Toru Akishita scite author profile

We propose a new 64-bit blockcipher Piccolo supporting 80 and 128-bit keys. Adopting several novel design and implementation techniques, Piccolo achieves both high security and notably compact implementation in hardware. We show that Piccolo offers a sufficient security level against known analyses including recent related-key differential attacks and meet-in-the-middle attacks. In our smallest implementation, the hardware requirements for the 80 and the 128-bit key mode are only 683 and 758 gate equivalents, respectively. Moreover, Piccolo requires only 60 additional gate equivalents to support the decryption function due to its involution structure. Furthermore, its efficiency on the energy consumption which is evaluated by energy per bit is also remarkable. Thus, Piccolo is one of the competitive ultra-lightweight blockciphers which are suitable for extremely constrained environments such as RFID tags and sensor nodes.

show abstract

The 128-Bit Blockcipher CLEFIA (Extended Abstract)

Shirai

et al. 2007

View full text Add to dashboard Cite

Abstract. We propose a new 128-bit blockcipher CLEFIA supporting key lengths of 128, 192 and 256 bits, which is compatible with AES. CLEFIA achieves enough immunity against known attacks and flexibility for efficient implementation in both hardware and software by adopting several novel and state-of-the-art design techniques. CLEFIA achieves a good performance profile both in hardware and software. In hardware using a 0.09 μm CMOS ASIC library, about 1.60 Gbps with less than 6 Kgates, and in software, about 13 cycles/byte, 1.48 Gbps on 2.4 GHz AMD Athlon 64 is achieved. CLEFIA is a highly efficient blockcipher, especially in hardware.

show abstract

Midori: A Block Cipher for Low Energy

et al. 2015

View full text Add to dashboard Cite

In the past few years, lightweight cryptography has become a popular research discipline with a number of ciphers and hash functions proposed. The designers' focus has been predominantly to minimize the hardware area, while other goals such as low latency have been addressed rather recently only. However, the optimization goal of low energy for block cipher design has not been explicitly addressed so far. At the same time, it is a crucial measure of goodness for an algorithm. Indeed, a cipher optimized with respect to energy has wide applications, especially in constrained environments running on a tight power/energy budget such as medical implants.This paper presents the block cipher Midori (The name of the cipher is the Japanese translation for the word Green.) that is optimized with respect to the energy consumed by the circuit per bt in encryption or decryption operation. We deliberate on the design choices that lead to low energy consumption in an electrical circuit, and try to optimize each component of the circuit as well as its entire architecture for energy. An added motivation is to make both encryption and decryption functionalities available by small tweak in the circuit that would not incur significant area or energy overheads. We propose two energy-efficient block ciphers Midori128 and Midori64 with block sizes equal to 128 and 64 bits respectively. These ciphers have the added property that a circuit that provides both the functionalities of encryption and decryption can be designed with very little overhead in terms of area and energy. We compare our results with other ciphers with similar characteristics: it was found that the energy consumptions of Midori64 and Midori128 are by far better when compared ciphers like PRINCE and NOEKEON.

show abstract

Zero-Value Point Attacks on Elliptic Curve Cryptosystem

Akishita

Takagi

2003

View full text Add to dashboard Cite

Abstract. Several experimental results ensure that the differential power analysis (DPA) breaks the implementation of elliptic curve cryptosystem (ECC) on memory constraint devices. In order to resist the DPA, the parameters of the underlying curve must be randomized. We usually randomize the base point in the projective coordinate, or we transform all parameters to the random isomorphic curve. However, Goubin pointed out the point (0, y) can not be randomized by these countermeasures. This point is often contained in the standard curves, and we have to care this attack. In this paper, we propose a novel attack, called the zero-value point attack. On the contrary to Goubin's attack, we use the zero-value registers in the addition formulae. Even if a point has no zero-value coordinate, the auxiliary registers might take zero-value. We investigate these zerovalue registers that cannot be randomized by the above randomization. Indeed on elliptic curves over prime fields, we have found several points P = (x, y) which cause the zero-value registers, e.g., (1)3x 2 + a = 0, (2)5x 4 + 2ax 2 − 4bx + a 2 = 0, (3)P is y-coordinate self-collision point, etc. We demonstrate the standard curves that have these points. Interestingly, some conditions required for the zero-value attack depend on the explicit implementation of the addition formulae -in order to resist this type of attacks, we have to care how to assemble the multiplications and the additions in the addition formulae. Moreover, we show zero-value points for Montgomery-type method and elliptic curves over binary fields.

show abstract

Very Compact Hardware Implementations of the Blockcipher CLEFIA

Akishita

Hiwatari

2012

View full text Add to dashboard Cite

The 128-bit blockcipher CLEFIA is known to be highly efficient in hardware implementations. This paper proposes very compact hardware implementations of CLEFIA-128. Our implementations are based on novel serialized architectures in the data processing block. Three types of hardware architectures are implemented and synthesized using a 0.13 μm standard cell library. In the smallest implementation, the area requirements are only 2,488 GE, which are about half of the previous smallest implementation as far as we know. Furthermore, only additional 116 GE enable to support decryption.

show abstract

Novel Efficient Implementations of Hyperelliptic Curve Cryptosystems Using Degenerate Divisors

Katagi

Kitamura

Akishita

et al. 2005

View full text Add to dashboard Cite

Efficient Hyperelliptic Curve Cryptosystems Using Theta Divisors

Katagi

Akishita

Kitamura

et al. 2006

IEICE Transactions on Fundamentals of Electronics, Communicatio

View full text Add to dashboard Cite

Some Improved Algorithms for Hyperelliptic Curve Cryptosystems Using Degenerate Divisors

Katagi

Akishita

Kitamura

et al. 2005

View full text Add to dashboard Cite

12 3

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Toru Akishita

Piccolo: An Ultra-Lightweight Blockcipher

The 128-Bit Blockcipher CLEFIA (Extended Abstract)

Midori: A Block Cipher for Low Energy

Zero-Value Point Attacks on Elliptic Curve Cryptosystem

Very Compact Hardware Implementations of the Blockcipher CLEFIA

Novel Efficient Implementations of Hyperelliptic Curve Cryptosystems Using Degenerate Divisors

Efficient Hyperelliptic Curve Cryptosystems Using Theta Divisors

Some Improved Algorithms for Hyperelliptic Curve Cryptosystems Using Degenerate Divisors

Contact Info

Product

Resources

About