During the rapid evolution of post-quantum cryptography, considering the needs for flexibility and efficiency, we proposed a parallel reconfigurable sampling accelerator for various lattice-based post-quantum cryptographic algorithms. We analyzed seven sampling processes involved in lattice-based post-quantum cryptography and proposed seven efficient parallel implementation models for these samplings, respectively, based on mathematical derivations. Then we extracted four common operational logics from these models. Using these four common operational logics as the core, we introduced data rearrangement to limit the effective bit width of operation data, which improved the acceptance rate of rejection sampling and eliminates the complex modular reduction operations in finite field operations. Then we proposed a high energy-efficient reconfigurable parallel sampling algorithm. To enhance the hardware implementation efficiency of the sampling algorithm, we adopted the butterfly transform network to complete the parallel splitting, merging, and lookup of data with any effective bit width within a single clock cycle, efficiently realizing the parallelization of the algorithm’s pre- and post-processing, and constructed a parameterized parallel reconfigurable sampling accelerator architecture model. Aiming for high energy efficiency, combined with logic synthesis experimental results, we determined the optimal parallel degree parameters of the architecture model and proposed a parallel reconfigurable sampling accelerator with a data bandwidth of 1 024 bits. Experimental results showed that, using a 40 nm CMOS process library, and performing post-simulation under the ss, 125 ℃ process corner conditions, the circuit's highest operating frequency can reach 667 MHz, with an average power consumption of 0.54W. Completing a 256-point uniform sampling requires 6 ns, completing a 256-point rejection sampling with a rejection value less than 2¹⁶ on average only takes 22.5 ns, completing a 256-point binary sampling within 8 bits requires 18 ns, completing a 509-point simple ternary sampling requires 36 ns, completing a 701-point non-negative correlated ternary sampling requires 124.5 ns, completing a 509-point fixed-weight ternary sampling requires 11.18 \mathrm{\mu } \mathrm{s}, and completing a discrete Gaussian sampling in the Falcon algorithm once requires 3 ns. Compared with existing research, the sampler proposed in we reduce the energy consumption value for a uniform-rejection sampling by about 30.23%, and the energy consumption value for a binary sampling by about 31.6%.

The linear property of lightweight cipher ACE and SPIX was researched. The linear property of ring AND-gate combination was described accurately with mixed-integer linear programming. The nonlinear operation of ACE and SPIX was transformed into ring AND-gate combination. Based on this, the linear models of ACE permutation and SLISCP permutation were constructed with mixed-integer linear programming. The models returned the optimal linear characteristics of 2-step to 4-step ACE permutation and 2-step to 5-step SLISCP permutation. It was proved that 7-step and 12-step ACE permutation achieved the 128-bit security and 320-bit security respectively, and 7-step and 13-step SLISCP permutation achieved the 128-bit security and 256-bit security respectively. For the ACE permutation and SLISCP permutation with any number of steps, authenticated encryption algorithm ACE-AE-128 and SPIX can resist the linear distinguish attack of plaintext processing stage.

FBC (Feistel-based Block Cipher) is a lightweight block cipher selected in the second round of the National Cryptographic Algorithm Design Competition. It has many advantages such as simple algorithm structure, high security and excellent implementation performance, and has attracted much attention in the industry. The block size and key length of FBC are at least 128 bits, denoted as FBC-128. At present, the best result of differential attack on FBC-128 is 12-round.The time complexity is 2^93.41 encryptions, and the data complexity is 2¹²² chosen-plaintexts. However, it is still to be solved whether there is a longer differential distinguisher and higher rounds of key recovery attack on FBC. In this paper, a segmental statistical method is proposed to search the differential characteristic of FBC-128 based on the mixed-integer linear programming technology. The results show that FBC-128 exists15-round differential distinguisher with probability 2^-121. Then, we extend it backward by one round, and launch a key recovery attack on 16-round FBC-128.The data complexity is 2¹²¹ chosen-plaintexts, and the time complexity is 2^92.68 encryptions. Compared with the existing results, the differential distinguisher and key recovery attacks are increased by 4 rounds with lower data and time complexity.

