Bio: Li Qiuping is an academic researcher from Hengyang Normal University. The author has contributed to research in topics: Block cipher & Encryption. The author has an hindex of 1, co-authored 8 publications receiving 7 citations.
••01 Jan 2021
TL;DR: The experimental results show that the result of power analysis attack is affected by POI, and the key can be recovered when POI is registered, and the authors can reveal the key using correlation power analysis, when targeting the diffusion layer of GIFT.
Abstract: GIFT is a new lightweight block cipher with smaller area and higher efficiency, which is very suitable for the Internet of Things (IoT) devices with constrained resources. The power analysis attack is an efficient method to extract the key from the cryptographic equipment. However, it is not easy to reveal the key by means of power analysis attack, when the cipher is implemented by hardware. In this article, we present the method of power analysis attack against GIFT. Firstly, we implemented GIFT on FPGA using the SAKURA-G board. Then, we explored the impact of point of interest (POI) on power analysis attack. We proposed the method of power analysis attack against the diffusion layer of GIFT. The experimental results show that the result of power analysis attack is affected by POI, and the key can be recovered when POI is registered. We can reveal the key using correlation power analysis, when targeting the diffusion layer of GIFT.
09 Jun 2020
TL;DR: In this paper, a method and a device for realizing a Shield block cipher generated by a novel secret key, and a readable storage medium was presented, where the Shield grouping length is designed to be 128 bits, a secret key is any length, an encryption round function is based on an SPN structure, and the encryption sequence is round secret key addition, S box replacement, row shifting and column hybrid transformation in sequence.
Abstract: The invention discloses a method and a device for realizing a Shield block cipher generated by a novel secret key, and a readable storage medium. According to the method, the Shield grouping length isdesigned to be 128 bits, a secret key is any length, an encryption round function is based on an SPN structure, and the encryption sequence is round secret key addition, S box replacement, row shifting and column hybrid transformation in sequence. The secret key expansion function divides an original secret key into three parts, generates three round secret keys by using a hash function MD5, anduses the round secret keys in different rounds of addition operation. According to the S box replacement transformation, 128-bit data replacement transformation is carried out by adopting two 4 * 4 Sboxes; the data are divided into 32 4-bit units; and along with the change of encryption/decryption rounds, the data units respectively carry out corresponding S box increasing/decreasing replacementoperation. According to the invention, the occupied area resource of the Shield cipher is small; the storage space for storing the original secret key is reduced; and the known attack can be well resisted by increasing the length of the secret key and expanding the secret key space.
19 Jun 2020
TL;DR: In this paper, a novel high-security lightweight ECEG block cipher implementation method and system and a storage medium was proposed, key expansion is carried out based on an NP difficult problem of elliptic curve discrete logarithm, and the expansion enables a password attacker to be difficult to infer what an original key is even if the password attacker obtains a key of an intermediate round, so the security of the password is further improved.
Abstract: The invention provides a novel high-security lightweight ECEG block cipher implementation method and system and a storage medium. Key expansion is carried out based on an NP difficult problem of elliptic curve discrete logarithm, and the expansion enables a password attacker to be difficult to infer what an original key is even if the password attacker obtains a key of an intermediate round, so the security of the password is further improved, and the ECDLP is applied to the field of encryption and decryption of the block password for the first time; besides, the technical scheme of the invention further provides an extended generalized Feistel structure, which is different from a conventional Feistel structure, an MDS matrix is generated after four times of iteration, the MDS matrix mainly plays a diffusion role in the whole cryptographic algorithm, and the matrix is utilized to perform column obfuscation operation. The diffusion layer formed by the MDS matrix can optimally resist differential attacks and linear attacks, and the security of the algorithm in the technical scheme can be further improved when the diffusion layer is applied to the technical scheme of the invention.
••16 Oct 2020
TL;DR: In this paper, the authors designed a multi-machine system based on the SPI (Serial Peripheral Interface) interface, which can meet the requirements of real-time applications, and the experimental results show that the system is safe and reliable.
