PKI/Cryptography

๋ชฌํ…Œ ์นด๋ฅผ๋กœ ํ…Œ์ŠคํŠธ ( Monte Carlo Test )

JayKim๐Ÿ™‚ 2024. 9. 3. 13:07

Monte Carlo Test ๊ฒ€์‚ฌ๋Š” ๋Œ€์นญํ‚ค ์•”ํ˜ธ ๋˜๋Š” ํ•ด์‹œ ์•Œ๊ณ ๋ฆฌ์ฆ˜์˜ ์•ˆ์ „์„ฑ๊ณผ ๋ฌด์ž‘์œ„์„ฑ์„ ๊ฒ€์ฆํ•˜๊ธฐ ์œ„ํ•ด ์‚ฌ์šฉํ•˜๋Š” ํ†ต๊ณ„์  ๋ฐฉ๋ฒ• ์ค‘ ํ•˜๋‚˜์ž…๋‹ˆ๋‹ค. ๋Œ€์นญํ‚ค ์•”ํ˜ธ ์•Œ๊ณ ๋ฆฌ์ฆ˜์€ ๋™์ผํ•œ ํ‚ค๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ๋ฐ์ดํ„ฐ๋ฅผ ์•”ํ˜ธํ™”ํ•˜๊ณ  ๋ณตํ˜ธํ™”ํ•˜๋Š” ๋ฐฉ์‹์ธ๋ฐ, ์ด๋Ÿฌํ•œ ์•Œ๊ณ ๋ฆฌ์ฆ˜์˜ ๋ณด์•ˆ์„ฑ์„ ํ‰๊ฐ€ํ•˜๋Š” ์ค‘์š”ํ•œ ์ ˆ์ฐจ ์ค‘ ํ•˜๋‚˜๊ฐ€ Monte Carlo Test์ž…๋‹ˆ๋‹ค.

๋‹ค์Œ์€ ๋ชฌํ…Œ์นด๋ฅผ๋กœ ํ…Œ์ŠคํŠธ๋ฅผ ์œ„ํ•œ psedo ์ฝ”๋“œ์ด๋‹ค.

์ฐธ๊ณ  ์ž๋ฃŒ [Cipher] [Hash]

ํ•ด์‹œ ํ•จ์ˆ˜์˜ ๋ชฌํ…Œ ์นด๋ฅผ๋กœ๋Š” ๋‘๊ฐ€์ง€ ๋ฐฉ์‹์ด ์žˆ๋‹ค Standard ์™€ Alternate ๋ฐฉ์‹์ด๋‹ค.

SHA-1 and SHA-2 Standard Monte Carlo Test

For j = 0 to 99
    A = B = C = SEED
    For i = 0 to 999
        MSG = A || B || C
        MD = SHA(MSG)
        A = B
        B = C
        C = MD
    Output MD
    SEED = MD

SHA-1 and SHA-2 Alternate Monte Carlo Test:

INITIAL_SEED_LENGTH = LEN(SEED)
For j = 0 to 99
    A = B = C = SEED
    For i = 0 to 999
        MSG = A || B || C
        if LEN(MSG) >= INITIAL_SEED_LENGTH:
            MSG = leftmost INITIAL_SEED_LENGTH bits of MSG
        else:
            MSG = MSG || INITIAL_SEED_LENGTH - LEN(MSG) 0 bits
        MD = SHA(MSG)
        A = B
        B = C
        C = MD
    Output MD
    SEED = MD

๋Œ€์นญํ‚ค ์•”ํ˜ธํ™”์˜ ๋ชฌํ…Œ ์นด๋ฅผ๋กœ ๋ฐฉ์‹์€ ์šด์˜ ๋ชจ๋“œ๋งˆ๋‹ค ๊ฐ๊ฐ์˜ ๋ฐฉ์‹์ด์žˆ๋‹ค.
๊ทธ๋ฆฌ๊ณ  ์•”ํ˜ธํ™” / ๋ณตํ˜ธํ™” ๊ฐ๊ฐ์˜ ๋ฐฉ์‹์„ ์‚ฌ์šฉํ•˜๋‹ค.
์ฐธ๊ณ ๋กœ ๋ณตํ˜ธํ™” ๊ฒฝ์šฐ ์•”ํ˜ธํ™”์—์„œ PT->CT ๋กœ ๋Œ€์‘ ๋˜๋ฉฐ ์•”ํ˜ธํ™”->๋ณตํ˜ธํ™”๋ฅผ ๋Œ€์นญ๋œ๋‹ค๊ตฌ ๋ณด๋ฉด ๋œ๋‹ค.

