ZHOU Zhou,HE Yi-fan,SHEN Hai-bin,ZHAO Xu-xin

DOI: https://doi.org/10.3969/j.issn.1005-9490.2007.04.089

2007-01-01

Abstract:SMS4 algorithm is the domestic encryption standard released for WLAN use.An inner-round pipelined,high-speed engine is proposed after analyzing the features of this algorithm.By using pipelined or parallel multi-engines,throughput and hardware cost can be easily adjusted according to different applications.Compared with the 32-stage pipelined structure,hardware cost is much lower under the same throughput.Moreover,the SMS4 encryption/decryption system can easily fit in a low-cost Spartan II XC2S50 FPGA in a single-engine implementation.

Huafei Zhu,Lixin Ran,Yumin Wang

IF: 1.019

1999-01-01

Chinese Journal of Electronics

Abstract:Cryptographic hash functions are very important for cryptographic protocols such as signature scheme and message authentication. Based on the pioneer work of X. Lai et al., a new framework of hash algorithm is developed in this paper. In our hash scheme, an extra pseudorandom keystream generator is not needed which may be more conveniently for practical use. We have proved that the security of the new hash scheme is equivalent to that of feedback shift registers (FSRs) controlled by 2m - bit security keys.

Jingbin Zhang,Meng Ma,Ping Wang

DOI: https://doi.org/10.1007/978-3-030-05755-8_11

2018-01-01

Abstract:The SM4 block cipher algorithm used in IEEE 802.11i standard is released by the China National Cryptographic Authority and is one of the most important symmetric cryptographic algorithms in China. However, whether in the round encryption or key expansion phase of the SM4 algorithm, a large number of bit operations on the registers (e.g., circular shifting) are required. These operations are not effective to encryption in scenarios with large-scale data. In traditional implementations of SM4, different operands are assigned to different words and are processed serially, which can bring redundant operations in the process of encryption and decryption. Bit-slice technology places the same bit of multiple operands into one word, which facilitates bit-level operations in parallel. Bit-slice is actually a single instruction parallel processing technology for data, hence it can be accelerated by the CPU’s multimedia instructions. In this paper, we propose a fast implementation of the SM4 algorithm using bit-slice techniques. The experiment proves that the Bit-slice based SM4 is more efficient than the original version. It increases the encryption and decryption speed of the message by an average of 80%–120%, compared with the original approach.

Nengyuan Sun,Wenrui Liu,Jiafeng Cheng,Zhaokang Peng,Chunyang Wang,Caiban Sun,Heng Sha,Zhiyuan Pan,Ming Jin,Hongyang Zhao,Jinghe Wang,Yiming Wen,Pengliang Kong,Yunfeng Zhao,Yaoqiang Wang,Selcuk Kose,Weize Yu

DOI: https://doi.org/10.1002/cta.3962

IF: 2.378

2024-02-02

International Journal of Circuit Theory and Applications

Abstract:Regular SM4 cryptographic circuit is pretty vulnerable to higher order power attacks. The robustness of the proposed SM4 architecture against fourth‐order power attacks can be reinforced significantly by embedding four random number generators. In this letter, a novel secret merchant‐4 (SM4) cryptographic circuit implementation is proposed against higher order power analysis attacks (PAAs). Four different random number generators (RNGs) are embedded into the SM4 architecture for breaking the correlation between the processed data and monitored power dissipation against PAAs. Firstly, fake keys are created by the first RNG to scramble the critical information related with the actual secret key. Furthermore, the second RNG controls the implementations of substitution boxes (Sboxes) with composite fields or look‐up tables randomly while the third RNG randomizes the substitution locations with respect to these Sboxes. Ultimately, the fourth RNG randomly swaps the behaviors of the fake SM4 and true SM4 to further break the critical correlation. Under the assistance of the four embedded RNGs, the proposed SM4 cryptographic architecture is capable of resisting against fourth‐order PAAs effectively with a 300 Mbps throughput and 165,354 μ m2 area after synthesizing in the TSMC 90 nm process design kits (PDK).