Abstract: An IoT (Internet of Things) system is a multi-machine system composed of a master controller and multiple slave controllers. In some automatic control systems such as petroleum and electric power, the main control uses UART (Universal Asynchronous Receiver/Transmitter) to communicate with the slave controller. However, the communication rate of the UART interface is limited and the delay time is long, which affects the system’s response to external events. In order to improve the response speed of the system to external events, this paper designs a multi-machine system based on SPI (Serial Peripheral Interface) interface. First, we use the SPI interface of the microcontroller to build a communication network. The circuit structure of the system is simple, and the hardware resource consumption is low. Then, for the problem that the SPI interface cannot detect communication errors and there is no response mechanism, we designed a communication protocol to make up for these defects from the software level. Finally, we use STM32F429IGT6 as the master controller and STM32F103C8T6 as the slave controller to build the experimental platform. The experimental results show that the system is safe and reliable, and can meet the requirements of real-time applications.
31 Jul 2020
TL;DR: In this paper, a block cipher MEG implementation method and device and a storage medium are described, and a novel secret key expansion mode is provided, i.e., matrix multiplication on a finite field is carried out by using a generation matrix of a maximum distance separable code which can be used for constructing an optimal diffusion layer and an original secret key, so that the operation of expanding the original key is completed.
Abstract: The invention discloses a block cipher MEG implementation method and device and a storage medium. According to the technical scheme of the invention, a novel secret key expansion mode is provided, i.e., matrix multiplication on a finite field is carried out by using a generation matrix of a maximum distance separable code which can be used for constructing an optimal diffusion layer and an original secret key, so that the operation of expanding the original secret key is completed. An extended generalized Feistel structure is adopted, and an optimal diffusion layer is generated after four times of iteration and used for column obfuscation operation. The optimal diffusion layer not only has ideal confusion characteristics, but also has the best effect of resisting differential attacks and linear attacks, so that the security of the algorithm can be further improved. According to the technical scheme provided by the invention, when hardware is realized, the matrix used for key expansionis a cyclic matrix, and the original key can be expanded only by storing 16-bit elements, so that the storage space is saved and the resource occupation area of the algorithm is reduced while the security of the cryptographic algorithm is improved.
TL;DR: A domain-specific qualitative-quantitative threat model is proposed that aims to help the designers and manufacturers of MWBDs to identify threats and embed security in their designs in the premarket phase of the lifecycle of an MWBD.
Abstract: The landscape of miniaturized wireless biomedical devices (MWBDs), including various injectables, ingestibles, implantables, and wearables, is rapidly expanding as proactive mobile healthcare proliferates. While the growth of MWBDs increases the flexibility of medical services, the adoption of these technologies poses privacy and security risks to their users. As a result, while being restricted in resources (size, power, processing, and storage), these devices require trust and must be at least minimally secure in the face of evolving threats. Making MWBDs secure begins with threat modeling. Therefore, this research reviews and summarizes the information on threat modeling applicable to MWBDs. Then, we propose a domain-specific qualitative-quantitative threat model that aims to help the designers and manufacturers of MWBDs to identify threats and embed security in their designs in the premarket phase of the lifecycle of an MWBD. This model is tailored to a wide range of MWBDs. Among the different stakeholders, this model focuses on the user. It also prioritizes noninvasive direct attacks against telemetry interfaces. To discuss the advantages and disadvantages of the proposed model, it is compared to some other threat models. To illustrate how the model can be adopted by a threat-modeling team, it is then applied to representative case studies from each category of MWBDs. The outcomes of the performed risk analysis reveal that the model is easy to apply and sufficient to disclose threats.
TL;DR: The lightweight block cipher GIFT was used for the integrated encryption and decryption operation on an FPGA device and statistical metrics such as histogram, key sensitivity, correlation, entropy, NPCR, UACI, PSNR, MSE, and SSIM were computed.
Abstract: Nowadays, images are widely used in real-time to share vital information that can be easily attacked. Therefore, the security of image data is of prime concern. In this work, we provide hardware solutions for preserving image data. Here, the lightweight block cipher GIFT was used for the integrated encryption and decryption operation on an FPGA device. The design is capable of processing standard gray-level and RGB color image sizes of $$256 \times 256$$ , $$512 \times 512$$ , and $$1024 \times 1024$$ . Our design was implemented on Xilinx Zynq Ultrascale+ xczu9eg FPGA device available on ZCU102 SoC platform. It took 103 slices, worked up to 590 MHz of frequency and consumed 673 mW power. Statistical metrics such as histogram, key sensitivity, correlation, entropy, NPCR, UACI, PSNR, MSE, and SSIM were computed. Correlation coefficients, NPCR, UACI, and entropy values were compared to the existing solutions. The decreases in average correlation coefficient in horizontal, vertical, and diagonal directions were 99.59%, 99.97%, and 99.92%.
