WO2008010441A1 - dispositif de cryptage, programme et procédé - Google Patents
dispositif de cryptage, programme et procédé Download PDFInfo
- Publication number
- WO2008010441A1 WO2008010441A1 PCT/JP2007/063797 JP2007063797W WO2008010441A1 WO 2008010441 A1 WO2008010441 A1 WO 2008010441A1 JP 2007063797 W JP2007063797 W JP 2007063797W WO 2008010441 A1 WO2008010441 A1 WO 2008010441A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- internal
- variable
- array
- pseudo
- value
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
- G06F7/582—Pseudo-random number generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
- H04L9/0668—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator producing a non-linear pseudorandom sequence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/12—Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
Definitions
- the present invention relates to an encryption apparatus, a computer program and a method for concealing data during data communication and storage.
- a typical stream cipher includes a key stream generation unit that generates a key stream, and a combination unit that combines the key stream and plaintext.
- a pseudorandom number is generated using a secret key as a seed (key stream generation unit), and the pseudorandom number and plaintext are XORed (combining unit) to generate a ciphertext.
- XOR means bitwise exclusive OR.
- Stream ciphers are often implemented with simple processing such as XOR at the coupling part. Therefore, the security of stream ciphers depends on the security of pseudorandom numbers generated by the key stream generator.
- the ability to obtain plaintext P can be achieved.
- Distinguisher a means for indicating such a bias or characteristic
- distinguisher a means for indicating such a bias or characteristic
- distinguisher the discovery or creation of a means for indicating such a bias or characteristic constitutes “Distingui sher. " If the Distinguisher can be configured, the Distinguishing Attack It will be applied.
- RC4 is a No. method developed by Ron Rivest, RFC2246 (TLS), WEP,
- RC4 has the feature that the processing unit n bits are variable, increasing the processing unit n requires 2n of memory, and the key schedule is extremely slow.
- n is more than 8 bits, and few are more than 32 bits.
- RC4 has the power to implement the latest processor size such as 32bit / 64bit processors.
- This distinguisher makes it possible to distinguish from a true random number sequence with a data amount of about 2130 ⁇ .
- FIG. 2 is a diagram showing an improved RC4 algorithm (32-bit RC4) proposed by G. Gong et al.
- the RC4 stream code proposed by G. Gong et al. Has 2 ⁇ entries in the self-sequence S, and the entry size of the self-sequence S is a bit.
- the RC4 stream No. GGHN (n, m) proposed by G. Gong et al. Has two processing powers, KSA (K, S) and PRGA (S). Composed.
- KSA K, S
- K initial setting
- PRGA is a process for generating a key stream, and generates a pseudo-random number every time based on the state S.
- + represents arithmetic addition on mod N or mod M
- N 2 ′ ⁇ 8 ⁇
- M 2 ′ ⁇ 32 ⁇ .
- L represents the number of bytes of the secret key.
- KSA K, S
- PRGA PRGA
- the value S [l] at address 1 is A and the value S [A] at address A is B
- the value S [A + B] at address A + B is kO + ⁇ + ⁇ .
- address 1 value S [l] is A
- address A value S [A] is B
- address 2 value S [2] is C
- address A + C value S [A + C] Is D
- address C + D value S [C + D] force S k0 + B + C + D.
- the size of the internal memory is four times that of RC4, and the S entry is updated by arithmetic addition, so it has been reported that the security against attacks seeking internal memory is also improved.
- Non-Patent Document 1 G. Gong, .C. Gupta, M. Hell, and Y. Nawaz, "Towards a General R C4_Like Keystream Generator," S LOIS Conference on Information Security and Cryptology, CISC 2005, LNCS 3822, pp.162-174, Springer Verlag, 2005.
- Non-Patent Document 2 L Mantin, and A. Shamir: "A Practical Attack on Broadcast RC4, ⁇ Fas t Software Encryption, FSE 2001, LNCS 2355, pp.152-164, Springer-Verlag, 2001
- Non-Patent Document 3 S. Paul, B. Preneel, and G. Sekar: "Distinguishing Attacks on the Str eam Cipher Py,” e STREAM, the ECRYPT Stream Cipher Project, Report 2005/081, 2005.