The design and analysis of dynamic block ciphers are the frontier of current cryptography research. For CLEFIA-like dynamic cryptographic structure and four-block CLEFIA-like transform cluster, this paper focuses on the security evaluation against impossible differential cryptanalysis and zero correlation linear cryptanalysis. When the round functions of the two dynamic cryptographic structures are bijective, by studying the commutative properties of the modules, the fact that the two dynamic cryptographic structures are permutation equivalence of the two static structures respectively can be proved. With the established equivalence relation, by constructing the impossible differential and zero correlation distinguishers of two static structures, 8-round impossible differentials and zero correlation linear hulls of 4n-round CLEFIA-like dynamic cryptographic structure can be found as well 9-round ones for 4n-round four-block CLEFIA-like transform cluster.

SM2 algorithm is a commercial elliptic curve cryptographic algorithm designed by China. At present, the analysis of the implementation security of this algorithm usually follows the research results on the common components of elliptic curves rather than the structure and characteristics of the algorithm. At the same time, hash and verification steps in SM2 decryption algorithm make most of the fault attacks that need to exploit the error output not applicable. To solve this problem, according to characteristics of SM2 decryption algorithm, this paper proposes a chosen ciphertext combined attack that combines the round-reduced fault with side channel based on the idea of safe-error. The core of the attack is changing the number of rounds of scalar multiplication by fault injection, and determining the specific number of faulty rounds by side channel analysis. Then it constructs the chosen ciphertext based on partial key guesses combined with plaintext and correct ciphertext. And the chosen ciphertext is input to the decryption device with specific fault effect, verifying whether the partial key guess is correct by the output of the decryption device. Also, the applicability of the attack to different scalar multiplication methods and common protection countermeasures is analyzed in the paper. Lastly, we conduct practical attack experiments on the SM2 decryption algorithm with clock glitch injection and simple power analysis on an STM32F303 microcontroller chip based on the ARM Cortex M4. And we successfully recover the private key. The experimental results show that the attack method is feasible and practical.

Currently, the standardization process of post-quantum cryptographic algorithms initiated by the National Institute of Standards and Technology (NIST) has entered into the last round. Among them, lattice-based algorithms draw significant attention. Existing research shows that if the public-secret key pair is reused, key mismatch attacks can be launched on the chosen-plaintext attack (CPA)-secure or side-channel information assisted chosen-ciphertext attack (CCA)-secure lattice-based key encapsulation mechanisms (KEMs). Among the existing key mismatch attacks against NIST KEM algorithms, most attacks assume that the adversary can recover one coefficient of the secret key each time. However, a more reasonable assumption is recovering multiple secret key coefficients each time, which will further reduce the average number of queries needed for key mismatch attacks. Therefore, we analyze the problem of lower bounds on the average number of queries for recovering multiple secret key coefficients each time in the key mismatch attack. The problem can be transformed into searching for an optimum binary recovery tree, and the lower bound is proved to be near the Shannon entropy. Then we propose a calculation model applied to NTRU-HRSS KEM and obtain a more accurate theoretical lower bound. Furthermore, we propose a full key mismatch attack for pairwise recovering the secret key of NTRU-HRSS KEM. Experiments demonstrate that compared to the existing attack, based on almost the same accuracy, the average number of queries is reduced by 35.3%, and the average time is also reduced by 47.3%. Moreover, our proposed method can also be used to improve the existing side-channel attack against CCA-secure NTRU-HRSS KEM and reduce the average number of queries from 2 447 to 1 193.

As the internal storage space of trusted platform module (TPM) is limited, most of the keys generated by TPM will not be stored inside TPM. Instead, these keys are encrypted by their parent keys and then stored in external storage space, which is not completely controlled by TPM. In case that one single key is invalid, TPM1.2 and TPM2.0 specifications do not provide any commands to revoke this single key except the command to revoke all keys, which is inconvenient in most cases and reduces the availability of TPM. But if the invalid key is not revoked, an attacker may load it into the TPM for use and this will result in some security issues. Thus, this paper proposes a scheme based on Merkle tree to revoke single key. By constructing dynamic or static Merkle tree, the keys generated by TPM are linked to leaves of the tree for key management, which can revoke single invalid key if needed without affecting the normal use of other keys. Compared with the scheme based on blacklist and whitelist to revoke single key for TPM, our scheme shows only the root of the tree is stored inside the TPM and the remaining nodes are stored outside the TPM. The cost of the scheme has a logarithmic relationship with the number of keys managed by the tree, while the cost of the scheme based on blacklist and whitelist is linear to the number of revoked or unrevoked keys. Compared with the scheme that constructs a tree based on chameleon hash function to revoke single key for TPM, our scheme is simpler and reduces the calculation complexity. This paper builds a prototype system based on TPM2.0 simulator. Through testing, the system achieves the expected goal and has good practicability.