AES Monte Carlo Test - ECB mode

Encrypt

Key[0] = KEY
PT[0] = PT
For i = 0 to 99
    Output Key[i]
    Output PT[0]
    For j = 0 to 999
        CT[j] = AES_ECB_ENCRYPT(Key[i], PT[j])
        PT[j+1] = CT[j]
    Output CT[j]
    AES_KEY_SHUFFLE(Key, CT)
    PT[0] = CT[j]

AES Monte Carlo Test - CBC mode

Encrypt

Key[0] = KEY
IV[0] = IV
PT[0] = PT
For i = 0 to 99
    Output Key[i]
    Output IV[i]
    Output PT[0]
    For j = 0 to 999
        If ( j=0 )
            CT[j] = AES_CBC_ENCRYPT(Key[i], IV[i], PT[j])
            PT[j+1] = IV[i]
        Else
            CT[j] = AES_CBC_ENCRYPT(Key[i], PT[j])
            PT[j+1] = CT[j-1]
    Output CT[j]
    AES_KEY_SHUFFLE(Key, CT)
    IV[i+1] = CT[j]
    PT[0] = CT[j-1]

AES Monte Carlo Test - OFB mode

Encrypt

Key[0] = Key
IV[0] = IV
PT[0] = PT
For i = 0 to 99
    Output Key[i]
    Output IV[i]
    Output PT[0]
    For j = 0 to 999
        If ( j=0 )
            CT[j] = AES_OFB_ENCRYPT(Key[i], IV[i], PT[j])
            PT[j+1] = IV[i]
        Else
            CT[j] = AES_OFB_ENCRYPT(Key[i], PT[j])
            PT[j+1] = CT[j-1]
    Output CT[j]
    AES_KEY_SHUFFLE(Key, CT)
    IV[i+1] = CT[j]
    PT[0] = CT[j-1]

AES Monte Carlo Test - CFB128 mode

Encrypt

Key[0] = Key
IV[0] = IV
PT[0] = PT
For i = 0 to 99
    Output Key[i]
    Output IV[i]
    Output PT[0]
    For j = 0 to 999
        If ( j=0 )
            CT[j] = AES_CFB128_ENCRYPT(Key[i], IV[i], PT[j])
            PT[j+1] = IV[i]
        Else
            CT[j] = AES_CFB128_ENCRYPT(Key[i], PT[j])
            PT[j+1] = CT[j-1]
    Output CT[j]
    AES_KEY_SHUFFLE(Key, CT)
    IV[i+1] = CT[j]
    PT[0] = CT[j-1]

๋งˆ๋ฌด๋ฆฌ

๋ชฌํ…Œ์นด๋ฅผ๋กœ ํ…Œ์ŠคํŠธ๋Š” ์•”ํ˜ธ ๋˜๋Š” ํ•ด์‹œ ํ•จ์ˆ˜์˜ ๊ตฌํ˜„์„ ๊ฒ€์ฆ ํ•˜๊ธฐ ์œ„ํ•ด ์‚ฌ์šฉ๋œ๋‹ค.
CMVP ๋˜๋Š” FIPS ์ธ์ฆ์„ ๋ฐ›๊ธฐ ์œ„ํ•ด์„œ๋Š” MCT ํ…Œ์ŠคํŠธ๋ฅผ ์š”๊ตฌ ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ํ•„์ˆ˜๋กœ ๊ตฌํ˜„์ด ํ•„์š”ํ•˜๋‹ค.