๋ชฌํ ์นด๋ฅผ๋ก ํ ์คํธ ( Monte Carlo Test )
Monte Carlo Test ๊ฒ์ฌ๋ ๋์นญํค ์ํธ ๋๋ ํด์ ์๊ณ ๋ฆฌ์ฆ์ ์์ ์ฑ๊ณผ ๋ฌด์์์ฑ์ ๊ฒ์ฆํ๊ธฐ ์ํด ์ฌ์ฉํ๋ ํต๊ณ์ ๋ฐฉ๋ฒ ์ค ํ๋์ ๋๋ค. ๋์นญํค ์ํธ ์๊ณ ๋ฆฌ์ฆ์ ๋์ผํ ํค๋ฅผ ์ฌ์ฉํ์ฌ ๋ฐ์ดํฐ๋ฅผ ์ํธํํ๊ณ ๋ณตํธํํ๋ ๋ฐฉ์์ธ๋ฐ, ์ด๋ฌํ ์๊ณ ๋ฆฌ์ฆ์ ๋ณด์์ฑ์ ํ๊ฐํ๋ ์ค์ํ ์ ์ฐจ ์ค ํ๋๊ฐ Monte Carlo Test์ ๋๋ค.
๋ค์์ ๋ชฌํ ์นด๋ฅผ๋ก ํ ์คํธ๋ฅผ ์ํ psedo ์ฝ๋์ด๋ค.
ํด์ ํจ์์ ๋ชฌํ ์นด๋ฅผ๋ก๋ ๋๊ฐ์ง ๋ฐฉ์์ด ์๋ค Standard ์ Alternate ๋ฐฉ์์ด๋ค.
SHA-1 and SHA-2 Standard Monte Carlo Test
For j = 0 to 99
A = B = C = SEED
For i = 0 to 999
MSG = A || B || C
MD = SHA(MSG)
A = B
B = C
C = MD
Output MD
SEED = MD
SHA-1 and SHA-2 Alternate Monte Carlo Test:
INITIAL_SEED_LENGTH = LEN(SEED)
For j = 0 to 99
A = B = C = SEED
For i = 0 to 999
MSG = A || B || C
if LEN(MSG) >= INITIAL_SEED_LENGTH:
MSG = leftmost INITIAL_SEED_LENGTH bits of MSG
else:
MSG = MSG || INITIAL_SEED_LENGTH - LEN(MSG) 0 bits
MD = SHA(MSG)
A = B
B = C
C = MD
Output MD
SEED = MD
๋์นญํค ์ํธํ์ ๋ชฌํ
์นด๋ฅผ๋ก ๋ฐฉ์์ ์ด์ ๋ชจ๋๋ง๋ค ๊ฐ๊ฐ์ ๋ฐฉ์์ด์๋ค.
๊ทธ๋ฆฌ๊ณ ์ํธํ / ๋ณตํธํ ๊ฐ๊ฐ์ ๋ฐฉ์์ ์ฌ์ฉํ๋ค.
์ฐธ๊ณ ๋ก ๋ณตํธํ ๊ฒฝ์ฐ ์ํธํ์์ PT->CT ๋ก ๋์ ๋๋ฉฐ ์ํธํ->๋ณตํธํ๋ฅผ ๋์นญ๋๋ค๊ตฌ ๋ณด๋ฉด ๋๋ค.
AES Monte Carlo Test - ECB mode
Encrypt
Key[0] = KEY
PT[0] = PT
For i = 0 to 99
Output Key[i]
Output PT[0]
For j = 0 to 999
CT[j] = AES_ECB_ENCRYPT(Key[i], PT[j])
PT[j+1] = CT[j]
Output CT[j]
AES_KEY_SHUFFLE(Key, CT)
PT[0] = CT[j]
AES Monte Carlo Test - CBC mode
Encrypt
Key[0] = KEY
IV[0] = IV
PT[0] = PT
For i = 0 to 99
Output Key[i]
Output IV[i]
Output PT[0]
For j = 0 to 999
If ( j=0 )
CT[j] = AES_CBC_ENCRYPT(Key[i], IV[i], PT[j])
PT[j+1] = IV[i]
Else
CT[j] = AES_CBC_ENCRYPT(Key[i], PT[j])
PT[j+1] = CT[j-1]
Output CT[j]
AES_KEY_SHUFFLE(Key, CT)
IV[i+1] = CT[j]
PT[0] = CT[j-1]
AES Monte Carlo Test - OFB mode
Encrypt
Key[0] = Key
IV[0] = IV
PT[0] = PT
For i = 0 to 99
Output Key[i]
Output IV[i]
Output PT[0]
For j = 0 to 999
If ( j=0 )
CT[j] = AES_OFB_ENCRYPT(Key[i], IV[i], PT[j])
PT[j+1] = IV[i]
Else
CT[j] = AES_OFB_ENCRYPT(Key[i], PT[j])
PT[j+1] = CT[j-1]
Output CT[j]
AES_KEY_SHUFFLE(Key, CT)
IV[i+1] = CT[j]
PT[0] = CT[j-1]
AES Monte Carlo Test - CFB128 mode
Encrypt
Key[0] = Key
IV[0] = IV
PT[0] = PT
For i = 0 to 99
Output Key[i]
Output IV[i]
Output PT[0]
For j = 0 to 999
If ( j=0 )
CT[j] = AES_CFB128_ENCRYPT(Key[i], IV[i], PT[j])
PT[j+1] = IV[i]
Else
CT[j] = AES_CFB128_ENCRYPT(Key[i], PT[j])
PT[j+1] = CT[j-1]
Output CT[j]
AES_KEY_SHUFFLE(Key, CT)
IV[i+1] = CT[j]
PT[0] = CT[j-1]
๋ง๋ฌด๋ฆฌ
๋ชฌํ
์นด๋ฅผ๋ก ํ
์คํธ๋ ์ํธ ๋๋ ํด์ ํจ์์ ๊ตฌํ์ ๊ฒ์ฆ ํ๊ธฐ ์ํด ์ฌ์ฉ๋๋ค.
CMVP ๋๋ FIPS ์ธ์ฆ์ ๋ฐ๊ธฐ ์ํด์๋ MCT ํ
์คํธ๋ฅผ ์๊ตฌ ํ๊ธฐ ๋๋ฌธ์ ํ์๋ก ๊ตฌํ์ด ํ์ํ๋ค.