• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1207-1216
• /
• 2020

Since the server system in the cloud environments can simultaneously operate multiple OS and commonly share the memory space between users, an adversary can recover some secret information using cache side-channel attacks. In this paper, the Flush+Reload attack, a kind of cache side-channel attacks, is applied to the optimized precomputation table implementation of Korea block cipher standard ARIA. As an experimental result of attack on ARIA-128 implemented in Ubuntu environment, we show that the adversary can extract the 16 bytes last round key through Flush+Reload attack. Furthermore, the master key of ARIA can be revealed from last and first round key used in an encryption processing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1059-1070
• /
• 2018

The block cipher Zorro is designed to reduce the implementation cost for side-channel countermeasure. It has a structure similar to AES, but the number of S-Boxes used is small. However, since the master key is used as the round key, it can be vulnerable to related key attacks. In this paper, we show key recovery attacks on Zorro using related-key differential characteristics. In addition, the related key differential characteristics are fatal when Zorro is used as the base block cipher of the hash function. In this paper, we describe how these characteristics can be linked to collision attacks in the PGV models.

• The KIPS Transactions:PartC
• /
• v.16C no.4
• /
• pp.439-448
• /
• 2009

The development of wireless communications provides mobility and accessibility to the wire communication users. Wireless sensor network is one of the leading wireless communication techniques. The security mechanism for wired network communication cannot be applied to wireless sensor network because of the limited resource and computing capability of nodes. Furthermore, communication errors frequently occur and the speed is low. Thus, efficient key management scheme is required in low-speed environment. In this paper, we proposed an efficient and secured master key-based scheme compared to the existing scheme. The advantage of our scheme is that establishing and renewing the pair-wise key is possible. In addition, it provides functions such as establishing group keys and renewing it. Furthermore, adding nodes is enabled through our scheme. The master key-based scheme can be applied to military operations and to radio communications for confidential communications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.12B
• /
• pp.750-757
• /
• 2007

This paper analyzes spam threats and proposes key exchange scheme for user authentication and SDP encryption to protect potential spam threats in SIP-based VoIP services. The existing HTTP digest authentication scheme exchanges many message because challenge is sent for every establishment of the session and doesn't provide a confidentiality of SDP. To protect SPIT, our scheme exchanges initial nonce and a session master key for authentication and SDP encryption during registration. In our scheme, the challenge and response procedure is not necessary and the communication overhead is much less than applying S/MIME or TLS.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.339-340
• /
• 2018

본 논문에서는 경량 블록암호 알고리듬 TWINE의 하드웨어 설계에 대해 기술한다. TWINE은 80-비트 또는 128-비트의 마스터키를 사용하여 64-비트의 평문(암호문)을 암호(복호)하여 64-비트의 암호문(평문)을 만드는 대칭키 블록암호이며, s-box와 XOR만 사용하므로 경량 하드웨어 구현에 적합하다는 특징을 갖는다. 암호화 연산과 복호화 연산의 하드웨어 공유를 통해 게이트 수가 최소화 되도록 구현하였으며, 설계된 TWINE 크립토 코어는 RTL 시뮬레이션을 통해 기능을 검증하였다.

• Proceedings of the KAIS Fall Conference
• /
• 2011.05a
• /
• pp.45-48
• /
• 2011

본 논문에서는 RFID 보다 뛰어난 보안 서비스를 제공하는 NFC의 세 가지 운영모드인 Reader/Writer 모드, Card Emulation 모드, Peer-to-Peer 모드를 살펴보고, NFC 보안 기술인 NFC-SEC에서 제공하는 Key Agreement, Key Confirmation, SSE, SCH를 분석한다. 접속 과정의 경량화를 위해서 마스터 키를 갱신하여 유지하는 프로토콜을 제안하고, 제안 프로토콜을 분석 및 평가한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.427-438
• /
• 2012

The SCADA(Supervisory Control and Data Acquisition) systems are used to control some critical national infrastructures such as electricity, gas, and water distribution systems. Recently, there are many researches on key management scheme for secure communication due to change to the open network environment. We propose a new key management method which is established on ID-based cryptosystem using pairing on MTU(Master Terminal Unit), Sub-MTU, and RTU(Remote Terminal Unit). Furthermore, we present a redistribution protocol of private key of each device and a system recovery protocol as a countermeasure of exposure of KMS(Key Management System) master key which is occurred by some unexpected accidents or malicious attacks.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.715-718
• /
• 2006

e-seal은 RFID 기술을 사용하여 원격에서 자동으로 봉인상태를 확인할 수 있는 컨테이너 봉인 장치를 말한다. RFID의 특징상 반도체 칩에 기록된 정보를 제 삼자가 쉽게 판독 및 변조할 수 있다는 취약점이 있는 실정이다. ISO에서는 RFID의 취약점을 보안하기 위한 표준작업(ISO 18185)을 진행 중이다. 이 중, ISO 18185-4는 e-seal에 저장되는 자료나 리더와의 RF통신에서 데이터 보호를 위한 표준이며, 관련된 연구로는 Active-RFID 인증 프로토콜과 ISO 18185-4를 위한 보고서로 제출된 보안 프로토콜 등이 있다. 제안된 e-seal 보안 프로토콜을 적용하기 위해서는 e-seal과 리더 간의 데이터를 암/복호화 키를 Pseudorandom Function(PRF)을 이용하여 마스터 키로부터 MTK(Mutual Transient Key)를 유도하고, MTK를 암/복호화 키로 사용해야 할 필요가 있다. 본 논문에서는 현재 보안 프로토콜에서 사용되고 있는 PRF에 대해 살펴보고, e-seal 환경에서 PRF를 소프트웨어로 구현하였다. 구현 결과 해시 함수를 기반으로 하는 PFR보다 암호화 알고리즘 AES를 기반으로 하는 PRF이 더 좋은 성능을 보였으며, 블록 암호화 알고리즘인 AES-128을 어셈블리어로 구현함으로써 PRF를 최적화하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.888-894
• /
• 2015

This paper describes an efficient hardware design of Lightweight Encryption Algorithm (LEA) developed by National Security Research Institute(NSRI). The LEA crypto-processor supports for master key of 128-bit. To achieve small-area and low-power implementation, an efficient hardware sharing is employed, which shares hardware resources for encryption and decryption in round transformation block and key scheduler. The designed LEA crypto-processor was verified by FPGA implementation. The LEA core synthesized with Xilinx ISE has 1,498 slice elements, and the estimated throughput is 216.24 Mbps with 135.15 MHz.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.9
• /
• pp.57-64
• /
• 2012

The existing protocols proposed in network mobility (NEMO) environment can require many computational costs and can bring about a delay of binding update. To solve these problems, in this paper we propose an authentication protocol supporting secure seamless handover in NEMO environment. The proposed protocol can handle quickly mutual authentication between a mobile router (MR) and an access router (AR), which uses group key among ARs and a master key (MK) issuing from key issuing server (KIS) for reducing the time of binding update as much as possible. In performance, the proposed protocol can process quickly binding update with little computational cost comparison with the existing binding update protocols and it results in robustness against existing attacks.