TL;DR: An independent third-party analysis of Grain-128AEAD against fault attacks is provided and it is indicated that the deterministic random fault attack with a precise control requires an average of 27.64 fault injections and a data complexity of 28.80.
Abstract: Grain-128AEAD is a lightweight authenticated encryption stream cipher and one of the finalists in the National Institute of Standards and Technology (NIST) Lightweight Cryptography (LWC) project. This paper provides an independent third-party analysis of Grain-128AEAD against fault attacks. We investigate the application of three differential fault attack models on Grain-128AEAD. All these attacks can recover the initial state of Grain-128AEAD. First, we demonstrate an attack using a bit-flipping fault that requires access to 27.80 faulty outputs to recover the initial state. Then, we demonstrate an attack with a more relaxed assumption of a random fault with a probabilistic approach. Our probabilistic random fault attack requires access to 211.60 faulty outputs and 210.45 fault injections to recover the initial state with a success rate over 99%. Both of the above two attacks are based on precise control on the fault target. Finally, we apply a random fault attack with a deterministic approach (can conclusively determine the random fault value) and using different precision controls. For the precise control, we use existing approaches that have been applied to other ciphers, such as Tiaoxin-346. We also propose a technique for less stringent precision models, such as moderate control and no control, which are more practical than the precise control. Our result indicates that the deterministic random fault attack with a precise control requires an average of 27.64 fault injections and a data complexity of 28.80. The deterministic random fault attack with moderate control requires a weak assumption on the fault injection and hence, is the best attack presented in this paper; and is expected to require about 29.39 fault injections with a data complexity of about 212.98. All the attacks discussed in this paper are verified experimentally.
TL;DR: In this article, the authors implemented the optimization technique of the existing GIFT cipher and throughput is considered as the performance metrics and used pipeline and sub-stage pipeline techniques for enhancing the architecture.
Abstract: The Internet of Things is an emerging area which deals with transfer of the data through the wired or wireless network. The prime thing that needs to be addressed in this is the security of the data that must be transferred within the optimized time limit. In this paper, throughput and time delay are need to be considered for the optimized data transfer and while concentrating on this, there is a possibility of allowing the data to be vulnerable to attacks. Security algorithms currently available may be adequate for the wired system and not as the same for wireless scenario. PRESENT cipher is a one of the popular cryptosystem used in wireless which falls under the light weight cryptography category. Gift cipher is an enhanced version of PRESENT cipher. Which aims that maximizing the throughput. In this, iteration structure used for encryption. This can still be improved and optimized in terms of increased data rate and reduced time delay. In this paper, implements the optimization technique of the existing GIFT cipher and throughput is considered as the performance metrics. Pipeline and sub-stage pipeline techniques are used for enhancing the architecture.
TL;DR: It is shown that CRAFT is vulnerable to side‐channel cube attacks to CRAFT with the Hamming weight leakage assumption and the set of equations that are solvable varies depending on the value of the key bits.
Abstract: Resistance against known standard attacks has become one of the criteria for measuring the security of a block cipher. Cryptanalytic attacks such as linear and differential cryptanalysis [1,2] have been used widely to facilitate such security evaluations [3– 7]. However, a cipher that can resist standard attacks may not necessarily be secure against sidechannel attacks, which exploits the weaknesses in its physical implementation. Leaked information such as timing information , power consumption [9,10], and electromagnetic leaks  can be exploited for key recovery. Ciphers which can resist standard attacks  are not necessarily secure. They can be broken from the weaknesses of their implementation, Which have been shown in . However, the feasibility of sidechannel attacks varies depending on the implementation, even if the same cipher is adopted. Nevertheless, it is important to study the capabilities of available ciphers to protect communications across various devices. Unfortunately, not all ciphers are designed to resist sidechannel attacks. In practice, additional countermeasures against sidechannel attacks are implemented, which are mostly inefficient and costly . Resistance against sidechannel attacks at the algorithmic level helps reduce implementation costs by avoiding extra countermeasures, as can be seen in ciphers such as PICARO , ZORRO , and FIDES , where countermeasures against sidechannel analysis are defined at the algorithmic level. CRAFT  is a new tweakable block cipher introduced in 2019, which can resist differential fault analysis. CRAFT is also resistant to various known standard attacks [1,28– 31]. Received: 26 November 2019 | Revised: 9 September 2020 | Accepted: 5 October 2020 DOI: 10.4218/etrij.2019-0539