• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.21-34
• /
• 2002

In this paper we propos a new hardware architecture of modular exponentiation using a division chain method which has been proposed in (2). Modular exponentiation using the division chain is performed by receding an exponent E as a mixed form of multiplication and addition with divisors d=2 or $d=2^I +1$ and respective remainders r. This calculates the modular exponentiation in about $1.4log_2$E multiplications on average which is much less iterations than $2log_2$E of conventional Binary Method. We designed a linear systolic array multiplier with pipelining and used a horizontal projection on its data dependence graph. So, for k-bit key, two k-bit data frames can be inputted simultaneously and two modular multipliers, each consisting of k/2+3 PE(Processing Element)s, can operate in parallel to accomplish 100% throughput. We propose a new encoding scheme to represent divisors and remainders of the division chain to keep regularity of the data path. When it is synthesized to ASIC using Samsung 0.5 um CMOS standard cell library, the critical path delay is 4.24ns, and resulting performance is estimated to be abort 140 Kbps for a 1024-bit data frame at 200Mhz clock In decryption process, the speed can be enhanced to 560kbps by using CRT(Chinese Remainder Theorem). Futhermore, to satisfy real time requirements we can choose small public exponent E, such as 3,17 or $2^{16} +1$, in encryption and verification process. in which case the performance can reach 7.3Mbps.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.985-991
• /
• 2015

The user's secret key can be retrieved by various side channel leakage informations occurred during the execution of cryptographic RSA exponentiation algorithm which is embedded on a security device. The collision-based power analysis attack known as a serious side channel threat can be accomplished by finding some collision pairs on a RSA power consumption trace. Recently, an RSA exponentiation algorithm was proposed as a countermeasure which is based on the window method adopted combination of message blinding and exponent splitting. In this paper, we show that this countermeasure provides approximately $2^{53}$ attack complexity, much lower than $2^{98}$ insisted in the original article, when the window size is two.

• The KSFM Journal of Fluid Machinery
• /
• v.5 no.4 s.17
• /
• pp.54-60
• /
• 2002

Experimental study was conducted to obtain the air velocity profiles in turbulent pipe flow. The acrylic smooth pipe (${\phi}=80mm$) was used for the test section of the flow loop. It was known that the velocity profiles of turbulent flow were different with Reynolds numbers and the viscous sublayer was usually quite thin. The following conclusions were drawn from the experimental investigations. Maximum velocity of the pipe center and flow-rate are useful for the duct design on the spot. The velocity profiles of high Reynolds number was flatter than those of low Reynolds number. It was known that the exponent, n, for power-law velocity profiles was $6{\sim}9$ depending on Reynolds number ranging from $10^4$ to $10^5$ in the turbulent flow, However, in this experiment study, it was $9{\sim}14$ depending on Reynolds number ranging from 17,000 to 123,727 in the turbulent flow, and $1.7{\sim}3.5$ depending on Reynolds number ranging from 2,442 to 4,564 in the transition region.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.4
• /
• pp.223-230
• /
• 2006

The method of implementing a modular multiplier for Montgomery multiplication by using an adder depends on a selected adder. When using a CPA, there is a carry propagation problem. When using a CSA, it needs an additional calculation for a final result. The Multiplier using a Multi-precision CSA can solve both problems simultaneously by combining a CSA and a CPA. This paper presents an improved MP-CSA which reduces hardware resources and operation time by changing a MP-CSA's carry chain structure. Consequently, the proposed multiplier is more suitable for the module of long bit multiplication and exponentiation using a modular multiplier repeatedly.

• Fire Science and Engineering
• /
• v.10 no.3
• /
• pp.10-18
• /
• 1996

In foreign country such as USA and Japan, considerable research has been done regarding the spread of smoke in room of fire involvement by using computer. but, in our country it has not been, so, this paper presents a detailed qualitative description of phenomena which occure during typical fire scenarios through numberical analysis. The governing equations are solved by using FVM method with non-staggered grid. The SIMPLE method for pressure-velocity couple and power-law scheme for convention terms are used. It shows that a plume is formed, hot plume gases impinge on the ceiling and they spread across it. then, it eventually reaches the bounding walls of the enclosure. It takes 20s for smoke to fill the enclosure.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.15 no.12
• /
• pp.981-989
• /
• 1990

Thos paper summarized previously proposed several public key distribution systems and proposes a new public key distribution system to generate an common secret conference key for public key distribution systems three or more user. The now system is based on discrete exponentiation, that is all operations involve reduction modulo p for large prime p and we study some novel characteristics for computins multiplicative inverse in GF(p). We use one-way communication to distribute work keys, while the other uses two-way communication. The security of the new system is based on the difficulty of determining logarithms in a finite field GF(p) and stronger than Diffie-Hellman public key distribution system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.75-84
• /
• 2008

