• 정보보호학회논문지
• /
• 제30권5호
• /
• pp.795-803
• /
• 2020

본 논문에서는 SP 구조의 F-함수를 가진 4-브랜치 GFN-2 구조에 대한 기지키 구별 공격(Known-Key Distinguishing Attack) 및 부분 충돌 공격(Partial-Collision Attack)을 연구한다. 첫 번째로, 이 구조에 대해 기지키 구별 공격이 15 라운드까지 가능함이 밝혀진다. 두 번째로, 마지막 라운드에 셔플 연산이 있는 경우, 부분 충돌 공격이 14 라운드까지 가능함이 밝혀진다. 마지막으로, 마지막 라운드에 셔플 연산이 없는 경우, 부분 충돌 공격이 15 라운드까지 가능함이 밝혀진다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권9호
• /
• pp.4548-4559
• /
• 2018

Conditional differential attack against NFSR-based cryptosystems proposed by Knellwolf et al. in Asiacrypt 2010 has been widely used for analyzing round-reduced Grain v1. In this paper, we present improved conditional differential attacks on Grain v1 based on a factorization simplification method, which makes it possible to obtain the expressions of internal states in more rounds and analyze the expressions more precisely. Following a condition-imposing strategy that saves more IV bits, Sarkar's distinguishing attack on Grain v1 of 106 rounds is improved to a key recovery attack. Moreover, we show new distinguishing attack and key recovery attack on Grain v1 of 107 rounds with lower complexity O($2^{34}$) and appreciable theoretical success probability 93.7%. Most importantly, our attacks can practically recover key expressions with higher success probability than theoretical results.

• 정보보호학회논문지
• /
• 제14권3호
• /
• pp.75-84
• /
• 2004

이 논문에서는 블록 암호 알고리즘 GOST의 연관키 차분 공격에 대하여 설명한다. COST는 키 스케줄이 단순하여 연관키 차분 특성식이 발생하는데 이를 이용하여, 우선 랜덤 oracle로부터 GOST 블록 암호 알고리즘을 확률 1-2$^{-64}$ 로 써 구별하는 방법에 대하여 언급하고, 그 다음엔 각각 24-라운드와 6-라운드로 이루어진 두 개의 연관키 차분 특성식을 연접하여 30-라운드 차분 특성식을 꾸민 후 31-라운드 GOST의 마지막 라운드 키 32비트를 복구하는 공격방법에 대하여 설명한다. 또한, 전체 32-라운드 GOST의 마지막 32 라운드의 부분키 12 비트를 91.7%의 성공확률로 2$^{35}$ 의 선택평문과 2$^{36}$ 의 암호화 시간을 이용하여 복구할 수 있는 알고리즘에 대해서 서술한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권2호
• /
• pp.600-616
• /
• 2021

SIMON and SPECK are two families of lightweight block ciphers that have excellent performance on hardware and software platforms. At CRYPTO 2019, Gohr first introduces the differential cryptanalysis based deep learning on round-reduced SPECK32/64, and finally reduces the remaining security of 11-round SPECK32/64 to roughly 38 bits. In this paper, we are committed to evaluating the safety of SIMON cipher under the neural differential cryptanalysis. We firstly prove theoretically that SIMON is a non-Markov cipher, which means that the results based on conventional differential cryptanalysis may be inaccurate. Then we train a residual neural network to get the 7-, 8-, 9-round neural distinguishers for SIMON32/64. To prove the effectiveness for our distinguishers, we perform the distinguishing attack and key-recovery attack against 15-round SIMON32/64. The results show that the real ciphertexts can be distinguished from random ciphertexts with a probability close to 1 only by 2^8.7 chosen-plaintext pairs. For the key-recovery attack, the correct key was recovered with a success rate of 23%, and the data complexity and computation complexity are as low as 2⁸ and 2^20.1 respectively. All the results are better than the existing literature. Furthermore, we briefly discussed the effect of different residual network structures on the training results of neural distinguishers. It is hoped that our findings will provide some reference for future research.

• 정보보호학회논문지
• /
• 제20권4호
• /
• pp.25-30
• /
• 2010

블록 암호알고리즘 SEED 국내 TTA(정보통신기술협회)와 더불어 국제 ISO/IEC 표준으로 사용되고 있는 128비트 입출력을 갖는 국내에서 개발된 알고리즘이다. SEED 개발 이후 현재까지 알려진 가장 좋은 공격 방법은 2002년 Yanami 등이 제안한 차분 분석 방법이다. 이 공격 방법은 확률 $2^{-124}$의 6-라운드 차분 특성을 이용하여, 7-라운드 SEED를 $2^{127}$의 데이터 복잡도로 분석하였다. 본 논문에서는 확률 $2^{-110}$의 새로운 6-라운드 새로운 차분 특성을 제시하고, 이를 이용하여 7-라운드 SEED를 $2^{113}$의 데이터 복잡도로 공격할 수 있음을 보인다.

