Author

# 文彦 佐野

Bio: 文彦 佐野 is an academic researcher. The author has contributed to research in topics: Encryption & Key (cryptography). The author has an hindex of 4, co-authored 10 publications receiving 86 citations.

##### Papers

More filters

•

20 Aug 1998

TL;DR: In this article, the reverse transposition P-1 of a mask was used to make the cryptanalysis by differential power analysis difficult without changing the results of the data encryption processing of the conventional encryption apparatus.

Abstract: PROBLEM TO BE SOLVED: To provide a means which makes the cryptanalysis by a DPA (differential power analysis) difficult without changing the results of the data encryption processing of the conventional encryption apparatus, decryption apparatus, encryption means and decryption means. SOLUTION: Each stage function of a data agitation section is provided with a pair of the pattern of a mask (a) and the mask pattern which is a reversal of its bit. One of the pair is randomly selected by a switch SW12 every time when encryption is executed to obtain the exclusive-OR 32a of the input to an S box 29 and the selected mask pattern and to obtain the exclusive-OR 33a of the output of the S box 29 and the bit of the reverse transposition P-1 of the mask (a). The exclusive-ORs 32a, 33a are previously calculated and are recorded as a table in the S box 29. Further, the output of each stage function 5 is subjected to the exclusive-OR 43a with the mask (b) and is concealed. The influence by the mask (b) is eliminated by executing the exclusive-OR with the mask (b) again in the ensuing stage. COPYRIGHT: (C)2000,JPO

47 citations

•

24 Aug 1998

TL;DR: In this article, the problem of reducing the apparatus scale of secret keys cipher to enable the safety of the keys to be enhanced and to facilitate key management is addressed by reducing the size of the secret key cipher.

Abstract: PROBLEM TO BE SOLVED: To enable the apparatus scale of secret keys cipher to be reduced, to enable the safety of the keys to be enhanced and to facilitate key management SOLUTION: The data processor which encrypts a plaintext to a ciphertext by using the key for excryption and/or decrypts a ciphertext to a plaintext by using the key for decryption has a key conversion section 2 which is constituted by successively connecting plural involutional key conversion functions fk to execute key conversion processing and the output of the magnification key in accordance with any of the keys or the results of the key conversion and sequentially or reversally transfers the results of the key conversion among the key conversion functions and an agitation section 1 which is constituted by successively connecting the plural involutional round functions to execute the encryption processing and/or decryption processing by using the magnification key and sequentially or reversally transfers the results of the processing at the round functions fr among the round functions

8 citations

•

27 Nov 1998

TL;DR: In this paper, the authors proposed a ciphering and deciphering device which ciphers a plain text into a cipher-text and/or decodes a ciphertext into a plain plain text.

Abstract: PROBLEM TO BE SOLVED: To provide an algorithm more efficient than a simple three-staged DES-SS and also resistant to a difference attack and a linear attack, although it configures a single encription algorithm compatible to any of DES, triple DES, and DES-SS. SOLUTION: This device is a ciphering and deciphering device 10 which ciphers a plain text 21 into a cipher-text 22 and/or decipher a cipher-text into a plain text, and is provided with a 1st ciphering and deciphering means 11 for processing by ciphering or decipher processing, a 1st substituting means 12 for substituting a data for an output of the 1st ciphering and deciphering means according to a substitution table, a 2nd ciphering and deciphering means 13 for processing an output of the 1st substituting means by ciphering or deciphering, a 2nd substituting means 14 for substituting a data for the output of the 2nd ciphering and deciphering means according to a predetermined substitution table, and a 3rd ciphering and deciphering means 15 for ciphering or deciphering an output of the 2nd substituting means.

6 citations

•

13 Mar 2001

TL;DR: In this article, the problem of analyzing an integer n from power analysis and timing analysis at the time of the prime number deciding of a positive integer n is solved by keeping the integer α secret.

Abstract: PROBLEM TO BE SOLVED: To make it difficult to analyze an integer n from power analysis and timing analysis at the time of the prime number deciding of a positive integer n. SOLUTION: At the time of the prime number decision of a prime number candidate n, the prime number judgment is performed for m=nα for which n is multiplied with the integer α which can not be divided by any prime number equal to or less than n1/2 without using the prime number candidate n itself. Thus, when the integer α is kept secret, it becomes difficult to obtain the information of n from m. Thus, at the time of the prime number decision, it is made difficult to analyze the prime number candidate n from the power consumption waveform or processing time of an arithmetic operation. COPYRIGHT: (C)2002,JPO

5 citations

•

14 Mar 2001

TL;DR: In this paper, a prime number candidate Ni (i=0, 1, k-1) is not used as arithmetic data as it is but a product Mi obtained by multiplying the prime number αi to a prime candidate Ni is used for actual arithmetic.