- ⁇ represents arithmetic multiplication.
- Xokuku n represents the left n-bit rotation of data X.
- Lsb (X) is the least significant bit of data X
- LSB (X) is the least significant byte of data X
- lsb (X) X mod 2
- Figure 5 shows that in the self-train S, the value S [l] at address 1 is A and the value S [A] at address A should be kO + A is 0, which is contradictory. Yes.
- FIG. 6 in array S, the value S [l] at address 1 is A, the value S [A] at address A 3 ⁇ 40 + A, the value S [A + C] at address A + C is 2-C, It is shown that the values S [2] of address 2 should be kO + 2, resulting in forces S and C, which are contradictory.
- LSB (02) LSB (kO + 2-Sl [l]) ⁇ ⁇ ⁇ (5)
- Equation (4) The probability of establishment of Equation (4) depends on the structure of PRGA and does not depend on the structure of KSA. Yes.
- the probabilities pl and p2 for satisfying conditions 1 and 2 of cases 1 and 2 are as follows.
- the probability p2 that condition 2 is satisfied is the probability considering cases 1 and 2.
- Event e in this decryption is an event that satisfies Equation (4), and the distribution of event e in the random number can be regarded as X, and the distribution of event e in the output sequence of GGHN (8, 32) can be regarded as Y. Yes
- the amount of data obtained here is the value under the assumption that the KSA of GGHN (8,32) is completely random permutation and! /, And the theoretical data obtained from the structural bias of PRGA. Amount.
- GGHN (8, 32) can be distinguished from a true random number sequence by using the first two keys of the key stream in a secret key of about 2 " ⁇ 30 ⁇ theoretically. is there.
- Figure 9 shows the amount of data required for decryption (theoretical value), and the amount of data required for decryption when the S-box entries are assumed to be uniformly random and output equal by the initial processing. It is a figure explaining the flow which calculates
- the S-box entries are uniformly random and output evenly by the initial processing. This means that all 256 possible values of S can appear at the time of attack.
- Equation (4) is a distinguisher, it is possible to distinguish between the output sequence of GGHN (8, 32) and the true random number sequence.
- Figures 10 and 11 summarize the results of the experiment.
- Figure 10 shows the probabilities obtained by computer experiments and the amount of data required for decoding.
- Fig. 11 shows the results of confirming whether the distinguisher in Fig. 8 works by changing the amount of data N to be given by computer experiments.
- Equation (4) When Equation (4) is used as a distinguisher, as shown in Fig. 9, we confirmed whether the output sequence of GGHN (8, 32) and the true random number sequence can be distinguished.
- the experimental procedure is as follows.
- the key stream can be distinguished from the true random number sequence with a high probability, and there is a problem that the security is low.
- the present invention was created based on recognition of the above-mentioned problems by the present inventors and the like, and its purpose is to provide a highly secure encryption device, program, and method for concealing data. It is in.
- the present invention provides a measure with tolerance to the analysis technique that has been the subject.
- consideration is given to the implementation of countermeasures, so as not to compromise the security and implementability claimed by cryptographic designers.
- An encryption device is an encryption device that generates a pseudo-random number sequence based on a secret key and generates a ciphertext by applying the pseudo-random number sequence to plaintext. Then, as an internal state used for generating the pseudo-random number sequence, an internal state based on a state based on rearrangement of a finite number of numerical sequences is used, and at least one temporary variable used for generating the pseudo-random number sequence Based on the result of the force S, one of the internal states, or a combination of numerical values, linear or non-linear, linear and non-linear, depending on a number smaller than the number of internal states, It is a temporary variable whose value is a predetermined result of executing the left or right rotation shift, and the generated pseudo-random number is used as one or more numerical values of the internal state and the temporary variable.
- the internal state is based on a state based on the rearrangement of the finite number of numerical columns, and the update of the internal state is performed by a linear operation other than the rearrangement and a non-linear state. You can do it using shape arithmetic.
