in 2007. It is known that there are the 9-round impossible differentials in CLEFIA. This paper presents the several results of impossible differential attacks using multiple impossible differentials. For key lengths of 128, 192 and 256 bits, it is(More)
SUMMARY H.264/AVC is the newest video coding standard. There are many new features in it which can be easily used for video encryp-tion. In this paper, we propose a new scheme to do video encryption for H.264/AVC video compression standard. We define Unequal Secure En-cryption (USE) as an approach that applies different encryption schemes (with different(More)
In 2005, Gong proposed an RC4-like stream cipher capable of fast operation on a 32/64-bit processor. This stream cipher solved the RC4 problem of difficult 32/64-bit processing, a problem once thought impossible to solve. Operation of the cipher on 32- and 64-bit processors is about 3.1 and 6.2 times as fast, respectively, as that of the RC4 cipher.(More)