engineering, electrical & electronic

Rongmao CHEN,Yi WANG,Xinyi HUANG

DOI: https://doi.org/10.1360/ssi-2022-0282

2023-01-01

Abstract:SM2 cryptographic algorithms have become vital in achieving independently controllable security for national networks and information systems. However, recent studies have shown that in a real-world implementation, the SM2 encryption algorithm might suffer from effective algorithm substitution attacks, which enable attackers to obtain the randomness used in the next-round encryption from the current ciphertext, and thus could decrypt all the successive ciphertexts without a decryption key. A cryptographic reverse firewall has been considered a useful tool to defend against such an attack by rerandomizing a ciphertext, which, however, is incompatible with the CCA security of the SM2 encryption algorithm. To tackle this problem, this work improves the SM2 encryption algorithm for Replayable-CCA (RCCA) security, which could offer a similar security guarantee as CCA while supporting ciphertext rerandomizability for using cryptographic reverse firewalls. The core idea is to apply the OAEP three-round design paradigm by Phan et al. to the context of the SM2 encryption algorithm and rigorously prove its RCCA security in the random oracle model. The proposed scheme is the first rerandomizable RCCA-secure public-key encryption scheme based on SM serial algorithms and could help enhance the security of the SM2 encryption algorithm in real-world applications.

Weijun Shan,Chi Zhang,Qing Li,Jun Yu

DOI: https://doi.org/10.1109/icnisc57059.2022.00103

2022-01-01

Abstract:This paper presents a lightweight countermeasure scheme of SM4 cryptographic algorithm against side channel analysis attacks. SM4 is one of the widely used block ciphers in information computing and data communication. However, as it is usually implemented in cryptographic devices, it is definitely under the threat of side channel analysis attacks. Some schemes of implementations have been provided as the countermeasures against the side channel analysis attacks, which leads to a relatively complicated realization on both cost and performance. This paper proposes a new mask scheme for SM4 implementation with lightweight cost and low performance loss. Experiment results show the effectiveness of the method against the side channel analysis attacks.

Ruolin Zhang,Zejun Xiang,Shasha Zhang,Xiangyong Zeng,Min Song

DOI: https://doi.org/10.1049/2024/7047055

2024-06-25

IET Information Security

Abstract:The SM4 block cipher is standardized in ISO/IEC, and it is also the national standard of commercial cryptography in China. In this paper, we propose two new techniques called "split‐and‐join" and "off‐peak and stagger" to make SM4 more applicable to resource‐constrained environments. The area optimization method uses a 1‐bit data path while reducing the number of registers from 64 to 8 and the number of XOR gates from 194 to 8. As a result, we report a 1‐bit‐serial SM4 encryption circuit that occupies 1771 GE with a latency of 2,336 cycles. Additionally, the "off‐peak and stagger" technique compresses all the operations within the state update and key schedule into 32 clock cycles to reduce the latency. In other words, it takes 32 clock cycles to complete one round encryption. The new circuit occupies 1861 GE with a latency of 1,344 cycles. Moreover, we also discuss how to further reduce the latency by increasing the data path with a small area overhead to provide wider area‐latency tradeoffs for SM4. Our designs make SM4 competitive with many ciphers specifically designed for lightweight cryptography.

computer science, information systems, theory & methods

Chenpeng Xue,Ning Jiang,Xiaoyan Zhao,Anke Zhao,Yanhua Hong,Qiu Kun

DOI: https://doi.org/10.1364/cleopr.2018.f2d.2

2018-01-01

Abstract:We propose a new stream-cipher generation scheme based on the correlated physical random bit generation with synchronized chaotic lasers and pseudo-random bit extension RC4 algorithm. The proposed scheme shows high-security, extensible rate and strong robustness.

Xiaoxuan Lou,Fan Zhang,Guorui Xu,Ziyuan Liang,Xinjie Zhao,Shize Guo,Kui Ren

DOI: https://doi.org/10.1007/978-3-030-42921-8_29

2020-01-01

Abstract:Block ciphers with Feistel structures are vulnerable to a specific type of cache attacks named differential cache attacks. The attacks leverage side-channel leakages from cache and differential property of cipher component to reveal the master key of cipher. In this paper, we combine the algebraic analysis to enhance the attacks, and propose a novel method named Algebraic Differential Cache Attack (ADCA). By converting both cipher and cache leakages to algebraic equations, ADCA can reveal the cipher key automatically with the help of the SAT solver, which allows the analysis on much deeper rounds and makes a considerable reduction in attack complexity. When it is applied to the block cipher SM4, 10 plaintexts are enough to reveal the master key in 8-rounds analysis, while the traditional differential cache attack needs 20 ones. Finally, to eliminate the impact from noise, an error-tolerant method is proposed to deduce cache events from the leakage traces. It vastly enhances the robustness of attack, and makes the attack more practical. The experimental results show that the error-tolerant ADCA can correctly reveal the master key even when the uncertainty rate of cache events reaches to 60%.

