• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제18권6A호
• /
• pp.17-25
• /
• 2008

The differential power attack (DPA)[8] is a very powerful side-channel attack tool against various cryptosystems and the masking method[10] is known to be one of its algorithmic countermeasures. But it is non-trivial to apply the masking method to non-linear functions, especially, to arithmetic adders. This paper proposes simple and efficient masking methods applicable to arithmetic adders. For this purpose, we use the fact that every combinational logic circuit (including the adders) can be decomposed into basic logic gates (AND, OR, NAND, NOR, XOR, XNOR, NOT) and try to devise efficient masking circuits for these basic gates. The resulting circuits are then applied to the arithmetic adders to get their masking algorithm. As applications, we applied the proposed masking methods to SEED and SHA-1 in hardware.

• Proceedings of the Korea Information Processing Society Conference
• /
• 한국정보처리학회 2001년도 추계학술발표논문집 (하)
• /
• pp.903-906
• /
• 2001

2000년 T.S.Messerges는 데이터와 키의 이원가산 연산에서 해밍 무게에 기초한 차분 전력 분석 기술을 제안하였다. 본 논문에서는 T.S.Messerges의 분석 기술이 데이터와 키의 덧셈 mod $2^N$ 연산에 대해서도 확대 적용한 수 있음을 제안하고 이에 대한 시뮬레이션 절과를 제시한다. 데이터와 키의 이원 가산 연산은 Twofish와 같은 암호 알고리즘에서 사용되고 있으며 덧셈 mod $2^N$ 연산은 IDEA와 같은 암호 알고리즘에서 사용되고 있다. 따라서 본 논문에서 제안한 전력 분석 적용기술을 이용할 경우 IDEA의 키 128비트 중 덧셈 mod $2^N$ 연산에 들어가는 키 32비트를 분석해 낼 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제30권1호
• /
• pp.39-49
• /
• 2020

In this paper, we show that the Chinese standard block cipher SM4 is vulnerable to the side channel attacks and present a countermeasure to resist them. We firstly validate that the secret key of SM4 can be recovered by differential power analysis(DPA) and correlation power analysis(CPA) attacks. Therefore we analyze the vulnerable element caused by power attack and propose a first order masking-based countermeasure to defeat DPA and CPA attacks. Although the proposed countermeasure unfortunately is still vulnerable to the profiling power attacks such as deep learning-based multi layer perceptron(MLP), it can sufficiently overcome the non-profiling attacks such as DPA and CPA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제18권1호
• /
• pp.31-39
• /
• 2008

The development of next-generation resident registration cards, financial IC cards and administrative agency IC cards based on a smart card is currently coming out in Korea. However, the low-price IC cards without countermeasures against side channel analysis attacks are expected to be used fer cost reduction. This paper has investigated the side channel resistance of financial IC cards that are currently in use and have performed DPA attacks on the financial IC cards. We have been able to perform successful DPA attacks on these cards by using only 100 power measurement traces. From our experiment results, we have been able to extract the master key used for encryption of a count PIN number.

• Environmental and Resource Economics Review
• /
• 제21권3호
• /
• pp.573-593
• /
• 2012

The paper examined the relationship between total and sector level electricity consumptions and economic growth in Korea for the period of 1980-2009. The results of unit-roots and cointegration tests show that all variables-real GDP, total, primary, manufacture, and service sector electricity consumptions-were not stationary and there were no linear combinations in the long run between electricity consumptions and economic growth. Thus, by using standard Granger-causality test we found that total, primary, and manufacture sector electricity consumptions were Granger-caused by economic growth, not vice versa. This means that causality runs from economic growth to each electricity consumption. However, there is no causal relationship between service sector electricity consumption and economic growth. These results imply that the government policies aimed at reducing electricity consumptions and increasing energy efficiency etc. can be feasible without deterring economic growth in Korea.

