• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1059-1068
• /
• 2022

A Post-Quantum Cryptographic algorithm NTRU, which is designed by considering the computational power of quantum computers, satisfies the mathematically security level. However, it should consider the characteristics of side-channel attacks such as power analysis attacks in hardware implementation. In this paper, we verify that the private key can be recovered by analyzing the power signal generated during the decryption process of NTRU. To recover the private keys, the Simple Power Analysis (SPA), Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) were all applicable. There is a shuffling technique as a basic countermeasure to counter such a power side-channel attack. Neverthe less, we propose a more effective method. The proposed method can prevent CPA and DDLA attacks by preventing leakage of power information for multiplication operations by only performing addition after accumulating each coefficient, rather than performing accumulation after multiplication for each index.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.33-43
• /
• 2023

The National Institute of Standards and Technology (NIST), which is working on the Post-Quantum Cryptography (PQC) standardization project, announced four algorithms that have been finalized for standardization. In this paper, we demonstrate through experiments that private keys can be exposed by Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) attacks on polynomial coefficient-wise multiplication algorithms that operate in the process of generating signatures using CRYSTALS-Dilithium algorithm. As a result of the experiment on ARM-Cortex-M4, we succeeded in recovering the private key coefficient using CPA or DDLA attacks. In particular, when StandardScaler preprocessing and continuous wavelet transform applied power traces were used in the DDLA attack, the minimum number of power traces required for attacks is reduced and the Normalized Maximum Margines (NMM) value increased by about 3 times. Conseqently, the proposed methods significantly improves the attack performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.527-536
• /
• 2020

It has been found that an attacker can extract the secret key embedded in a security device and recover the operation instruction using power consumption traces which are some kind of side channel information. Many profiling-based side channel attacks based on a deep learning model such as MLP(Multi-Layer Perceptron) method are recently researched. In this paper, we implemented a disassembler for operation instruction set used in the micro-controller AVR XMEGA128-D4. After measuring the template traces on each instruction, we automatically made the pre-processing process and classified the operation instruction set using a deep learning model CNN. As an experimental result, we showed that all instructions are classified with 87.5% accuracy and some core instructions used frequently in device operation are with 99.6% respectively.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06d
• /
• pp.308-310
• /
• 2012

최근 무선 센서 네트워크 환경에서 대용량 멀티미디어 데이터에 대한 요구가 증가하면서 통신 대역폭 및 한정적인 에너지의 한계를 극복하기 위한 대안으로 데이터 분할 및 다중 경로 기법들이 제안되었다. 기존 기법들은 데이터 전송 시에 발생하는 부하의 분산을 통해 네트워크의 성능을 향상시킬 수 있다는 것을 증명하였지만, 데이터의 효율적인 분할과 악의적인 공격에 의한 보안성 문제에 대해서 고려하지 않았다. 이러한 문제점을 해결하기 위해 본 논문에서는 비트평면 분할 기반의 보안성 있는 비-중첩 다중경로 라우팅 기법을 제안한다. 제안하는 기법은 멀티미디어 데이터를 비트평면 단위로 분할하여 다중 경로로 전송함으로써 기존의 키 기반의 암호화 기법을 사용하지 않고도 전체 네트워크에 대한 보안성을 향상 시켰다. 또한 경로 상 노드들의 잔여 에너지를 고려하여 데이터 전송을 수행함으로써 전체 네트워크의 에너지 효율성을 향상시켰다. 성능평가 결과, 제안하는 기법은 기존 기법에 비해 노드의 생존율이 평균 50% 이상 향상되었고, 데이터가 노출되더라도 해당 패킷을 가지고 본래 이미지를 복구하는 것이 불가능하기 때문에 높은 보안성을 제공한다.

• Journal of Advanced Navigation Technology
• /
• v.16 no.5
• /
• pp.871-878
• /
• 2012

LBlock is a 64-bit ultra-light block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose a differential fault analysis on LBlock. Based on a random nibble fault model, our attack can recover the secret key of LBlock by using the exhaustive search of $2^{25}$ and five random nibble fault injection on average. It can be simulated on a general PC within a few seconds. This result is superior to known differential fault analytic result on LBlock.