- an internal state based on a state based on the rearrangement of the finite number of numerical columns, and the update of the internal state includes a linear operation and a non-linear operation other than the rearrangement.
- the number of states of the internal state may increase monotonously.
- the number of states in the internal state may be monotonously decreased.
- the internal state is based on a state based on the rearrangement of the finite number of numerical columns, and the internal state is updated by performing a linear operation and a non-linear operation other than the rearrangement.
- the number of states in the internal state may be vibrated.
- the internal state may be updated every time the pseudo random number sequence is output. Or you may make it carry out more than the output of the said pseudorandom number sequence. Alternatively, it may be performed less than the output of the pseudo random number sequence.
- the direction and / or numerical value (shift number) of the rotate shift may be dynamically changed depending on the numerical value of the internal state.
- the direction and numerical value (shift number) of the rotate shift may be changed in accordance with a predetermined table value.
- the apparatus creates the initial state of array S by stirring the elements of array S by repeating the rearrangement and arithmetic addition of the elements of array S.
- the first processing unit (KSA) that determines the initial value of k from the elements of array S, and the addition result of element S [j] of array S and internal variable k with respect to the first and second index variables i and j
- the value of the internal variable k is updated with the rotated value, and the reference result S [((S [i] + S [j]))] of the arrangement S with S [i] + S [j] and the internal variable k
- the key stream is output, and the element S [(S [i] + S [j])] of the array S referenced to generate the key stream is set to the internal variable immediately after the key stream output.
- PRGA second processing unit
- the apparatus creates an initial state of the array S by stirring the elements of the array S by repeating the rearrangement and arithmetic addition of the elements of the array S.
- the first processing unit (KSA) that determines the initial value of k from the elements of array S, and the first index variable i Based on the result of arithmetic addition of the array element S [i] with the first shift number rotated and the second index variable j, the value of the second index variable j is updated and the second index variable j is updated. Arithmetic between the value obtained by rotating the array element S [j] of the variable j by the second shift number and the internal variable k.
- the value of the internal variable k is updated, and the distribution by S [i] + S [j] Based on the result of arithmetic addition of the value obtained by rotating the element S [(S [i] + S [j])] by the third shift number and the internal variable k, a key stream is output, and the key stream is Second process of updating the array element S [(S [i] + S [j])] referenced for generation using the internal variable k and array element S [i] immediately after the key stream output Part (PRGA).
- the S entry referred to may be configured to include a second processing unit (PRGA) that updates the internal variable k immediately after outputting the key stream.
- the first processing unit (KSA) and the second processing unit (PRGA) may be implemented as a computer program (software).
- an internal state based on a state based on rearrangement of a finite number of numerical sequences is used as the internal state used for generating the pseudo-random number sequence, and the pseudo-random number sequence is used.
- At least one of the temporary variables used to generate the internal state is based on the result of linear or non-linear, a combination of linear and non-linear using one of the internal states or a plurality of numerical values.
- a temporary variable whose value is a predetermined result of left or right rotate shift depending on a number smaller than the number of the pseudo-random number, and the pseudo-random number is a numerical value of one or more of the internal states. And a predetermined calculation with the temporary variable.
- a method including each procedure of the first processing unit (KSA) and the second processing unit (PRGA) is provided.
- the present invention can provide a highly secure encryption device for concealing data during data communication or storage.
- FIG. 1 is a block diagram showing an embodiment of the present invention.
- FIG. 2 A diagram showing an improved RC4 algorithm proposed in 32bit RC4 (CISC 2005).
- FIG. 3 is a diagram showing a state transition (1) of PRGA.
- FIG. 4 is a diagram showing state transition (2) of PRGA.
- FIG. 5 is a diagram showing an analysis (1) of PRGA.
- FIG. 6 shows a PRGA analysis (3).
- FIG. 7 shows an analysis of PRGA.
- FIG. 8 is a diagram showing an analysis ( 4 ) of PRGA.
- FIG. 9 is a diagram showing the amount of data (theoretical value) required for decoding.
- FIG. 10 is a diagram showing the amount of data (experimental value) necessary for decoding.