Abstract: PROBLEM TO BE SOLVED: To prevent the leakage of information though power analysis or timing analysis is performed at prime number generation SOLUTION: At any step of arithmetic, a prime number candidate Ni (i=0, 1,, k-1) is not used as arithmetic data as it is but a product Mi obtained by multiplying a prime number αi to a prime number candidate Ni is used for actual arithmetic Thus, it becomes difficult to analyze the prime number candidate or the prime number under generation from the power consumption waveform or the processing time of the arithmetic

4 citations

##### Cited by

More filters

•

Toshiba

^{1}TL;DR: In this paper, a secret information management system is defined, which consists of a secret distribution unit which secretly distributes a data key k using a (k, n) threshold secret sharing scheme and creates n distributed keys B1, B2,..., Bn in the decryption of data D input from a user terminal.

Abstract: In a secret information management system, a secret information management apparatus comprises a secret distribution unit which secretly distributes a data key k using a (k, n) threshold secret sharing scheme and creates n distributed keys B1, B2, . . . , Bn in the decryption of data D input from a user terminal, an encryption unit which creates n encrypted distributed keys EP1(B1), EP2(B2) . . . , EPn(Bn) using n distributed manager public keys P1, P2, . . . Pn, and an encrypted data storage unit which stores encrypted data EK(D), an encrypted data key EPx(K) and the n encrypted distributed keys in association with each other.

69 citations

•

NEC

^{1}TL;DR: In this article, a delivery server encipher the data by using a current use cipher key to generate enciphered data and transmits a multicast packet containing the encoded data.

Abstract: In a multicast delivery system, A delivery server enciphers delivery data by using a current use cipher key to generate enciphered data and transmits a multicast packet containing the enciphered data and a current use key identifier indicative of a pair of the current use cipher key and a current use decipher key as current use keys A key management server holds as a current use key data, a set of the current use decipher key and the current use key identifier, and transmits a set of the current use decipher key and the current use key identifier as a current use decipherment key data in response to a current use key data request

60 citations

•

Fujitsu

^{1}TL;DR: A semiconductor integrated circuit includes a memory which stores secret data, a bus which is connected to the memory and transfers an encrypted address and encrypted data, and an updating circuit which performs a process for updating the encryption key at predetermined intervals.

Abstract: A semiconductor integrated circuit includes a memory which stores secret data, a bus which is connected to the memory and transfers an encrypted address and encrypted data, a processing unit which encrypts what is to be transmitted to the bus based on an encryption key, and decrypts what is received from the bus based on the encryption key, thereby accessing the memory, an encryption/decryption circuit which is situated between the bus and the memory, and which decrypts what is received from the bus based on the encryption key and encrypts what is transmitted to the bus based on the encryption key when the processing unit accesses the memory, and an updating circuit which performs a process for updating the encryption key at predetermined intervals.

55 citations

•

29 Aug 2007TL;DR: In this article, a common-key blockcipher processing configuration with enhanced immunity against attacks such as saturation attacks and algebraic attacks (XSL attacks) is realized, where S-boxes serving as non-linear transformation processing parts set in round-function executing parts are configured using at least two different types of s-boxes.

Abstract: A common-key blockcipher processing configuration with enhanced immunity against attacks such as saturation attacks and algebraic attacks (XSL attacks) is realized. In an encryption processing apparatus that performs common-key blockcipher processing, S-boxes serving as non-linear transformation processing parts set in round-function executing parts are configured using at least two different types of S-boxes. With this configuration, the immunity against saturation attacks can be enhanced. Also, types of S-boxes present a mixture of different types. With this configuration, the immunity against algebraic attacks (XSL attacks) can be enhanced, thereby realizing a highly secure encryption processing apparatus.

50 citations

•

29 Aug 2007TL;DR: In this article, the authors provided a highly secure cryptographic processing apparatus and method where an analysis difficulty is increased by increasing the minimum number (a robustness index against a differential attack in common key block encryption) of the active S box in the entire encryption function.

Abstract: There is provided a highly secure cryptographic processing apparatus and method where an analysis difficulty is increased. In a Feistel type common key block encrypting process in which an SPN type F function having a nonlinear conversion section and a linear conversion section is repeatedly executed a plurality of rounds. The linear conversion process of an F function corresponding to each of the plurality of rounds is performed as a linear conversion process which employs an MDS (Maximum Distance Separable) matrix, and a linear conversion process is carried out which employs a different MDS matrix at least at each of consecutive odd number rounds and consecutive even number rounds. This structure makes it possible to increase the minimum number (a robustness index against a differential attack in common key block encryption) of the active S box in the entire encrypting function.

49 citations