• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.169-172
• /
• 2020

비프로파일링 부채널 분석은 프로파일링 장비가 없는 환경에서 부채널 정보를 이용해 비밀정보를 분석하는 방법이다. 기존에 알려진 Timon의 비프로파일링 분석은 학습 데이터 집합만을 이용해 공격하므로 전력 파형의 수가 제한된다면 과적합이 발생하여 키 분석 성능이 떨어질 수 있다. 본 논문에서는 비프로파일링 환경에서의 딥러닝 기반 부채널 분석 성능을 향상시키기 위해 학습 데이터 집합과 독립적인 검증 데이터 집합을 활용해야 하는 실증적 근거를 제시한다. 이에 대한 실험으로 기존 기법과 제시한 기법의 성능을 비교해 봤을 때, 검증 데이터를 활용하면 더 적은 데이터로 비밀키 추출이 가능함을 보인다.

• Proceedings of the IEEK Conference
• /
• 2004.06b
• /
• pp.521-524
• /
• 2004

For implementation of Cryptographic algorithms, security against implementation attacks such as side-channel attacks as well as the speed and the size of the circuit is important. Power Analysis attacks are powerful techniques of side-channel attacks to exploit secret information of crypto-processors. In this thesis the FPGA implementation of versatile elliptic crypto-processor is described. Explain the analysis of power consumption of ALTERA FPGA(FLEX10KE) that is used in our hand made board. Conclusively this thesis presents clear proof that implementations of Elliptic Curve Crypto-systems are vulnerable to Differential Power Analysis attacks as well as Simple Power Analysis attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.169-177
• /
• 2003

We establish the security requirements and derive a generic condition of elliptic curve scalar multiplication to resist against DPA and Goubin’s attack. Also we show that if a scalar multiplication algorithm satisfies our generic condition, then both attacks are infeasible. Showing that the randomized signed scalar multiplication using Ha-Moon's receding algorithm satisfies the generic condition, we recommend the randomized signed scalar multiplication using Ha-Moon's receding algorithm to be protective against both attacks. Also we newly design a random recoding method to Prevent two attacks. Finally, in efficiency comparison, it is shown that the recommended method is a bit faster than Izu-Takagi’s method which uses Montgomery-ladder without computing y-coordinate combined with randomized projective coordinates and base point blinding or isogeny method. Moreover. Izu-Takagi’s method uses additional storage, but it is not the case of ours.

• Smart Media Journal
• /
• v.13 no.5
• /
• pp.19-25
• /
• 2024

The biggest type of behavior that prevents people with developmental disabilities from entering society is aggressive behavior. Aggressive behavior can pose a threat not only to the personal safety of the person with a developmental disability, but also to the physical safety of others. In this study, we propose a wearable system using a low-power processor. The proposed system uses an IMU (Inertial Measurement Unit) to analyze user behavior, and when attack behavior is not detected for a certain period of time through an LED array attached to the developed system, an interesting LED is displayed. By expressing patterns, we provide behavioral intervention through compensation to people with developmental disabilities. In order to implement a system that must be worn for a long time in a power-limited environment, we present a method to optimize performance and energy consumption across all stages, from data preprocessing to AI model application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1045-1057
• /
• 2022

Recently, the National Institute of Standards and Technology (NIST) announced four cryptographic algorithms as a standard candidates of Post-Quantum Cryptography (PQC). In this paper, we show that private key can be exposed by a non-profiling-based power analysis attack such as Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) on CRYSTALS-KYBER algorithm, which is decided as a standard in the PKE/KEM field. As a result of experiments, it was successful in recovering the linear polynomial coefficient of the private key. Furthermore, the private key can be sufficiently recovered with a 13.0 Normalized Maximum Margin (NMM) value when Hamming Weight of intermediate values is used as a label in DDLA. In addition, these non-profiling attacks can be prevented by applying countermeasures that randomly divides the ciphertext during the decryption process and randomizes the starting point of the coefficient-wise multiplication operation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.7 no.1
• /
• pp.52-56
• /
• 2006

