• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.985-991
• /
• 2015

The user's secret key can be retrieved by various side channel leakage informations occurred during the execution of cryptographic RSA exponentiation algorithm which is embedded on a security device. The collision-based power analysis attack known as a serious side channel threat can be accomplished by finding some collision pairs on a RSA power consumption trace. Recently, an RSA exponentiation algorithm was proposed as a countermeasure which is based on the window method adopted combination of message blinding and exponent splitting. In this paper, we show that this countermeasure provides approximately $2^{53}$ attack complexity, much lower than $2^{98}$ insisted in the original article, when the window size is two.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.477-489
• /
• 2014

Based on some flaws occurred for implementing a public key cryptosystem in the embedded security device, many side-channel attacks to extract the secret private key have been tried. In spite of the fact that the cryptographic exponentiation is basically composed of a sequence of multiplications and squarings, a new Square Always exponentiation algorithm was recently presented as a countermeasure against side-channel attacks based on trading multiplications for squarings. In this paper, we propose Known Power Collision Analysis and modified Doubling attacks to break the Right-to-Left Square Always exponentiation algorithm which is known resistant to the existing side-channel attacks. And we also present a Collision-based Combined Attack which is a combinational method of fault attack and power collision analysis. Furthermore, we verify that the Square Always algorithm is vulnerable to the proposed side-channel attacks using computer simulation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.1
• /
• pp.296-308
• /
• 2015

Advanced Encryption Standard (AES) is widely used for protecting wireless sensor network (WSN). At the Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2012, G$\acute{e}$rard et al. proposed an optimized collision attack and break a practical implementation of AES. However, the attack needs at least 256 averaged power traces and has a high computational complexity because of its byte wise operation. In this paper, we propose a novel double sieve collision attack based on bitwise collision detection, and an improved version with an error-tolerant mechanism. Practical attacks are successfully conducted on a software implementation of AES in a low-power chip which can be used in wireless sensor node. Simulation results show that our attack needs 90% less time than the work published by G$\acute{e}$rard et al. to reach a success rate of 0.9.

• Journal of Ocean Engineering and Technology
• /
• v.30 no.2
• /
• pp.109-116
• /
• 2016

A flexible concrete mattress (FCM) is a structural system for protecting submarine power or communication cables under various load types. To evaluate its of protection performance, a numerical analysis of an FCM under an anchor collision was performed. The explicit dynamics of the finite element analysis program ANSYS were used for the collision analysis. The influences of the steel reinforcement modeling and collision angle of the anchor on the collision behavior of the FCM were estimated. The FCM damage was evaluated based on the results of the numerical analysis considering the numerical modeling and collision environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.3
• /
• pp.1802-1819
• /
• 2017

Correlation-enhanced collision attack has been proposed by Moradi et al. for several years. However, in practical operations, this method costs lots of time on trace acquisition, storage and averaging due to its bytewise collision detection. In this paper, we propose a bitwise collision attack based on second-order distance model. In this method, only 9 average traces are enough to finish a collision attack. Furthermore, two candidate models are given in this study to distinguish collisions, and the corresponding practical experiments are also performed. The experimental results indicate that the operation time of our attack is only 8% of that of correlation-enhanced collision attack, when the two success rates are both above 0.9.

• Journal of Ocean Engineering and Technology
• /
• v.24 no.2
• /
• pp.25-33
• /
• 2010

Collision between vessels may lead to structural damage and penetration of hulls. The structural damage of a hull may eventually bring about global collapse of the hull girder and outflow of oil, which would contaminate seawater. Therefore, various regulations require the strength of a vessel after collision to satisfy given criteria, and owners usually request collision analyses to confirm the structural safety of their vessels. In the process of designing a vessel to satisfy the collision strength criteria, the strength has been assessed mostly by conducting collision analyses using numerical techniques, such as dynamic, non-linear, finite-element analysis. Design is an inherently iterative process during which many changes are necessary due to the endless needs for reinforcement and modification. Numerical techniques are not adequate for coping with a situation in which collision analysis is frequently required to provide the revised results that reflect the repetitive changes in designs. Numerical techniques require a lot of time and money to conduct in spite of recent improvements in computing power and in the productivity of modeling tools. Therefore, in this paper, an analytical technique is introduced and a collision problem is idealized and simplified using reasonable assumptions based on appropriate background. The technique was applied to an example of an actual FPSO and verified by comparing the results with results from the numerical technique. A good correlation was apparent between the results of the analytical and numerical techniques.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3046-3060
• /
• 2012