Xiaojing Hu,Lizhao Liu,Ying Wang,Maoqing Li,Tianhua Zhang

DOI: https://doi.org/10.4304/jsw.6.10.1961-1968

2011-01-01

Abstract:To solve the problem of traditional stream ciphers can not transmit through the public channel and the construction of high-strength cipher key generator, the paper presents the minimum power clock function driven by a parallel clock-control sequence and chaotic cascade function made of multiple Logistic function, which are used to built the self-reference model and chaotic module; it designs an adapt controller independent of the key generator and encrypt module, achieve controlling encryption and transmission process by multi-threaded code; it makes a high-strength key generator with sure differential transformation and pseudo-random horizontal level disturbance wheel key method of AES and S-box of Camellia, which makes the sub-key and the key generator's internal station become vogue and uncertain within controlled area that does not depend on the secret channel, the model achieves an exponential growth in the key space and the same application scope of traditional stream cipher model. The new protocol model features can be seen under the actual operation of modifying RC4 and real-time RC5 algorithm.

LIANG Hao,WU Li-ji,ZHANG Xiang-min

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2015.05.004

2015-01-01

Abstract:In this paper, a new method based on composite field is proposed. Through isomorphism bit matrices, the calculation by changing finite field inversion from GF(28) to GF(((22)2)2) is simplified to reduce the computational difficulty and a more compact S-box is realized. The area decreases by 27% than Look-up Table. On the basis of that, the SM4 algorithm is implemented. The area of this IP core is only 7 612 gates synthesized under the smic0.13 μmCMOS process. Therefore this improved design is very helpful for area-limited condition such as IC cards.

Zehong (Zephyr) Qiu,Fan Zhang

DOI: https://doi.org/10.46586/tches.v2023.i3.570-596

2023-01-01

Abstract:Algebraic Fault Analysis (AFA) is a cryptanalysis for block ciphers proposed by Courtois et al., which incorporates algebraic cryptanalysis to overcome the complexity of manual analysis within the context of Differential Fault Analysis (DFA). The effectiveness of AFA on lightweight block ciphers has been demonstrated. However, the complexity of the algebraic systems prevents it from attacking heavyweight block ciphers efficiently. In this paper, we propose a novel cryptanalysis called Redundancies-assisted Algebraic Fault Analysis (RAFA) to facilitate the solution of algebraic systems in the setting of heavyweight block ciphers. The core idea of RAFA is to expedite SAT solvers by modifying the algebraic systems, which is accomplished via two methods. The first method introduces redundant constraints, which is proposed for the first time in the context of algebraic cryptanalysis. The second one is a sophisticated linearization of the nonlinear Algebraic Normal Form (ANF). It takes RAFA for about 9.68 hours to attack AES-128. To the best of our knowledge, this is the first work that uses a general SAT solver to attack AES with only a single injection of byte-fault. Moreover, RAFA can attack AES-128 in 50.92 and 27.54 minutes for nibble- and bit-based fault model, respectively. In comparison, the traditional DFA algorithm implemented by pure C takes 4 ~ 5 hours under all three fault models investigated in this work. Moreover, in order to show the generality of RAFA, we also apply it to other heavyweight block ciphers. The best results show that RAFA could recover the key of Serpent-256 and SPEEDY-r-192 in 20.7 and 1.5 hours using only three faults, respectively. In comparison, AFA could not break these two ciphers even when 30 bits and 50 bits of their keys are known, respectively. Furthermore, no DFA work on Serpent or SPEEDY is known using comparable fault models.

