• Title/Summary/Keyword: Attack time

Search Result 1,152, Processing Time 0.025 seconds

Improved Impossible Differential Attack on 7-round Reduced ARIA-256

  • Shen, Xuan;He, Jun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.11
    • /
    • pp.5773-5784
    • /
    • 2019
  • ARIA is an involutory SPN block cipher. Its block size is 128-bit and the master key sizes are 128/192/256-bit, respectively. Accordingly, they are called ARIA-128/192/256. As we all know, ARIA is a Korean Standard block cipher nowadays. This paper focuses on the security of ARIA against impossible differential attack. We firstly construct a new 4-round impossible differential of ARIA. Furthermore, based on this impossible differential, a new 7-round impossible differential attack on ARIA-256 is proposed in our paper. This attack needs 2118 chosen plaintexts and 2210 7-round encryptions. Comparing with the previous best result, we improve both the data complexity and time complexity. To our knowledge, it is the best impossible differential attack on ARIA-256 so far.

Quantum rebound attacks on reduced-round ARIA-based hash functions

  • Seungjun Baek;Jongsung Kim
    • ETRI Journal
    • /
    • v.45 no.3
    • /
    • pp.365-378
    • /
    • 2023
  • ARIA is a block cipher proposed by Kwon et al. at ICISC 2003 that is widely used as the national standard block cipher in the Republic of Korea. Herein, we identify some flaws in the quantum rebound attack on seven-round ARIA-DM proposed by Dou et al. and reveal that the limit of this attack is up to five rounds. Our revised attack applies to not only ARIA-DM but also ARIA-MMO and ARIA-MP among the PGV models, and it is valid for all ARIA key lengths. Furthermore, we present dedicated quantum rebound attacks on seven-round ARIA-Hirose and ARIA-MJH for the first time. These attacks are only valid for the 256-bit key length of ARIA because they are constructed using the degrees of freedom in the key schedule. All our attacks are faster than the generic quantum attack in the cost metric of the time-space tradeoff.

Modeling of time-varying stress in concrete under axial loading and sulfate attack

  • Yin, Guang-Ji;Zuo, Xiao-Bao;Tang, Yu-Juan;Ayinde, Olawale;Ding, Dong-Nan
    • Computers and Concrete
    • /
    • v.19 no.2
    • /
    • pp.143-152
    • /
    • 2017
  • This paper has numerically investigated the changes of loading-induced stress in concrete with the corrosion time in the sulfate-containing environment. Firstly, based on Fick's law and reaction kinetics, a diffusion-reaction equation of sulfate ion in concrete is proposed, and it is numerically solved to obtain the spatial and temporal distribution of sulfate ion concentration in concrete by the finite difference method. Secondly, by fitting the existed experimental data of concrete in sodium sulfate solutions, the chemical damage of concrete associated with sulfate ion concentration and corrosion time is quantitatively presented. Thirdly, depending on the plastic-damage mechanics, while considering the influence of sulfate attack on concrete properties, a simplified chemo-mechanical damage model, with stress-based plasticity and strain-driven damage, for concrete under axial loading and sulfate attack is determined by introducing the chemical damage degree. Finally, an axially compressed concrete prism immersed into the sodium sulfate solution is regarded as an object to investigate the time-varying stress in concrete subjected to the couplings of axial loading and sulfate attack.

An Empirical Comparison Study on Attack Detection Mechanisms Using Data Mining (데이터 마이닝을 이용한 공격 탐지 메커니즘의 실험적 비교 연구)

  • Kim, Mi-Hui;Oh, Ha-Young;Chae, Ki-Joon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.31 no.2C
    • /
    • pp.208-218
    • /
    • 2006
  • In this paper, we introduce the creation methods of attack detection model using data mining technologies that can classify the latest attack types, and can detect the modification of existing attacks as well as the novel attacks. Also, we evaluate comparatively these attack detection models in the view of detection accuracy and detection time. As the important factors for creating detection models, there are data, attribute, and detection algorithm. Thus, we used NetFlow data gathered at the real network, and KDD Cup 1999 data for the experiment in large quantities. And for attribute selection, we used a heuristic method and a theoretical method using decision tree algorithm. We evaluate comparatively detection models using a single supervised/unsupervised data mining approach and a combined supervised data mining approach. As a result, although a combined supervised data mining approach required more modeling time, it had better detection rate. All models using data mining techniques could detect the attacks within 1 second, thus these approaches could prove the real-time detection. Also, our experimental results for anomaly detection showed that our approaches provided the detection possibility for novel attack, and especially SOM model provided the additional information about existing attack that is similar to novel attack.