• The Journal of the Korea Contents Association
• /
• 제20권1호
• /
• pp.356-363
• /
• 2020

As a becoming era of Internet-of-Things, various devices are connected via wire or wirless networks. Although every day life is more convenient, security problems are also increasing such as privacy, information leak, denial of services. Since ECC, a kind of public key cryptosystem, has a smaller key size compared to RSA, it is widely used for environmentally constrained devices. The key of ECC in constrained devices can be exposed to power analysis attacks during scalar multiplication operation. In this paper, a key-randomization method is suggested for scalar multiplication on SECG parameters. It is against differential power analysis and has operational efficiency. In order to increase of operational efficiency, the proposed method uses the property 2^lP=∓cP where the constant c is small compared to the order n of SECG parameters and n=2^l±c. The number of operation for the Coron's key-randomization scalar multiplication algorithm is 21, but the number of operation for the proposed method in this paper is (3/2)l. It has efficiency about 25% compared to the Coron's method using full random numbers.

• Proceedings of the Korea Information Processing Society Conference
• /
• 한국정보처리학회 2013년도 춘계학술발표대회
• /
• pp.671-674
• /
• 2013

단순전력분석(Simple Power Analysis, SPA)은 적은 수의 평문으로 암호 알고리즘에 대한 패턴 뿐만 아니라 비밀키의 정보를 찾는 전력 분석(Power Analysis)의 방법 중 하나이다. SPA의 장점은 차분전력분석(Differential Power Analysis, DPA) 또는 상관전력분석(Correlation Power Analysis, CPA)보다 적은 계산량으로 비밀키 분석을 할 수 있고, DPA 또는 CPA 분석을 하기 위해 필요한 분석위치 탐지에 효율적으로 활용이 되어 진다는 것이다. 하지만 최근 SPA 분석 성능을 저하시키기 위해 클락 노이즈, 전력 노이즈, 딜레이 노이즈 등 다양한 방법들이 제안되어지고 있다. 본 논문에서는 다양한 노이즈가 있는 환경에서 아날로그 수신기를 활용하여 특정 주파수 영역을 필터링한 후 노이즈를 제거하는 방법을 소개한다. 실험을 통해, 아날로그 수신기를 사용하였을 경우에 사용하지 않았을 경우보다 뚜렷한 대칭키 암호의 라운드 함수가 구분되어지며, 라운드 내 함수 구분도 가능함을 보인다. 이는 DPA 또는 CPA를 이용하여 분석을 수행하고자 할 때 분석 위치를 결정하데 아주 유용하게 활용되어지며, 분석 성능향상에도 기여할 것으로 기대되어진다.

• Journal of Internet of Things and Convergence
• /
• 제6권2호
• /
• pp.25-29
• /
• 2020

The elliptic curve crypto-algorithm is widely used in authentication for IoT environment, since it has small key size and low communication overhead compare to the RSA public key algorithm. If the scalar multiplication, a core operation of the elliptic curve crypto-algorithm, is not implemented securely, attackers can find the secret key to use simple power analysis or differential power analysis. In this paper, an elliptic curve scalar multiplication algorithm using a randomized scalar and an elliptic curve point blinding is suggested. It is resistant to power analysis but does not significantly reduce efficiency. Given a random r and an elliptic curve random point R, the elliptic scalar multiplication kP = u(P+R)-vR is calculated by using the regular variant Shamir's double ladder algorithm, where l+20-bit u≡rn+k(modn) and v≡rn-k(modn) using 2^lP=∓cP for the case of the order n=2^l±c.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제15권1호
• /
• pp.99-107
• /
• 2005

ARIA is a 128-bit block cipher having 128-bit, 192-bit, or 256-bit key length. The cipher is a substitution and permutation encryption network (SPN) and uses an involutional binary matrix. This structure was efficiently developed into light weight environments or hardware implementations. This paper shows that a careless implementation of an ARIA on smartcards is vulnerable to a differential power analysis attack This attack is realistic because we can measure power consumption signals at two kinds of S-boxes and two types of substitution layers. By using the two round key, we extracted the master key (MK).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국정보통신학회 2014년도 춘계학술대회
• /
• pp.221-223
• /
• 2014

Power analysis attack on cryptographic hardware device aims to study the power consumption while performing operations using secrets keys. Power analysis is a form of side channel attack which allow an attacker to compute the key encryption from algorithm using Simple Power Analysis (SPA), Differential Power Analysis (DPA) or Correlation Power Analysis (CPA). The theoretical weaknesses in algorithms or leaked informations from physical implementation of a cryptosystem are usually used to break the system. This paper describes how power analysis work and we provide an overview of countermeasures against power analysis attacks.