- FIG. 11 is a diagram showing experimental results (distinguisher).
- FIG. 12 A diagram showing an algorithm of stream No. shown by G. Gong et al.
- FIG. 13 is a diagram showing a change algorithm of the present invention.
- FIG. 14 is a diagram showing a specific example 1 of a problem to be solved.
- FIG. 15 is a diagram showing a specific example 2 of a problem to be solved.
- FIG.16 This is a diagram showing the measure (1).
- FIG.17 This is a diagram showing the measure (2).
- FIG. 13 is a diagram for explaining a modified algorithm of the present invention.
- FIG. 13 shows the parts to be changed in the original algorithm in the present invention.
- the number of rotations is n bits when GGHN (n, m) is used.
- FIG. 12 shows the original algorithm as a comparative example of FIG.
- the n-bit left rotate process has a small speed degradation. I think.
- Fig. 16 shows an example of countermeasures by changing KSA (K, S) according to the present invention.
- the variable k is updated with the arithmetic addition of the left 8xr bit rotation of a [i] and the variable k.
- S [i] is updated with the operation result (exclusive OR operation) of S [i] and a [i] left 8x (3-r) bit rotated.
- the countermeasure means of FIG. 16 corresponds to dynamically changing the direction and / or the number of shifts depending on the value of the internal state.
- the direction of the rotate shift and the number of shifts may be changed according to a predetermined table value.
- Fig. 17 shows another example of countermeasures by changing PRGA (S).
- the value of j is updated with the result of arithmetic addition of S [i] right 24 bits rotated (S [i] >>> 24) and j, and S [j] 16 bits rotated right (S [j] >> ⁇ Update the value of k with the result of the arithmetic addition of 16) and k, and the arithmetic of k with the right 8-bit rotation of S [(S [i] + S [j]) mod N]
- the addition result is out.
- ⁇ is determined according to the value of X.
- the internal state is based on a state based on the rearrangement of the finite number of numerical columns, and the update of the internal state is performed by a linear operation other than the rearrangement, and You may make it perform using a nonlinear calculation.
- the internal state is based on a state based on the rearrangement of the finite number of numerical columns, and the internal state is updated by performing linear operations and nonlinear operations other than the rearrangement of the columns.
- the number of states of the internal state may be monotonously increased.
- the number of states in the internal state may be monotonously decreased by using a linear operation and a nonlinear operation other than the rearrangement of columns as the update of the internal state.
- the internal state is based on the state based on the rearrangement of the finite number of numerical columns, and the internal state is updated by performing a linear operation and a non-linear operation other than the rearrangement. By using it, the number of states in the internal state may be vibrated.
- the internal state may be updated every time the pseudo-random number sequence is output. Or you may make it carry out more than the output of the said pseudorandom number sequence. Alternatively, it may be performed less than the output of the pseudo random number sequence. This will be described below with reference to examples.
- FIG. 1 is a diagram for explaining an embodiment of the present invention.
- 14 and 15 are block diagrams showing specific examples 1 and 2 of the problem to be solved by the present invention as a comparative example.
- Fig. 1 in the processing of ⁇ > n, left rotation processing (k + S [j]) is performed on k (0), and k (l) is obtained. (S [(S [i] + S [j]) mod N] + k (l)) mod M is out (l).
- Fig. 14 shows, as specific example 1 of the problem to be solved by the present invention, Fig. 5 to Fig.
- the index i becomes 1 (see 1 output from the box at the tip of the arrow of j (0)).
- the box that surrounds S with a square is an S-box. For example, if an index (for example, 1) is input and S [l] is A, the box will output A. Is done.
- variable k (lower 8 bits)
- FIG. 15 is a diagram showing a specific example 2 of the problem to be solved by the present invention as a comparative example of FIG. 1.
- FIG. 11 is a diagram showing a process of processing to the state transition of the least significant byte of the serving IJS. The state change is indicated by an S box and is not shown in the figure.
- index i is 1.
- Address i value S [i] (lower 8 bits) is C and address j value SQ] (lower 8 bits) is 2—C, so the address needed to generate output 02 Is
- index i is 1 at time 1 as in FIG.
