• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.62-68
• /
• 2008

Remote user authentication scheme is a cryptographic tool which permits a server to identify a remote user. In 2007, Wang et al. pointed out that Ku's remote user authentication scheme is vulnerable to a dictionary attack by obtaining some secret information in a smart card using side channel attacks. They also proposed a remote user authentication scheme which is secure against dictionary attack. In this paper, we analyze the protocol proposed by Wang et al. In the paper, it is claimed that the protocol is secure even though some values, which is stored in a smart card, are revealed to an adversary, However, we show that their protocol is insecure if the values are disclosed to an adversary.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.287-297
• /
• 2019

When cryptographic algorithms are implemented to provide countermeasures against the side-channel analysis, designers frequently employ the combined countermeasures between the first-order masking scheme and hiding schemes. Their combination can be enough to offer security and efficiency. However, if dummy operations can be distinguished from real operations, an attacker can extract the secret key with lower complexity than the intended attack complexity by the designer inserting the dummy operations. In this paper, we categorize types of variables used in a dummy operation when C language is employed. Then, we present the novel vulnerability that can distinguish dummy operations for all cases where the hiding schemes are applied using different types of variables. Moreover, the countermeasure is provided to prevent the novel vulnerability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.125-134
• /
• 2004

When cryptosystem designers implement devices that computing power or memory is limited such as smart cards, PDAs and so on, not only he/she has to be careful side channel attacks(SCA) but also the cryptographic algorithms within the device has to be efficient using small memory. For this purpose, countermeasures such as Moiler's method, Okeya-Takagi's one and overlapping window method, based on window method to prevent SCA were proposed. However, Moiler's method and Okeya-Talngi's one require additional cost to prevent other SCA such as DPA, Second-Order DPA, Address-DPA, and so on since they are immune to only SPA. Also, overlapping window method has a drawback that requires big memory. In this paper, we analyze existing countermeasures and propose an efficient and secure countermeasure that is immune to all existing SCA using advantages of each countermeasure. Moreover, the proposed countermeasure can enhance the efficiency using mixed coordinate systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.59-68
• /
• 2006

Although the cryptographic algorithms in IC chip such as smart card are secure against mathematical analysis attack, they are susceptible to side channel attacks in real implementation. In this paper, we analyze the security of smart card using a developed experimental tool which can perform power analysis attacks and fault insertion attacks. As a result, raw smart card implemented SEED and ARIA without any countermeasure is vulnerable against differential power analysis(DPA) attack. However, in fault attack about voltage and clock on RSA with CRT, the card is secure due to its physical countermeasures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.607-615
• /
• 2022

The SITM (See-In-The-Middle) proposed in CHES 2020 is a methodology for side-channel assisted differential cryptanalysis. This technique analyzes the power traces of unmasked middle rounds in partial masked SPN block cipher implementation, and performs differential analysis with the side channel information. Blockcipher GIFT is a lightweight blockcipher proposed in CHES 2017, designed to correct the well-known weaknesses of block cipher PRESENT and provide the efficient implementation. In this paper, we propose SITM attacks on partial masked implementation of GIFT-128. This attack targets 4-round and 6-round masked implementation of GIFT-128 and time/data complexity is 2^14.01 /2^14.01, 2¹⁶ /2¹⁶. In this paper, we compare the masterkey recovery logic available in SITM attacks, establishing a criterion for selecting more efficient logic depending on the situation. Finally, We introduce how to apply the this attack to GIFT-COFB, one of the finalist candidates in NIST lightweight cryptography standardization process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.227-242
• /
• 2022

This paper presents a Cache-Coherency Interconnect(CCI)-based Android pattern screen lock(PSL) attack on modern ARM processors. CCI has been introduced to maintain the cache coherency between the big core cluster and the little core cluster. That is, CCI is the central interconnect inside SoC that maintains cache coherency and shares data. In this paper, we reveal that CCI can be a side channel in security, that an adversary can observe security-sensitive operations. We design and implement a technique to compromise Android PSL within only a few attempts using the information of CCI in user-level applications on Android Nougat. Further, we analyzed the relationship between the pattern complexity and security. Our evaluation results show that complex and simple patterns would have similar security strengths against the proposed technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.855-867
• /
• 2022

As the need for a deep learning accelerator increases with the development of IoT equipment, research on the implementation and safety verification of the deep learning accelerator is actively. In this paper, we propose a new side channel analysis methodology for secret information that overcomes the limitations of the previous study in Usenix 2019. We overcome the disadvantage of limiting the range of weights and restoring only a portion of the weights in the previous work, and restore the IEEE754 32bit single-precision with 99% accuracy with a new method using CPA. In addition, it overcomes the limitations of existing studies that can reverse activation functions only for specific inputs. Using deep learning, we reverse activation functions with 99% accuracy without conditions for input values with a new method. This paper not only overcomes the limitations of previous studies, but also proves that the proposed new methodology is effective.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.761-773
• /
• 2023

This paper proposes a method to increase the power-analysis resistance of the neural network model's feedforward process by replacing the exponential-based activation function, used in the deep-learning field, with an approximated function especially at the multi-layer perceptron model. Due to its nature, the feedforward process of neural networks calculates secret weight and bias, which already trained, so it has risk of exposure of internal information by side-channel attacks. However, various functions are used as the activation function in neural network, so it's difficult to apply conventional side-channel countermeasure techniques, such as masking, to activation function(especially, to exponential-based activation functions). Therefore, this paper shows that even if an exponential-based activation function is replaced with approximated function of simple form, there is no fatal performance degradation of the model, and than suggests a power-analysis resistant feedforward neural network with exponential-based activation function, by masking approximated function and whole network.

• Journal of Distribution Research
• /
• v.3 no.1
• /
• pp.7-29
• /
• 1998

Manufacturers want brand promotions at the stores. In contrast, retailers want promotions for the stores rather than for the brands since better store promotions can attract customers from the competing retail stores. In this paper, three scenarios are assumed for the promotions in terms of the allowances or the side-payments form the manufacturer to the retailer and the pass-through rate for the allowances being used for the brand promotions by the retailer. An analytical model for the marketing channel distribution is used for the analysis. Then, several marketing implications are suggested based on the findings.

• Proceedings of the Korean Biophysical Society Conference
• /
• 1997.07a
• /
• pp.29-29
• /
• 1997

Cyclosporin A (CsA) is widely used to suppress rejection in rcipients of solid organ or bone marrow transplants. A variety .of toxic side effects of this agent such as cardiotoxicity have been reported. However the underlying molecular mechanisms for the cardiotoxicity are not well resolved.(omitted)