One Pass Identification processing Password-based

  • Park, Byung-Jun;Park, Jong-Min
    • Journal of information and communication convergence engineering
    • /
    • v.4 no.4
    • /
    • pp.166-169
    • /
    • 2006
  • Almost all network systems provide an authentication mechanism based on user ID and password. In such system, it is easy to obtain the user password using a sniffer program with illegal eavesdropping. The one-time password and challenge-response method are useful authentication schemes that protect the user passwords against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. In this paper, we present a new identification scheme: OPI(One Pass Identification). The security of OPI is based on the square root problem, and OPI is secure: against the well known attacks including pre-play attack, off-line dictionary attack and server comprise. A number of pass of OPI is one, and OPI processes the password and does not need the key. We think that OPI is excellent for the consuming time to verify the prover.

Fingerprint Template Protection Using One-Time Fuzzy Vault

  • Choi, Woo-Yong;Chung, Yong-Wha;Park, Jin-Won;Hong, Do-Won
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.11
    • /
    • pp.2221-2234
    • /
    • 2011
  • The fuzzy vault scheme has emerged as a promising solution to user privacy and fingerprint template security problems. Recently, however, the fuzzy vault scheme has been shown to be susceptible to a correlation attack. This paper proposes a novel scheme for one-time templates for fingerprint authentication based on the fuzzy vault scheme. As in one-time passwords, the suggested method changes templates after each completion of authentication, and thus the compromised templates cannot be reused. Furthermore, a huge number of chaff minutiae can be added by expanding the size of the fingerprint image. Therefore, the proposed method can protect a user's fingerprint minutiae against the correlation attack. In our experiments, the proposed approach can improve the security level of a typical approach against brute-force attack by the factor of $10^{34}$.

Real-Time Detection of Cache Side-Channel Attacks Using Non-Cache Hardware Events (비 캐시 하드웨어 이벤트를 이용한 캐시 부채널 공격 실시간 탐지)

  • Kim, Hodong;Hur, Junbeom
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.6
    • /
    • pp.1255-1261
    • /
    • 2020
  • Cache side-channel attack is a class of attacks to retrieve sensitive information from a system by exploiting shared cache resources in CPUs. As the attacks are delivered to wide range of environments from mobile systems to cloud systems recently, many detection strategies have been proposed. Since the conventional cache side-channel attacks are likely to incur tremendous number of cache events, most of the previous detection mechanisms were designed to carefully monitor mostly cache events. However, recently proposed attacks tend to incur less cache events during the attack. PRIME+ABORT attack, for example, leverages the Intel TSX instead of accessing cache to measure access time. Because of the characteristic, attack detection mechanisms based on cache events may hardly detect the attack. In this paper, we conduct an in-depth analysis of the PRIME+ABORT attack to identify the other useful hardware events for detection rather than cache events. Based on our finding, we present a novel mechanism called PRIME+ABORT Detector to detect the PRIME+ABORT attack and demonstrate that the detection mechanism can achieve 99.5% success rates with 0.3% performance overhead.

A Study on the Tank-Attack Helicopter Duel

  • 최석철
    • Journal of the military operations research society of Korea
    • /
    • v.23 no.1
    • /
    • pp.25-46
    • /
    • 1997
  • In this paper, we consider a tow-person zero-sum game in which an attack helicopter with a missile wishes to destroy a tank. The tank has much small-caliber ammunition for protection itself from the attack helicopter. And the attack helicopter possesses a missile for attacking the tank. We develop models for the behavior of the attack helicopter, in terms of missile launch time, and of the tank, in terms of ammunition firing rate, in several situations. In particular, we examine the Weiss-Gillman model.

  • PDF

An Attack Graph Model for Dynamic Network Environment (동적 네트워크 환경에 적용 가능한 Attack Graph 모델 연구)

  • Moon, Joo Yeon;Kim, Taekyu;Kim, Insung;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.2
    • /
    • pp.485-500
    • /
    • 2018
  • As the size of the system and network environment grows and the network structure and the system configuration change frequently, network administrators have difficulty managing the status manually and identifying real-time changes. In this paper, we suggest a system that scans dynamic network information in real time, scores vulnerability of network devices, generates all potential attack paths, and visualizes them using attack graph. We implemented the proposed algorithm based attack graph; and we demonstrated that it can be applicable in MTD concept based defense system by simulating on dynamic virtual network environment with SDN.

DDoS Attack Detection using SNMPGET (SNMPGET을 이용한 DDoS 공격 탐지)

  • 박한상;유대성;오창석
    • Proceedings of the Korea Contents Association Conference
    • /
    • 2004.05a
    • /
    • pp.278-282
    • /
    • 2004
  • Recently traffic flooding attack has happened faster and faster owing to expansion of the worm attack and development of the method of traffic flooding attack. The method in the past time is problematic in detecting the recent traffic flooding attacks, which are running quickly. Therefore, this paper aims to establish the algorithm which reduces the time of detection to traffic flooding attack in collecting and analyzing traffics.

  • PDF