- the value of address i, S [i] (lower 8 bits) is A, and index j is the lower 8 bits of A.
- Roln represents Rotate-Left-Shift by n_bit.
- Address i value S [i] (lower 8 bits) is A and address j value S [j] is B (lower 8 bits are 0), so it is needed to generate output Ol
- the address is
- Address j value] (lower 8 bits) is A, and the value of variable k is
- index i is 2.
- the encryption device includes, for example, a CPU of a server device, a storage device, a network, and the like.
- the secret key information is stored in the storage device of the server device.
- the rotate shift calculation is performed by the CPU ALU (arithmetic unit).
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/374,397 US8374351B2 (en) | 2006-07-21 | 2007-07-11 | Encryption device, program, and method |
CA2658476A CA2658476C (en) | 2006-07-21 | 2007-07-11 | Encryption device, program, and method |
CN2007800277332A CN101496342B (zh) | 2006-07-21 | 2007-07-11 | 加密装置、程序及方法 |
EP07790601.4A EP2048811A4 (en) | 2006-07-21 | 2007-07-11 | ENCRYPTING DEVICE, PROGRAM AND METHOD |
JP2008525838A JPWO2008010441A1 (ja) | 2006-07-21 | 2007-07-11 | 暗号装置及びプログラムと方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2006-199681 | 2006-07-21 | ||
JP2006199681 | 2006-07-21 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2008010441A1 true WO2008010441A1 (fr) | 2008-01-24 |
Family
ID=38956774
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2007/063797 WO2008010441A1 (fr) | 2006-07-21 | 2007-07-11 | dispositif de cryptage, programme et procédé |
Country Status (8)
Country | Link |
---|---|
US (1) | US8374351B2 (ja) |
EP (1) | EP2048811A4 (ja) |
JP (1) | JPWO2008010441A1 (ja) |
KR (1) | KR101032592B1 (ja) |
CN (1) | CN101496342B (ja) |
CA (1) | CA2658476C (ja) |
RU (1) | RU2009106061A (ja) |
WO (1) | WO2008010441A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8923513B2 (en) | 2008-08-11 | 2014-12-30 | Assa Abloy Ab | Secure wiegand communications |
US10452877B2 (en) | 2016-12-16 | 2019-10-22 | Assa Abloy Ab | Methods to combine and auto-configure wiegand and RS485 |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101567781A (zh) * | 2009-06-09 | 2009-10-28 | 刘海云 | 利用排序产生的序号码加密的方法及密码机 |
US8244909B1 (en) * | 2009-06-18 | 2012-08-14 | Google Inc. | Method, apparatus and networking equipment for performing flow hashing using quasi cryptographic hash functions |
FR2952735B1 (fr) * | 2009-11-18 | 2011-12-09 | St Microelectronics Rousset | Procede et dispositif de detection d'attaques par injection de fautes |
EP2336931B1 (fr) * | 2009-11-18 | 2013-01-09 | STMicroelectronics (Rousset) SAS | Procédé de vérification de signature |
FR2984553B1 (fr) | 2011-12-15 | 2015-11-06 | Proton World Int Nv | Procede et dispositif de detection de fautes |
US9269418B2 (en) * | 2012-02-06 | 2016-02-23 | Arm Limited | Apparatus and method for controlling refreshing of data in a DRAM |
CN104331645B (zh) * | 2014-11-24 | 2017-05-10 | 中国航空工业集团公司洛阳电光设备研究所 | 一种测试系统的加密方法 |
EP3493457A1 (en) * | 2017-11-30 | 2019-06-05 | Gemalto Sa | Method for protecting a source of entropy used in countermeasures securing a whitebox cryptographic algorithm |
KR102183312B1 (ko) | 2018-11-14 | 2020-11-26 | 국민대학교산학협력단 | Duss 지원 가능한 양자난수 엔트로피 암호화용 코드 발급 장치 및 방법 |
KR102156568B1 (ko) | 2018-12-21 | 2020-09-16 | 국민대학교산학협력단 | 구명용 비상신호 발신장치 및 방법 |
CN114514569B (zh) * | 2019-10-10 | 2024-03-01 | 日本电信电话株式会社 | 秘密多重迭代计算装置、方法以及记录介质 |