• Journal of Advanced Navigation Technology
• /
• v.19 no.1
• /
• pp.48-52
• /
• 2015

In this paper, we propose a differential fault analysis on SSB having same structure in encryption and decryption proposed in 2011. The target algorithm was designed using advanced encryption standard and has advantage about hardware implementations. The differential fault analysis is one of side channel attacks, combination of the fault injection attacks with the differential cryptanalysis. Because SSB is suitable for hardware, it must be secure for the differential fault analysis. However, using proposed differential fault attack in this paper, we can recover the 128 bit secret key of SSB through only one random byte fault injection and an exhausted search of $2^8$. This is the first cryptanalytic result on SSB having same structure in encryption and decryption.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.3
• /
• pp.105-108
• /
• 2015

In this paper, we propose a differential fault analysis on symmetric SPN block cipher with bitslice involution S-box in 2011. The target block cipher was designed using AES block cipher and has advantage about restricted hardware and software environment using the same structure in encryption and decryption. Therefore, the target block cipher must be secure for the side-channel attacks. However, to recover the 128-bit secret key of the targer block cipher, this attack requires only one random byte fault and an exhausted search of $2^8$. This is the first known cryptanalytic result on the target block cipher.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.271-288
• /
• 2010

In this paper, we study the dysfunctions of cryptography as dual-use goods and national domestic encryption control policies like key recovery system and decryption order. And we examine risks of the breach of the peoples' constitutional rights like the right to privacy in these policies and analyze these policies by applying the principle of the ban on the over-restriction. Finally, we propose the direction and requirements of our national domestic encryption control policy that maintains the balance of peoples' constitutional rights and investigatory powers.

• JOURNAL OF ELECTRICAL WORLD
• /
• s.286
• /
• pp.64-69
• /
• 2000

20세기에 있어서의 비약하는 산업계의 주축으로서 철강시장은 급속히 확대되었고 그와 더불어 신기술의 개발과 도입에서도 선도적 역할을 다하여 왔다. 특히 이 4반세기는 반도체기술의 진보와 함께 컴퓨터, 플랜트 컨트롤러, 드라이브 시스템 등 전기제품은 비약적인 진화를 이루어 왔다. 현재는 중국$\cdot$아시아$\cdot$남미를 중심으로 철강제품의 수요가 증가하여 설비투자도 확대되고 있다. 그러나 북미$\cdot$유럽$\cdot$일본에서는 생산능력과 수요와의 사이에 수급공백이 있어 이전과 같은 시장만큼의 신장은 기대할 수 없는 실정이다. 이와 같은 상황하에서 철강유저의 투자목적을 합리화$\cdot$성력화$\cdot$제품품질의 향상에 두고 있어, 미쓰비시전기는 ''경쟁력 있는 제품을 만들기와 총투자코스트의 최소화''를 서포트하는 제철플랜트용 전기제품의 제공을 지향하여, 그림에 표시하는 것과 같은 4개의 어프로치로 이에 대응하고 있다. 고품질화와 자동화에 대하여는 종래의 품질제어를 능가하는 초안정화 시스템의 적용, 프로세스의 이상 검지와 자동복구에 의한 완전 노터치 오퍼레이션의 실현, 인텔리전트 센서에 의한 프로세스의 가시화로 오퍼레이터가 최종판단을 용이하고 정확하게 할 수 있는 환경을 제공한다. 고효율화$\cdot$에너지 사용합리화에 대하여는 고역률 전원을 추구하여 고효율 드라이브장치와 모터를 제공한다. 글로벌 스탠더드화에의 대응으로서는 네트워크의 오픈화에 의한 멀티벤더 환경, 범용 하드웨어에 의한 오픈 HMI(Human Machine Interface)을 제공하고 있다. 플랜트의 신속한 가동과 리모트 메인터넌스 환경을 실현하기 위하여 플랜트 시뮬레이션 시험의 실시로 공장출하 품질의 향상을 도모한다. 또한 연구센터로부터의 원격감시와 트러블해석 서포트를 쉽게 할 수가 있다. 나아가 최근에는 급격한 기세로 신장되어 온 멀티미디어 기술, 인터넷 기술, 인트라넷 기술, 모바일단말, 화상압축기술 등에 의하여 원격집중감시, 현장과 중앙 쌍방향 협조보수작업, 버추얼 리얼리티 응용시스템이 현실화 되고있는 실정이다. 이들 IT(Information Technology)솔류션은 금후의 제철플랜트의 시스템을 크게 바꾸어 나가는 것은 물론 사업 경쟁력 강화의 키 테크놀로지가 될 것이다. 앞으로 미쓰비시전기는 제철플랜트에 대하여 유저니즈를 IT 솔루션으로 전개, 제공해 나가고자 한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.7
• /
• pp.1237-1245
• /
• 2006

This paper presented a hardware implementation of ARIA, which is a Korean standard l28-bit block cryptography algorithm. In this work, ARIA was designed technology-independently for application such as ASIC or core-based designs. ARIA algorithm was fitted in FPGA without additional components of hardware or software. It was confirmed that the rate of resource usage is about 19% in Altera EPXAl0F1020CI and the resulting design operates stably in a clock frequency of 36.35MHz, whose encryption/decryption rate was 310.3Mbps. Consequently, the proposed hardware implementation of ARIA is expected to have a lot of application fields which need high speed process such as electronic commerce, mobile communication, network security and the fields requiring lots of data storing where many users need processing large amount of data simultaneously.