• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권3호
• /
• pp.509-521
• /
• 2013

Impossible Differential Cryptanalysis (IDC) uses impossible differentials to discard wrong subkeys for the first or the last several rounds of block ciphers. Thus, the security of a block cipher against IDC can be evaluated by impossible differentials. This paper studies impossible differentials for Rijndael-like and 3D-like ciphers, we introduce methods to find 4-round impossible differentials of Rijndael-like ciphers and 6-round impossible differentials of 3D-like ciphers. Using our methods, various new impossible differentials of Rijndael and 3D could be searched out.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권4호
• /
• pp.1944-1956
• /
• 2016

The Digital Video Broadcasting-Common Scrambling Algorithm is an ETSI-designated algorithm designed for protecting MPEG-2 signal streams, and it is universally used. Its structure is a typical hybrid symmetric cipher which contains stream part and block part within a symmetric cipher, although the entropy is 64 bits, there haven't any effective cryptanalytic results up to now. This paper studies the security level of CSA against impossible differential cryptanalysis, a 20-round impossible differential for the block cipher part is proposed and a flaw in the cipher structure is revealed. When we attack the block cipher part alone, to recover 16 bits of the initial key, the data complexity of the attack is O(2^44.5), computational complexity is O(2^22.7) and memory complexity is O(2^10.5) when we attack CSA-BC reduced to 21 rounds. According to the structure flaw, an attack on CSA with block cipher part reduced to 21 rounds is proposed, the computational complexity is O(2^21.7), data complexity is O(2^43.5) and memory complexity is O(2^10.5), we can recover 8 bits of the key accordingly. Taking both the block cipher part and stream cipher part of CSA into consideration, it is currently the best result on CSA which is accessible as far as we know.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권11호
• /
• pp.5717-5730
• /
• 2019

LBlock-s is the core block cipher of authentication encryption algorithm LAC, which uses the same structure of LBlock and an improved key schedule algorithm with better diffusion property. Using the differential properties of the key schedule algorithm and the cryptanalytic technique which combines impossible boomerang attacks with related-key attacks, a 15-round related-key impossible boomerang distinguisher is constructed for the first time. Based on the distinguisher, an attack on 22-round LBlock-s is proposed by adding 4 rounds on the top and 3 rounds at the bottom. The time complexity is about only 2^68.76 22-round encryptions and the data complexity is about 2⁵⁸ chosen plaintexts. Compared with published cryptanalysis results on LBlock-s, there has been a sharp decrease in time complexity and an ideal data complexity.

• 정보보호학회논문지
• /
• 제14권3호
• /
• pp.107-115
• /
• 2004

SHACAL-2는 국제 표준 해쉬 알고리즘 SHA-2의 압축 함수에 기반을 둔 최대 512 비트 키 크기를 가지는 256 비트 블록 암호이다. 최근에 SHACAL-2는 NESSIE 프로젝트의 256 비트 블록 암호에 선정되었으며. 현재까지 SHACAL-2의 안전성에 대한 문제점은 제기되지 않았다. 본 논문에서는 불능 차분 공격에 대한 SHACAL-2의 안전성을 논의한다. 본 논문은 두 가지 형태의 14 라운드 불능 차분 특성을 구성한다. 이를 이용하여 512 비트 키를 사용하는 30 라운드 SHACAL-2의 공격을 소개한다. 공격 결과를 요약하면 744개의 선택 평문을 가지고 2$^{495.1}$ 30 라운드 SHACAL-2 암호화 과정의 시간 복잡도로 전수 조사 과정보다 빠른 30 라운드 SHACAL-2의 공격이 가능하다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권10호
• /
• pp.3624-3637
• /
• 2014

At SAC 2004, Junod and Vaudenay designed the FOX family based on the Lai-Massey scheme. They noted that it was impossible to find any useful differential characteristic or linear trail after 8 rounds of FOX64 or FOX128. In this paper, we provide the lower bound of differentially active S-boxes in consecutive rounds of the Lai-Massey scheme that has SPS as its F-function, and we propose the necessary conditions for the reachability of the lower bound. We demonstrate that similar results can be obtained with respect to the lower bound of linearly active S-boxes by proving the duality in the Lai-Massey scheme. Finally, we apply these results to FOX64 and FOX128 and prove that it is impossible to find any useful differential characteristics or linear trail after 6 rounds of FOX64. We provide a more precise security bound for FOX128.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 1989년도 한국자동제어학술회의논문집; Seoul, Korea; 27-28 Oct. 1989
• /
• pp.943-946
• /
• 1989