Aniruddha Bhattacharjya,Xiaofeng Zhong,Xing Li

DOI: https://doi.org/10.1109/access.2019.2900300

IF: 3.9

2019-01-01

IEEE Access

Abstract:For virtual private network and LAN-to-LAN tunnel sessions, End-to-End security is the main constraint in private messaging scenarios. Internet Protocol Security can negotiate new keys for every communication, but when the key is compromised, it is a problem. Perfect Forward Secrecy is the resolution. In addition, the messaging scheme should be efficient and lightweight for keeping parity with daily needs. The popular Rivest-Shamir-Adleman (RSA) cipher is omnipresent in secure communications but has many scientific problems. So here, in this paper, a lightweight and efficient Secure Hybrid RSA (SHRSA) messaging scheme with four-layered authentication stack is implemented and analyzed. The scheme is resolving the problem of asymptotic very low speed of decryption of RSA, the computational modular exponentiation complexity and partial key exposure vulnerability issues of RSA, and many more. The four-layered authentication stack have eliminated the need of the use of any password, external digital certificates, and a third party for authentication with its own four techniques in a staked way. We have found that in evolutions and analysis of the scheme, it is not only resolving various scientific problems of RSA but also occupying 2%-4% less CPU than main RSA and occupying 1%-3% less memory than main RSA. Its decryption average time has gained 8.858 times compared to the main RSA and gained 2.248 times compared to CRT RSA. We have found that the RSA, CRT-RSA, and SHRSA's encryption throughput are alike-all are around 6 KB/Sec but decryption throughput of SHRSA has gained 8.5345 times than main RSA and gained 2.1174 times than CRT-RSA. The results obtained have shown us the relevancies of the SHRSA messaging scheme to be integratable as a cipher in Blockchain architectures, cyber-physical systems, and the Internet of Everything.

li zhao liu,xiao jing hu,tian hua zhang,ying wang,mao qing li

DOI: https://doi.org/10.4028/www.scientific.net/AMR.143-144.298

2011-01-01

Abstract:To solve the problem of construction for stream cipher key generator and the problem of SSC/SSSC stream ciphers need to relay on the secret channel to transmit the key, it presents a new clock function drive by a clock-control sequence and chaotic cascade function made of multiple Logistic function, which are used to built the self-reference model and chaotic module;it design a adapt controller independent of the key generator and encrypt module, achieve controlling encryption and transmission process by multi-threaded code;it makes a key generator with transformation ranks and wheel key method of AES and S-box of Camellia, which makes the sub-key and the key generator's internal station become a insufficient condition that does not need to depend on the secret channel, the model achieves a exponential growth in the key space and the same application scope of traditional SSC and SSSC model. The new protocol model features can be seen under the actual operation of modifying RC4 algorithm.

Wei Li,Guoqiang Bai,Xingjun Wu

DOI: https://doi.org/10.1109/EDSSC.2018.8487087

2018-01-01

Abstract:In this paper, we implemented the SM4 block cipher algorithm based on both composite filed S-box and look up tables (LUTs) S-box. We also explored the performance of SM4 against machine learning attack, including conventional classifiers, SVM for example, and convolutional neural network (CNN). Implementation of SM4 based on composite filed S-box has a great advantage on area consumption compared with conventional implementation based on LUTs, which can be widely used in resource constrained applications. On the other hand, power attack based on CNN poses a serious threat to the security of block cipher using S-box in LUTs, while experiment show that SM4 using composite filed S-box has a better security against linear classifiers and CNN attack.

Hai Cheng,Qun Ding,Chunguang Huang,Shuxia Zhai,Lianzhong Fang

2014-01-01

Abstract:SM4 is an approved cryptographic 128-bit block cipher which is used in Wireless LAN WAPI. This paper applies the SM4 algorithm in Ethernet encryption system. The SM4 can be programmed in software or built with hardware. However, Field Programmable Gate Array (FPGA) offers a quicker and more customizable solution. This paper presents the SM4 algorithm with regard to FPGA and the Verilog Hardware Description Language (Verilog-HDL). This paper proposes a method to improve the SM4 algorithm to deliver a high data rate in both encryption/decryption operations. Resource consumption about FPGA is minimized by using the shared S-box. This paper proposes an improvement of SM4 algorithm as a security solution for Ethernet encryption system, which is a flexible and configurable PCI Ethernet interface card based on FPGA.