KR102253953B1 (ko) * | 2020-06-11 | 2021-05-20 | 제주대학교 산학협력단 | K-익명성 모델 및 데이터 교란화를 이용한 위치추적정보 보안 기법 및 장치 |
CN113282949B (zh) * | 2021-07-26 | 2021-11-02 | 中国电力科学研究院有限公司 | 数据加密方法、数据解密方法、装置及电力数据交互系统 |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006199681A (ja) | 2004-12-20 | 2006-08-03 | Daicel Chem Ind Ltd | 酢酸の製造方法 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5297207A (en) * | 1993-05-24 | 1994-03-22 | Degele Steven T | Machine generation of cryptographic keys by non-linear processes similar to processes normally associated with encryption of data |
US5345508A (en) * | 1993-08-23 | 1994-09-06 | Apple Computer, Inc. | Method and apparatus for variable-overhead cached encryption |
US20020009208A1 (en) * | 1995-08-09 | 2002-01-24 | Adnan Alattar | Authentication of physical and electronic media objects using digital watermarks |
US7174013B1 (en) * | 1998-10-20 | 2007-02-06 | Lucent Technologies Inc. | Efficient universal hashing method |
CN1714377A (zh) * | 2002-10-07 | 2005-12-28 | 小林朗 | 用于生成伪随机数的方法及伪随机数生成器 |
WO2006100801A1 (ja) * | 2005-03-23 | 2006-09-28 | Kddi Corporation | キーストリーム暗号化装置および方法ならびにプログラム |
US8019802B2 (en) * | 2005-08-24 | 2011-09-13 | Qualcomm Incorporated | Cryptographically secure pseudo-random number generator |
-
2007
- 2007-07-11 KR KR1020097003460A patent/KR101032592B1/ko active IP Right Grant
- 2007-07-11 EP EP07790601.4A patent/EP2048811A4/en not_active Withdrawn
- 2007-07-11 JP JP2008525838A patent/JPWO2008010441A1/ja not_active Withdrawn
- 2007-07-11 CA CA2658476A patent/CA2658476C/en not_active Expired - Fee Related
- 2007-07-11 WO PCT/JP2007/063797 patent/WO2008010441A1/ja active Application Filing
- 2007-07-11 US US12/374,397 patent/US8374351B2/en not_active Expired - Fee Related
- 2007-07-11 CN CN2007800277332A patent/CN101496342B/zh not_active Expired - Fee Related
- 2007-07-11 RU RU2009106061/09A patent/RU2009106061A/ru not_active Application Discontinuation
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006199681A (ja) | 2004-12-20 | 2006-08-03 | Daicel Chem Ind Ltd | 酢酸の製造方法 |
Non-Patent Citations (7)
Title |
---|
G. GONG ET AL.: "SKLOIS Conference on Information Security and Cryptology, CISC 2005, LNCS", vol. 3822, 2005, SPRINGER VERLAG, article "Towards a General RC4-Like Keystream Generator", pages: 162 - 174 |
GONG G. ET AL.: "Towards a General RC4-like Keystream Generator", GUANG GONG'S HOME PAGE, XP003020437, Retrieved from the Internet <URL:http://www.calliope.uwaterloo.ca/~ggong/publication/CISC141.pdf> * |
MANTIN; A. SHAMIR: "LNCS", vol. 2355, 2001, SPRINGER-VERIAG, article "A Practical Attack on Broadcast RC4, "Fast Software Encryption, FSE 2001", pages: 152 - 164 |
S. PAUL; B. PRENEEL; G. SEKAR: "Distinguishing Attacks on the StreamCipher Py", ESTREAM, THE ECR.YPT STREAM CIPHER PROJECT, REPORT 2005/081, 2005 |
See also references of EP2048811A4 * |
TSUNOO Y. ET AL.: "The Most Efficient Distinguishing Attack on VMPC and RC4", ESTREAM, THE ECRYPT SYSTEM CIPHER PROJECT, XP003020439, Retrieved from the Internet <URL:http://www.ecrypt.eu.org/stream/papersdir/037.pdf> * |
WU H.: "Cryptanalysis of a 32-bit RC4-like Stream Cipher", CRYPTOLOGY EPRINT ARCHIVE, 2005/219, XP003020438, Retrieved from the Internet <URL:http://www.eprint.iacr.org/2005/219.pdf> * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8923513B2 (en) | 2008-08-11 | 2014-12-30 | Assa Abloy Ab | Secure wiegand communications |