The channel irregularity of Successive Approximation ADC is very large in comparison with other type of ADCs. This characteristic makes it impossible to apply the Successive Approximation ADC to the field of radiation pulse height analysis or the measurement of probability density function. In this paper, an analysis of differential non-linearity of this ADC-is presented. It is made clear that the small deviation of resistance causes very large differential non-linearity.

• Journal of Mechanical Science and Technology
• /
• 제19권spc1호
• /
• pp.364-370
• /
• 2005

A stable walking pattern generation method for a biped robot is presented in this paper. In general, the ZMP (zero moment point) equations, which are expressed as differential equations, are solved to obtain a stable walking pattern. However, the number of differential equations is less than that of unknown coordinates in the ZMP equations. It is impossible to integrate the ZMP equations directly since one or more constraint equations are involved in the ZMP equations. To overcome this difficulty, DAE (differential and algebraic equation) solution method is employed. The proposed method has enough flexibility for various kinematic structures. Walking simulation for a virtual biped robot is performed to demonstrate the effectiveness and validity of the proposed method. The method can be applied to the biped robot for stable walking pattern generation.

• 대한화학회지
• /
• 제17권2호
• /
• pp.122-125
• /
• 1973

시차열곡선에서 Pyrolusite $({\beta}-MnO_2)$의 결정 전이의 흡열 Peak를 이용하여 분석 화학적인 재현성을 검토한 결과 Pyrolusite의 량이 50mg∼450mg까지는 정량적이었다. ${\alpha}-MnO_2$는 흡열 Peak가 중첩되어 파의 분리가 불가능하였으며, ${\gamma}-MnO_2$(전해이산화망간)와 ${\delta}-MnO_2$는 오차 범위 ${\pm}5{\%}{\sim}{\pm}10{\%}$이내에서 조제시료중 Pyrolusite만을 정량할 수 있다.

• 한국구조물진단유지관리공학회 논문집
• /
• 제24권1호
• /
• pp.133-141
• /
• 2020

한국시설안전공단에서는 '시설물의 안전관리에 관한 특별법'에 따라 철근콘크리트 구조물의 안전점검 및 정밀안전진단을 실시하도록 제시하고 있다. 그러나 한국시설안전공단 안전점검 및 정밀안전진단 세부지침의 평가방법에서는 평가결과를 등급으로 제시하기 때문에 구조물의 잔존수명을 알 수 없으며 부등침하가 구조물의 잔존수명에 미치는 영향을 반영하지 못한다. 따라서, 이 연구에서는 부등침하의 영향이 반영된 구조물의 잔존수명 평가모델을 제시하고자 하였다. 부등침하와 각 변위의 상관관계를 나타내는 기존의 연구를 바탕으로 부재의 공칭강도에 부등침하의 영향을 반영시키기 위한 식을 제시하였으며, 실제 철근콘크리트 구조물의 현장데이터를 활용하여 부등침하가 구조물의 잔존수명에 미치는 영향을 분석하였다.

• 정보보호학회논문지
• /
• 제34권4호
• /
• pp.569-575
• /
• 2024

64비트 블록암호 IIoTBC는 산업용 IoT 기기의 보안을 목적으로 설계된 암호 알고리즘으로써 128비트의 비밀키를 사용한다. IIoTBC는 IoT에 사용되는 MCU 크기가 8비트인지 16비트인지에 따라 암호화 방식이 달라진다. 본 논문에서는 MCU의 크기가 8비트인 경우 IIoTBC에 대한 차분공격을 다룬다. IIoTBC의 14-라운드의 차분특성을 이용하여 전체 32-라운드 중 15-라운드를 공격한다. 이때 필요한 선택평문과 암호화 연산은 각각 2⁵⁷과 2^122.4이다. 본 논문에서 제시한 차분특성은 기존 13-라운드 불능차분 특성보다 긴 라운드를 가지며, 이를 이용한 공격은 IIoTBC에 대한 첫 키복구 공격 결과이다.