• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1291-1300
• /
• 2020

Recently, a deep learning-based non-profiling side-channel analysis was proposed. The deep learning-based non-profiling analysis is a technique that trains a neural network model for all guessed keys and then finds the correct secret key through the difference in the training metrics. As the performance of non-profiling analysis varies greatly depending on the neural network training model design, a correct model design criterion is required. This paper describes the two types of loss functions and eight labeling methods used in the training model design. It predicts the analysis performance of each labeling method in terms of non-profiling analysis and power consumption model. Considering the characteristics of non-profiling analysis and the HW (Hamming Weight) power consumption model is assumed, we predict that the learning model applying the HW label without One-hot encoding and the Correlation Optimization (CO) loss will have the best analysis performance. And we performed actual analysis on three data sets that are Subbytes operation part of AES-128 1 round. We verified our prediction by non-profiling analyzing two data sets with a total 16 of MLP-based model, which we describe.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.923-941
• /
• 2017

A side-channel attack is a method of attacking a cipher based on physical information of a cryptographic device. The masking method, which is a typical method overcoming this attack, is a method of calculating an arbitrary masking value at the round intermediate value through rounds. Thus, it is difficult to guess the intermediate value by the side-channel attack, but if the masking operation is applied to all rounds of the encryption algorithm, the encryption process may become overloaded. Therefore, it is practical to use a reduced-round masking technique that applies a masking technique to only a part of the cipher for lightweight equipment such as Internet of Things(IoT) and wearable devices. In this paper, we describe a Hamming weight filtering for SIMON family with reduced-round masking technique and it is shown that first round key recovery is possible through actual programming.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.3
• /
• pp.605-614
• /
• 2012

Nowadays u-healthcare which is very sensitive to the character of user's information among other ubiquitous computing field is popular in medical field. u-healthcare deals extremely personal information including personal health/medical information so it is exposed to various weaknees and threats in the part of security and privacy. In this paper, RFID based patient's information protecting protocol that prevents to damage the information using his or her mobile unit illegally by others is proposed. The protocol separates the authority of hospital(doctor, nurse, pharmacy) to access to patient's information by level of access authority of hospital which is registered to management server and makes the hospital do the minimum task. Specially, the management server which plays the role of gateway makes access permission key periodically not to be accessed by others about unauthorized information except authorized information and improves patient's certification and management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1443-1454
• /
• 2016

Balanced encoding method that implement Dual-rail logic style based on hardware technique to software is efficient countermeasure against side-channel analysis without additional memory. Since balanced encoding keep Hamming weight and/or Hamming distance of intermediate values constantly, using this method can be effective as countermeasure against side channel analysis due to elimination of intermediate values having HW and/or HD relating to secret key. However, former studies were presented for Constant XOR operation, which can only be applied to crypto algorithm that can be constructed XOR operation, such as PRINCE. Therefore, our first proposal of new Constant ADD, Shift operations can be applied to various symmetric crypto algorithms based on ARX. Moreover, we did not used look-up table to obtain efficiency in memory usage. Also, we confirmed security of proposed Constant operations with Mutual Information Analysis.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.6
• /
• pp.33-41
• /
• 2018

The idea of the Internet of Things as a platform on the Smart Campus has become increasingly popular. It requires an infrastructure consisting of communication networks, sensor nodes and gateways to connect to the Internet. Each sensor node is responsible for gathering data from the environment. This document outlines a network of wireless sensors on the Internet for the application of Smart Campus monitoring. Wireless sensor network Monitoring have become a complete solution to using a low power implementation and integrated systems. The numerous restrictions however result from the low communication range, the limited computing power, the lack of availability of the network protocol, the lack of programming security and the security failures in the areas of confidentiality, integrity and availability. A new security technique and its functionality for WSNM nodes developed. Development in the research of a secure network and suggestions for avoiding denial of service (DOS) and complexity attacks. These systems if properly implemented can provide an energy efficiency mechanism through pre-allocation and a new key from key management models with a secure routine algorithm.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.439-446
• /
• 2019