US8943562B2 (en) | 2008-08-11 | 2015-01-27 | Assa Abloy Ab | Secure Wiegand communications |
US10452877B2 (en) | 2016-12-16 | 2019-10-22 | Assa Abloy Ab | Methods to combine and auto-configure wiegand and RS485 |
Also Published As
Publication number | Publication date |
---|---|
EP2048811A4 (en) | 2015-10-21 |
KR101032592B1 (ko) | 2011-05-06 |
CA2658476A1 (en) | 2008-01-24 |
EP2048811A1 (en) | 2009-04-15 |
KR20090041408A (ko) | 2009-04-28 |
US20090323956A1 (en) | 2009-12-31 |
CA2658476C (en) | 2014-11-04 |
CN101496342A (zh) | 2009-07-29 |
CN101496342B (zh) | 2012-05-30 |
US8374351B2 (en) | 2013-02-12 |
RU2009106061A (ru) | 2010-08-27 |
JPWO2008010441A1 (ja) | 2009-12-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2008010441A1 (fr) | dispositif de cryptage, programme et procédé | |
US8358781B2 (en) | Nonlinear feedback mode for block ciphers | |
US7899190B2 (en) | Security countermeasures for power analysis attacks | |
US7697681B2 (en) | Parallelizable integrity-aware encryption technique | |
KR101143041B1 (ko) | 리볼빙 버퍼들을 이용한 스트림 암호 설계 방법 | |
US7720225B2 (en) | Table splitting for cryptographic processes | |
Singh | Modified Vigenere encryption algorithm and its hybrid implementation with Base64 and AES | |
Altigani et al. | A polymorphic advanced encryption standard–a novel approach | |
Huang et al. | A secure data encryption method employing a sequential–logic style mechanism for a cloud system | |
Achkoun et al. | SPF-CA: A new cellular automata based block cipher using key-dependent S-boxes | |
US20220382521A1 (en) | System and method for encryption and decryption using logic synthesis | |
Soe et al. | Performance analysis of data encryption standard (DES) | |
Gupta et al. | Correlation power analysis on KASUMI: attack and countermeasure | |
Hafsa et al. | Hybrid encryption model based on advanced encryption standard and elliptic curve pseudo random | |
Ghosh et al. | Isomorphic cipher reduction | |
US20100128870A1 (en) | Pseudo-random number generation device, program, and method for stream encoding | |
El-Fotouh et al. | Statistical testing for disk encryption modes of operations | |
Kebande | Extended-Chacha20 Stream Cipher With Enhanced Quarter Round Function | |
Muthavhine et al. | Using the Muthavhine Function to Modify Skipjack Algorithm to Prevent LC and DC Attacks on IoT Devices | |
Jagetiya et al. | Evolution of Information Security Algorithms | |
Gaffar | Securing Digital Audio Files Using Rotation and XOR Operations | |
Maharjan | Comparative Study of CAST and TWOFISH algorithm using various Modes of Operations | |
Alsuwaiedi et al. | A new modified DES algorithm based on the development of binary encryption functions | |
Nimbe et al. | An improved symmetric cipher encryption for securing data | |
Maity et al. | Improving security of SPN-type block cipher against fault attack |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200780027733.2 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07790601 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2008525838 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2658476 Country of ref document: CA Ref document number: 12374397 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007790601 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020097003460 Country of ref document: KR |
|
ENP | Entry into the national phase |
Ref document number: 2009106061 Country of ref document: RU Kind code of ref document: A |