Weijun Shan,Lihui Wang,Qing Li,Limin Guo,Shanshan Liu,Zhimin Zhang

DOI: https://doi.org/10.1109/CIS.2014.57

2014-01-01

Abstract:In this paper, we will present a chosen-plaintext method of CPA on SM4 block cipher. This attack consists of a chosen-plaintext method and a transformed CPA attack. The chosen-plaintext method is used to decrease the computation complexity to guess the round register value and the transformed CPA attack is introduced to improve the effect of CPA attack. We accomplished hardware implement on Sasebo-Gii and power analysis, whose result proved that it takes 5000 traces to recover the key successfully by our method, while the normal CPA method needs 270000 traces.

Hyeokdong Kwon,Hyunjun Kim,Siwoo Eum,Minjoo Sim,Hyunji Kim,Wai-Kong Lee,Zhi Hu,Hwajeong Seo

DOI: https://doi.org/10.1109/access.2022.3195217

IF: 3.9

2022-08-10

IEEE Access

Abstract:At 2003, the SM4 block cipher was introduced that is a Chinese domestic cryptographic. It is mandated in the Chinese National Standard for Wireless LAN Wired Authentication and Privacy Infrastructure (WAPI), because the algorithm was developed for use in wireless sensor networks to provide safety network environment. The SM4 block cipher uses a 128-bit block size and a 32-bit round key. It consists of 32 rounds and one reverse translation R. In this paper, we present the optimized implementation of the SM4 block cipher on 8-bit AVR microcontrollers, which are widely used in wireless sensor devices; the optimized implementation of the SM4 block cipher on 32-bit RISC-V processors, which are open-source-based computer architectures, and the optimized implementation of SM4 on 64-bit ARM processors with parallel computation, which are widely used in smartphones and tablets. In the AVR microcontroller, three versions are implemented for various purposes, including speed-optimization, memory-optimization, and code size-optimization. As a result, the speed-optimization, memory-optimization, and code size-optimization versions achieved 205.2 cycles per byte, 213.3 cycles per byte, and 207.4 cycles per byte, respectively. This is faster than the reference implementation written in C language (1670.7 cycles per byte). The implementation on 32-bit RISC-V processors achieved 128.8 cycles per byte. This is faster than the reference implementation written in C language (345.7 cycles per byte). The implementation on 64-bit ARM processors achieved 8.62 cycles per byte. This is faster than the reference implementation written in C language (120.07 cycles per byte).

computer science, information systems,telecommunications,engineering, electrical & electronic

Liantao Bai,Yuegong Zhang,Guoqiang Yang

DOI: https://doi.org/10.1109/CECNet.2012.6201878

2012-01-01

Abstract:With the development of technology, network has become an integral part of the life. At the same time the protection to network information is becoming very important. Encryption is one of the most effective ways to protect the information. The sender will symmetrically encrypt and send the data through the network, and receiver will decrypt the information to get the plaintext. All of information in network has been encrypted. The symmetric key will be the most effectively distributed through asymmetrical key. RSA algorithm and ECC algorithm are two of the most important asymmetric algorithm. The SM2 algorithm is independently developed by the State Cryptography Administration; it improves and expands the international standard ECC algorithm. This paper introduces the advantages of authenticating correctness and safety; it also put forward the further applications and some improvements for the SM2 algorithm.

Zhishuo Huang,Jia Tao,Haosong Zhao,Donglong Chen,Shuyan Zhu,Yinjin Fu,Nong Xiao,Yao Liu

DOI: https://doi.org/10.1109/iscas58744.2024.10558545

2024-01-01

Abstract:Network devices targeting to implement data-intensive applications often require the outstanding performance of symmetric encryption, when dealing with multiple concurrent requests from multiple users. Despite the numerous works on high-performance implementation of AES and SM4, hybrid architectures with lossless throughput when the key changes have not been proposed. In this paper, we propose a unified fully-pipelined architecture of AES and SM4 targeting high-performance Galois/Counter Mode application scenarios. The architecture is able to maintain the consistent throughput of input and output datastreams with changeable keys. Compared with state-of-the-art works implemented with the TSMC 65nm process, our design can reduce the area by 26.83% by using a shared composite S-box. With the one-hot S-box, our design can reduce power consumption by 30.93% and increase throughput by 34.21%.