In this paper, we propose a encryption method using C-MLCA and 1D CAT to secure medical image for efficiently. First, we generate a state transition matrix using a Wolfram rule and create a sequence of maximum length. By operating the complemented vector, it converts an existing sequence to a more complex sequence. Then, we multiply the two sequences by rows and columns to generate C-MLCA basis images of the original image size and go through a XOR operation. Finally, we will get the encrypted image to operate the 1D CAT basis function created by setting the gateway values and the image which is calculated by transform coefficients. By comparing the encrypted image with the original image, we evaluate to analyze the histogram and PSNR. Also, by analyzing NPCR and key space, we confirmed that the proposed encryption method has a high level of stability and security.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.3
• /
• pp.419-426
• /
• 2021

A high-performance elliptic curve cryptography processor (HP-ECCP) was designed to support five field sizes of 192, 224, 256, 384 and 521 bits over GF(p) defined in NIST FIPS 186-2, and it provides eight modes of arithmetic operations including ECPSM, ECPA, ECPD, MA, MS, MM, MI and MD. In order to make the HP-ECCP resistant to side-channel attacks, a modified left-to-right binary algorithm was used, in which point addition and point doubling operations are uniformly performed regardless of the Hamming weight of private key used for ECPSM. In addition, Karatsuba-Ofman multiplication algorithm (KOMA), Lazy reduction and Nikhilam division algorithms were adopted for designing high-performance modular multiplier that is the core arithmetic block for elliptic curve point operations. The HP-ECCP synthesized using a 180-nm CMOS cell library occupied 620,846 gate equivalents with a clock frequency of 67 MHz, and it was evaluated that an ECPSM with a field size of 256 bits can be computed 2,200 times per second.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.6C
• /
• pp.648-658
• /
• 2003

As the usage of image/video contents increase, a security problem for the payed image data or the ones requiring confidentiality is raised. This paper proposed an image encryption methodology to hide the image information. The target data of it is the result from quantization in wavelet domain. This method encrypts only part of the image data rather than the whole data of the original image, in which three types of data selection methodologies were involved. First, by using the fact that the wavelet transform decomposes the original image into frequency sub-bands, only some of the frequency sub-bands were included in encryption to make the resulting image unrecognizable. In the data to represent each pixel, only MSBs were taken for encryption. Finally, pixels to be encrypted in a specific sub-band were selected randomly by using LFSR(Linear Feedback Shift Register). Part of the key for encryption was used for the seed value of LFSR and in selecting the parallel output bits of the LFSR for random selection so that the strength of encryption algorithm increased. The experiments have been performed with the proposed methods implemented in software for about 500 images, from which the result showed that only about 1/1000 amount of data to the original image can obtain the encryption effect not to recognize the original image. Consequently, we are sure that the proposed are efficient image encryption methods to acquire the high encryption effect with small amount of encryption. Also, in this paper, several encryption scheme according to the selection of the sub-bands and the number of bits from LFSR outputs for pixel selection have been proposed, and it has been shown that there exits a relation of trade-off between the execution time and the effect of the encryption. It means that the proposed methods can be selectively used according to the application areas. Also, because the proposed methods are performed in the application layer, they are expected to be a good solution for the end-to-end security problem, which is appearing as one of the important problems in the networks with both wired and wireless sections.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• Journal of Korea Multimedia Society
• /
• v.16 no.3
• /
• pp.318-329
• /
• 2013

This paper proposes a DNA watermarking method for the privacy protection and the prevention of illegal copy. The proposed method allocates codons to random circular angles by using random mapping table and selects triplet codons for embedding target with the help of the Lipschitz regularity value of local modulus maxima of codon circular angles. Then the watermark is embedded into circular angles of triplet codons without changing the codes of amino acids in a DNA. The length and location of target triplet codons depend on the random mapping table for 64 codons that includes start and stop codons. This table is used as the watermark key and can be applied on any codon sequence regardless of the length of sequence. If this table is unknown, it is very difficult to detect the length and location of them for extracting the watermark. We evaluated our method and DNA-crypt watermarking of Heider method on the condition of similar capacity. From evaluation results, we verified that our method has lower base changing rate than DNA-crypt and has lower bit error rate on point mutation and insertions/deletions than DNA-crypt. Furthermore, we verified that the entropy of random mapping table and the locaton of triplet codons is high, meaning that the watermark security has high level.