This paper presents a cross-eye characteristics of multi-path wave scattering. Cross-eye method uses the phase differences of multi signals and is used fur electronic protection. When a signal is propagated from transmitter to receiver on the ground surface, direct wave and reflected wave signals are combined in front of the receiving antenna with different phases. To calculate and control the amplitude and phase of reflected signal, we have developed a cross eye electronic protection method for radar system and studied the variation of electric power density.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.101-110
• /
• 2011

A smart grid networks delivers electricity from suppliers to consumers using digital technology with two-way communications to control appliances at consumers' homes to save energy, reduce cost and increase reliability and transparency. Security is critically important for smart grid networks that are usually used for the electric power network and IT environments that are opened to attacks, such as, eavesdroping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for smart grid networks. ZigBee is used for low data rate and low power wireless network applications. To deploy smart grid networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.175-185
• /
• 2019

The security control is to protect IT system from cyber infringement by deriving valid result values in the process of gathering and analyzing various information. Currently, security control is very effective by using SIEM equipment which enables analysis of systematic and comprehensive viewpoint based on a lot of data, away from analyzing cyber threat information with only fragmentary information. However, It can also be said that cyber attacks are analyzed and coped with the manual work of security personnel. This means that even if there is excellent security equipment, the results will vary depending on the user using. In case of operating a characteristic web service including information provision, This study suggests the basic point of security control through characteristics information analysis, and proposes a model for intensive security control through the type discovery and application which enable a step-wise analysis and an effective filtering. Using this model would effectively detect, analyze and block attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.7
• /
• pp.1704-1712
• /
• 2014

The unused Worst-Case Execution Time (WCET) allocated to a real-time task occurs when the actual execution time of the task can be far less than the WCET preassigned to the task for a schedulability test. Any unused WCET allocated to the task can be exploited to reduce the power consumption of battery-powered sensor nodes through real-time power-aware scheduling techniques. From the distribution perspective of the unused WCET, the unused WCET distribution policy is classified into three types: Conservative Unused WCET (CU-WCET), Moderate Unused WCET (MU-WCET), and Aggressive Unused WCET (AU-WCET) distribution policies. We evaluated the performance of real-time power-aware scheduling techniques incorporating each of three unused WCET distribution policies in terms of low power consumption.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.189-192
• /
• 2021

5G와 사물인터넷(IoT) 시대에 데이터의 크로스컴퓨팅은 연구, 의료, 금융, 민생 분야 등에 더 많은 지원을 할 수 있고 프라이버시 안전성이 중요해지고 있다. SMPC (Secure Multi-party Computation)은 서로 믿지 않는 참여자 간의 프라이버시 보호 시너지 컴퓨팅 문제를 해결하고, 데이터 수요자에게 원본 데이터를 누설하지 않는 범위 하에서의 다자간 컴퓨팅 능력을 제공한다. IoT 장치는 전력 소모와 지연에 제한을 받기 때문에 대부분의 장치가 여전히 경량화 보안 메커니즘에 속하고 IoT에서 트래픽의 데이터 통합관리가 어렵기 때문에 통신 중 신원인식과 데이터를 주고받는 단계에서 프라이버시 유출의 문제가 발생할 수 있고 심지어 DDOS공격, RelayAttack공격 등 사이버의 목적이 될 수도 있다. 본 논문에서 IoT 네트워크 데이터 통신 특징을 분석하고 동형 암호에 기반의 SMPC 연산 아키텍처를 제안한다. 제안하는 이키텍처에서 동형 암호를 사용함으로써 장치 데이터의 안전을 보장하는 동시에 전체 네트워크 안전성도 확보한다. SMPC 및 동형암호 기술의 지속적 발전에 따라 제안하는 아키텍처가 계속 개선할 잠재력이 있다.