• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1099-1103
• /
• 2016

The user's secret key can be retrieved by the leakage informations of power consumption occurred during the execution of scalar multiplication for elliptic curve cryptographic algorithm which can be embedded on a security device. Recently, a carry random recoding method is proposed to prevent simple power and differential power analysis attack by recoding the secret key. In this paper, we show that this recoding method is still vulnerable to the differential power analysis attack due to the limitation of the size of carry bits, which is a different from the original claim.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.59-68
• /
• 2006

Although the cryptographic algorithms in IC chip such as smart card are secure against mathematical analysis attack, they are susceptible to side channel attacks in real implementation. In this paper, we analyze the security of smart card using a developed experimental tool which can perform power analysis attacks and fault insertion attacks. As a result, raw smart card implemented SEED and ARIA without any countermeasure is vulnerable against differential power analysis(DPA) attack. However, in fault attack about voltage and clock on RSA with CRT, the card is secure due to its physical countermeasures.

• The Journal of the Korea Contents Association
• /
• v.21 no.4
• /
• pp.262-277
• /
• 2021

In order to explore the power process, a hypothetical model which explains the interrelationships among 3 marital power(traditional, egalitarian, personal), 3 influence strategies(reward, coercion, emotional), and 2 negative conflict resolution styles(attack vs. avoidance) was developed. In order to examine the gender differences, male model and female model were developed separately and compared. Using the data collected from 182 males and 196 females, the hypothetical model was tested. For data analysis, SEM was used. As a result, 3 common paths were found: Greater use of emotional influence strategy increased attack as well as avoidance. Greater egalitarian power increased reward. Egalitalian power affected the use of coercion, but the direction was opposed: male's egalitarian power decreased coercion, while female's egalitarian power increased it. Except these, the analyses revealed the substantial differences between male and female. Based on the findings, the ways to reduce attack and avoidance, and theoretical implications were discussed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.27-35
• /
• 2009

Differential Power Analysis (DPA) based on the statistical characteristics of collected signals has been known as an efficient attack for uncovering secret key of crypto-systems. However, the attack performance of this method is affected very much by the temporal misalignment and the noise of collected side channel signals. In this paper, we propose a new method based on wavelet analysis to surmount the temporal misalignment and the noise problem simultaneously in DPA. The performance of the proposed method is then evaluated while analyzing the power consumption signals of Micro-controller chips during a DES operation. The experimental results show that our proposed method based on wavelet analysis requires only 25% traces compared with those of the previous preprocessing methods to uncover the secret key.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.47 no.1
• /
• pp.139-149
• /
• 2010

Random scalar countermeasures, which carry out the scalar multiplication by the ephemeral secret key, against the differential power analysis of ECIES and ECDH have been known to be secure against various power analyses. However, if an attacker can find this ephemeral key from the one power signal, these countermeasures can be analyzed. In this paper, we propose a new power attack method which can do this analysis. Proposed attack method can be accomplished while an attacker compares the elliptic curve doubling operations and we use the principle component analysis in order to ease this comparison. When we have actually carried out the proposed power analysis, we can perfectly eliminate the error of existing function for the comparison and find a private key from this elimination of the error.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.1
• /
• pp.64-72
• /
• 2013

Recently, stream cipher Rabbit was selected for the final eSTREAM portfolio organized by EU ECRYPT and as one of algorithm in part of ISO/IEC 18033-4 Stream Ciphers on ISO Security Standardization. However, a feasibility of practical power analysis attack to algorithm in experiment was introduced. Therefore, we propose appropriate methods such as random masking and hiding schemes to secure against power analysis attack on stream cipher Rabbit. We implement the proposed method with increment of 24% operating time and 12.3% memory requirements due to maintaining a high-speed performance. We use a 8-bit RISC AVR microprocessor (ATmegal128L chip) to implement our method for practical experiments, and verify that stream cipher Rabbit with our method is secure against power analysis attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.39-47
• /
• 2008

Among previous Side Channel Analysis (SCA) methods, Differential Power Analysis (DPA) based on the statistical characteristics of collected signals has been known as an efficient attack for uncovering secret key of cryptosystems. However, the attack performance of this method is affected very much by the temporal misalignment and noise of collected side channel signals. In this paper, we propose a new method to surmount the noise problem in DPA. The performance of the proposed method is then evaluated while analyzing the power consumption signals of Micro-controller chips during a DES operation. Its performance is then compared to that of the original DPA in the time and frequency domains. When we compare the experimental results with respect to the needed number of traces to uncover the secret key, our proposed method shows the performance enhancement 33% in the time domain and 50% in the frequency domain.

• Nuclear Engineering and Technology
• /
• v.45 no.5
• /
• pp.637-652
• /
• 2013

Instrumentation and control systems in nuclear power plants have been digitalized for the purpose of maintenance and precise operation. This digitalization, however, brings out issues related to cyber security. In the most recent past, international standard organizations, regulatory institutes, and research institutes have performed a number of studies addressing these systems cyber security.. In order to provide information helpful to the system designers in their application of cyber security for the systems, this paper presents methods and considerations to define attack vectors in a target system, to review and select the requirements in the Regulatory Guide 5.71, and to integrate the results to identify applicable technical security control requirements. In this study, attack vectors are analyzed through the vulnerability analyses and penetration tests with a simplified safety system, and the elements of critical digital assets acting as attack vectors are identified. Among the security control requirements listed in Appendices B and C to Regulatory Guide 5.71, those that should be implemented into the systems are selected and classified in groups of technical security control requirements using the results of the attack vector analysis. For the attack vector elements of critical digital assets, all the technical security control requirements are evaluated to determine whether they are applicable and effective, and considerations in this evaluation are also discussed. The technical security control requirements in three important categories of access control, monitoring and logging, and encryption are derived and grouped according to the elements of attack vectors as results for the sample safety system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.3
• /
• pp.1802-1819
• /
• 2017

Correlation-enhanced collision attack has been proposed by Moradi et al. for several years. However, in practical operations, this method costs lots of time on trace acquisition, storage and averaging due to its bytewise collision detection. In this paper, we propose a bitwise collision attack based on second-order distance model. In this method, only 9 average traces are enough to finish a collision attack. Furthermore, two candidate models are given in this study to distinguish collisions, and the corresponding practical experiments are also performed. The experimental results indicate that the operation time of our attack is only 8% of that of correlation-enhanced collision attack, when the two success rates are both above 0.9.