Recently, the straightforward CRT-RSA was shown to be broken by fault attacks through many experimental results. In this paper, we analyze the fault attacks against CRT-RSA and their countermeasures, and then propose a new fault infective method resistant to the various fault attacks on CRT-RSA. In our CRT-RSA algorithm, if an error is injected in exponentiation with modulo p or q, then the error is spreaded by fault infective computation in CRT recombination operation. Our countermeasure doesn't have extra error detection procedure based on decision tests and doesn't use public parameter such as e. Also, the computational cost is effective compared to the previous secure countermeasures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.11-20
• /
• 2002

In this paper, for many prime power q, it is shown that new cyclic relative difference sets with parameters (equation omitted) can be constructed by using d-homogeneous functions on $F_{q^{n}}${0} over $F_{q}$ with difference-balanced property, where $F_{q^{n} }$ is a finite field with $q^{n}$ elements. Several new cyclic relative difference sets with parameters (equation omitted) are constructed by using p-ary sequences of period $q^{n}$ -1 with ideal autocorrelation property introduced by Helleseth and Gong and d-form sequences.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.3
• /
• pp.135-140
• /
• 2010

The computation using Chinese Remainder Theorem in RSA cryptosystem is well suited in the digital signature or decryption processing due to its low computational load compared to the case of general RSA without CRT. Since the RSA-CRT algorithm is vulnerable to many fault insertion attacks, some countermeasures against them were proposed. Among several countermeasures, Yen et al. proposed two schemes based on fault propagation method. Unfortunately, a new vulnerability was founded in FDTC 2006 conference. To improve the original schemes, Kim et al. recently proposed a new countermeasure in which they adopt the AND operation for fault propagation. In this paper, we show that the proposed scheme using AND operation without checking procedure is also vulnerable to fault insertion attack with chosen messages.

• Proceedings of the Korean Society of Computational and Applied Mathematics Conference
• /
• 2003.09a
• /
• pp.11-11
• /
• 2003

오늘날 단일 슈퍼컴퓨터로는 처리가 불가능한 거대한 문제들의 해법이 시도되고 있는데, 이들은 지리적으로 분산된 슈퍼컴퓨터, 데이터베이스, 과학장비 및 디스플레이 장치 등을 초고속 통신망으로 연결한 GRID 환경에서 효과적으로 실행시킬 수 있다. GRID는 1990년대 중반 과학 및 공학용 분산 컴퓨팅의 연구 과정에서 등장한 것으로, 점차 응용분야가 넓어지고 있다. 그러나 GRID 같은 분산 환경은 기존의 단일 병렬 시스템과는 많은 점에서 다르며 이전의 기술들을 그대로 적용하기에는 무리가 있다. 기존 병렬 시스템에서는 주로 동기 알고리즘(synchronous algorithm)이 사용되는데, 직렬 연산과 같은 결과를 얻기 위해 동기화(synchronization)가 필요하며, 부하 균형이 필수적이다. 그러나 부하 균형은 이질 클러스터(heterogeneous cluster)처럼 프로세서들의 성능이 서로 다르거나, 지리적으로 분산된 계산자원을 사용하는 GRID 환경에서는 이기종의 문제뿐 아니라 네트워크를 통한 메시지의 전송 지연 등으로 유휴시간이 길어질 수밖에 없다. 이처럼 동기화의 필요성에 의한 연산의 지연을 해결하는 하나의 방안으로 비동기 반복법(asynchronous iteration)이 나왔으며, 지금도 활발히 연구되고 있다. 이는 알고리즘의 동기점을 가능한 한 제거함으로써 빠른 프로세서의 유휴 시간을 줄이는 것이 목적이다. 즉 비동기 알고리즘에서는, 각 프로세서는 다른 프로세서로부터 갱신된 데이터가 올 때까지 기다리지 않고 계속 다음 작업을 수행해 나간다. 따라서 동시에 갱신된 데이터를 교환한 후 다음 단계로 진행하는 동기 알고리즘에 비해, 미처 갱신되지 않은 데이터를 사용하는 경우가 많으므로 전체적으로는 연산량 대비의 수렴 속도는 느릴 수 있다 그러나 각 프로세서는 거의 유휴 시간이 없이 연산을 수행하므로 wall clock time은 동기 알고리즘보다 적게 걸리며, 때로는 50%까지 빠른 결과도 보고되고 있다 그러나 현재까지의 연구는 모두 어떤 수렴조건을 만족하는 선형 시스템의 해법에 국한되어 있으며 비교적 구현하기 쉬운 공유 메모리 시스템에서의 연구만 보고되어 있다. 본 연구에서는 행렬의 주요 고유쌍을 구하는 데 있어 비동기 반복법의 적용 가능성을 타진하기 위해 우선 이론적으로 단순한 멱승법을 사용하여 실험하였고 그 결과 순수한 비동기 반복법은 수렴하기 어렵다는 결론을 얻었다 그리하여 동기 알고리즘에 비동기적 요소를 추가한 혼합 병렬 알고리즘을 제안하고, MPI(Message Passing Interface)를 사용하여 수원대학교의 Hydra cluster에서 구현하였다. 그 결과 특정 노드의 성능이 다른 것에 비해 현저하게 떨어질 때 전체적인 알고리즘의 수렴 속도가 떨어지는 것을 상당히 완화할 수 있음이 밝혀졌다.