Low power listening (LPL) MAC protocols based on duty-cycling mechanism have been studied extensively to achieve ultra low energy consumption in wireless sensor networks (WSNs). Especially, recent ACK-based LPL schemes such as X-MAC employ strobe preambles and an early ACK, and show fair performances in communications and energy efficiencies. However, the state-of-the-art ACK-based LPL scheme still suffers from collision problems due to the protocol incompleteness. These collision effects are not trivial and make WSNs unstable, aggravate energy consumptions. In this paper, we propose two novel schemes; (i) ${\tau}$-duration CCA to mitigate the collision problem in ACK-based LPL MAC protocols. (ii) Short Preamble Counter (SPC) to conserve more energy by reducing unnecessary overhearing. We demonstrate the performance improvement of our scheme via a mathematical analysis and real-time experiments. Both analysis and experimental results confirm that our proposed scheme saves energy by up to 36% compared to the naive ACK-based LPL MAC protocol thanks to ${\tau}$-duration CCA and SPC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.335-344
• /
• 2016

It is known that power analysis is one of the most powerful attack in side channel analysis. Among power analysis single trace attack is widely studied recently since it uses one power consumption trace to recover secret key of public cryptosystem. Recently Sim et al. proposed new exponentiation algorithm for RSA cryptosystem with higher attack complexity to prevent single trace attack. In this paper we analyze the vulnerability of exponentiation algorithm described by Sim et al. Sim et al. applied message blinding and random exponentiation splitting method on $2^t-ary$ for higher attack complexity. However we can reveal private key using information exposed during pre-computation generation. Also we describe modified algorithm that provides higher attack complexity on collision attack. Proposed algorithm minimized the reuse of value that are used during exponentiation to provide security under single collision attack.

• Proceedings of the KSR Conference
• /
• 2003.05a
• /
• pp.686-693
• /
• 2003

An intensive study was conducted for crashworthiness structural design of recently developed Korean High Speed Train. Two nam design concepts are setup to protect the both crews and passengers from serious injury at heavy collision accidents, and to reduce damages of the train itself at light collision accidents. For occupant protection a collision against a movable 15 tons rigid obstacle at 110 kph and a train-to-train collision at 30 kph were selected as accident scenarios for the heavy collisions based on the train accident investigations. A train-to-train collision at 8 kph was used for the light collisions. The crashworthiness behaviors of KHST have been evaluated numerically using the finite element method. Also, one-dimensional collision analyses show good crashworthy responses in a full rake consist and 3-dimensional shell element analyses do in the front-end structures of the power car. Occupant analyses and sled tests demonstrated that KHST performs well enough to protect occupants under the considered accident scenarios.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1091-1102
• /
• 2014

The power analysis attack is a cryptanalytic technique to retrieve an user's secret key using the side-channel power leakage occurred during the execution of cryptographic algorithm embedded on a physical device. Especially, many power analysis attacks have targeted on an exponentiation algorithm which is composed of hundreds of squarings and multiplications and adopted in public key cryptosystem such as RSA. Recently, a new correlation power attack, which is tried when two modular multiplications have a same input, is proposed in order to recover secret key. In this paper, after reviewing the principle of side-channel attack based on input collisions in modular multiplications, we analyze the vulnerability of some exponentiation algorithms having regularity property. Furthermore, we present an improved exponentiation countermeasure to resist against the input collision-based CPA(Correlation Power Analysis) attack and existing side channel attacks and compare its security with other countermeasures.