• 정보보호학회논문지
• /
• 제33권6호
• /
• pp.869-879
• /
• 2023

Sparkle은 NIST에서 최근까지 진행한 경량 암호 표준화 프로세스의 최종 후보 알고리즘 중 하나로서, 비선형 퍼뮤테이션이며, 인증 암호화 알고리즘 Schwaemm 및 해시함수 Esch의 핵심 구성 요소이다. 본 논문에서는 Sparkle의 두 버전 Sparkle384의 6 라운드와 Sparkle512의 7 라운드에 대해 특정한 형태의 입력 차분과 출력 차분을 제시하고, 그것을 만족시키는 입력쌍을 찾는 복잡도에 관한 공식을 제시한다. 또한, 같은 입출력 크기를 갖는 랜덤 퍼뮤테이션에 대한 동일 작업 보다 복잡도가 훨씬 낮을 가능성이 매우 크다는 것을 보인다. 그러므로, 이것들은 유효한 구별 공격이 된다. 공격되는 라운드 수(6과 7)는 실제 사용되는 라운드 수의 최소값(7과 8)과 매우 가깝다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권10호
• /
• pp.1783-1798
• /
• 2011

Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems, and some implementations for fingerprint have been reported to protect the stored fingerprint template by hiding the fingerprint features. In this paper, we implement the fuzzy fingerprint vault, combining fingerprint verification and fuzzy vault scheme to protect fingerprint templates. To implement the fuzzy fingerprint vault as a complete system, we have to consider several practical issues such as automatic fingerprint alignment, verification accuracy, execution time, error correcting code, etc. In addition, to protect the fuzzy fingerprint vault from the correlation attack, we propose an approach to insert chaffs in a structured way such that distinguishing the fingerprint minutiae and the chaff points obtained from two applications is computationally hard. Based on the experimental results, we confirm that the proposed approach provides higher security than inserting chaffs randomly without a significant degradation of the verification accuracy, and our implementation can be used for real applications.

• 대한기계학회:학술대회논문집
• /
• 대한기계학회 2003년도 춘계학술대회
• /
• pp.2151-2156
• /
• 2003

The distinguishing features of flows at high angles of attacks are caused by the generation of free shear layers at sharp leading edges, by separation of the viscous layers from the surfaces of wings and bodies and by the flow in the wakes of the wings and bodies. In this study, systematic approach by PIV experimental method within a circulating water channel was adopted to study the fundamental characteristics of induced vortex generation, development and its breakdown appearing on a delta wing model with or without LEX in terms of four angles of attack($15^{\circ}$, $20^{\circ}$, $25^{\circ}$, $30^{\circ}$) and six measuring sections(30%, 40%, 50%, 60%, 70%, 80%) of chord length. Distributions of time-averaged velocity vectors and vorticities over the delta wing model were compared along the chord length direction. Highly swept leading edge extension(LEX) applied to delta wings has greatly improved the subsonic maneuverability of contemporary fighters. High-speed CCD camera which made it possible to acquire serial images is able to get the detailed information about the flow characteristics occurred on the delta wing. Especially quantitative comparison of the maximum vorticity featuring the induced pressure distribution were also conducted to clarity the significance of the LEX existence.

• Journal of Yeungnam Medical Science
• /
• 제21권2호
• /
• pp.143-150
• /
• 2004

A thromboembolic stroke is believed to be precipitated by a rupture of vulnerable atheromatous plaques. Until recently the assessment of a further risk of stroke in high-risk patients in whom atherosclerosis has presented with a transient ischaemic attack (TIA), has been confined to a quantitative assessment of the luminal patency of the internal carotid artery. These traditional stratification parameters are no longer believed to be the most accurate predictors of a thrombo-embolism. This is because the process of vessel wall remodeling can maintain a luminal patency, and consequently, quite large friable plaques may remain unidentified. Accordingly, there is a need for an improved risk assessment. The fibrous cap of a vulnerable plaque is thinner, and an intraplaque hemorrhage and inflammation can occur during the development of atherosclerotic plaque. Several imaging methods for identifying vulnerable plaques have been developed. Recently, high resolution magnetic resonance (MR) imaging has emerged as an accurate non-invasive tool that can characterize the carotid plaque components in vivo. A High resolution carotid magnetic resonance is capable of distinguishing an intact, thick fibrous cap from a thin and ruptured cap in carotid plaque. In addition, a plaque MR can identify the active inflammation and detect a hemorrhage. High resolution carotid MR imaging is a valuable noninvasive method for quantifying the plaque components and identifying vulnerable plaque.

• Annals of Clinical Neurophysiology
• /
• 제9권1호
• /
• pp.1-4
• /
• 2007

Vertigo is an illusion of rotation, which results from an imbalance within the vestibular system. This review focuses on two common presentations of spontaneous vertigo: acute prolonged spontaneous vertigo and recurrent spontaneous vertigo. Common causes of acute prolonged spontaneous vertigo include vestibular neuritis, labyrinthitis, and brainstem or cerebellar stroke. The history and detailed neurological/neurotological examinations usually provide the key information for distinguishing between peripheral and central causes of vertigo. Brain MRI is indicated in any patient with acute vertigo accompanied by abnormal neurological signs, profound imbalance, severe headache, and central patterns of nystagmus. Recurrent spontaneous vertigo occurs when there is a sudden, temporary, and largely reversible impairment of resting neural activity of one labyrinth or its central connections, with subsequent recovery to normal or near-normal function. Meniere's disease, migrainous vertigo, and vertebrobasilar insufficiency (VBI) are common causes. The duration of the vertigo attack is a key piece of information in recurrent spontaneous vertigo. Vertigo of vascular origin, such as VBI, typically lasts for several minutes, whereas recurrent vertigo due to peripheral inner-ear abnormalities lasts for hours. Screening neurotological evaluations, and blood tests for autoimmune and otosyphilis are useful in assessment of recurrent spontaneous vertigo that are likely to be peripheral in origin.