• Journal of Korean Society of Coastal and Ocean Engineers
• /
• v.20 no.1
• /
• pp.81-92
• /
• 2008

In this study, the analysis results were presented for the experimental data of sluice for tidal power generation that were installed in an open channel flume. The experiment was carried out for the six different sluice models of different widths and bottom heights of the sluice throat section. If the side shape of the sluice was the same, the coefficient of discharge generally increased by increasing the width of the throat section. However, when the water discharge was small and the upstream water level was low, the coefficient of discharge increased for a while but decreased later with the increase of the throat section width. In addition, the coefficient of discharge was larger when the bottom height of the throat section was higher, regardless of the width of the throat section. It was concluded that the values of coefficient of discharge that were frequently used in the previous feasibility studies were underestimated so that should be adjusted to higher values.

• Journal of Korea Water Resources Association
• /
• v.44 no.1
• /
• pp.65-72
• /
• 2011

Natural streams meander, forming pools at the outer part of bend and riffles at the crossing. Pools are deep at a lower flow velocity, and riffles are shallow at a higher flow velocity. Attentions are being paid to pool-riffle sequences in meandering streams because pool-riffle sequences tend to increase biodiversity of the stream ecosystem. This study investigates the characteristics of distribution of bed sediment particles in the upstream reach of the Gap Stream, which is a tributary of the Geum River in Korea. The upstream part of the Gap Stream, the study reach, is a gravel-bed stream, showing a pool and three riffles due to meandering. The reach also includes pools at the upstream and downstream parts of the weir. The characteristics of bed sediment particles sampled at the wetland and in the side channel are studied, revealing that the median particle diameter in the riffle is about four times larger than that in the pool. In addition, flow simulations are carried out for ordinary discharge and design flood, and such parameters important to sediment transport as velocity, shear stress, dimensionless shear stress (or Shields number), and dimensionless shear velocity are provided to see the mobility of sediment particles in the pool-riffle sequence.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.875-888
• /
• 2021

In this paper, we search integral distinguishers of lightweight block cipher PIPO and propose a key recovery attack on 8-round PIPO-64/128 with the obtained 6-round distinguishers. The lightweight block cipher PIPO proposed in ICISC 2020 is designed to provide the efficient implementation of high-order masking for side-channel attack resistance. In the proposal, various attacks such as differential and linear cryptanalyses were applied to show the sufficient security strength. However, the designers leave integral attack to be conducted and only show that it is unlikely for PIPO to have integral distinguishers longer than 5-round PIPO without further analysis on Division Property. In this paper, we search integral distinguishers of PIPO using a MILP-aided Division Property search method. Our search can show that there exist 6-round integral distinguishers, which is different from what the designers insist. We also consider linear operation on input and output of distinguisher, respectively, and manage to obtain totally 136 6-round integral distinguishers. Finally, we present an 8-round PIPO-64/128 key recovery attack with time complexity 2^124.5849 and memory complexity of 2⁹³ with four 6-round integral distinguishers among the entire obtained distinguishers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.21-32
• /
• 2007

Vuillaume-Okeya presented unsigned receding methods for protecting modular exponentiations against side channel attacks, which are suitable for tamper-resistant implementations of RSA or DSA which does not benefit from cheap inversions. The proposed method was using a signed representation with digits set ${1,2,{\cdots},2^{\omega}-1}$, where 0 is absent. This receding method was designed to be computed only from the right-to-left, i.e., it is necessary to finish the receding and to store the receded string before starting the left-to-right evaluation stage. This paper describes new receding methods for producing SPA-resistant unsigned representations which are scanned from left to right contrary to the previous ones. Our contributions are as follows; (1) SPA-resistant unsigned left-to-right receding with general width-${\omega}$, (2) special case when ${\omega}=1$, i.e., unsigned binary representation using the digit set {1,2}, (3) SPA-resistant unsigned left-to-right Comb receding, (4) extension to unsigned radix-${\gamma}$ left-to-right receding secure against SPA. Hence, these left-to-right methods are suitable for implementing on memory limited devices such as smartcards and sensor nodes

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.43-51
• /
• 2009

In 1998, Kocher et al. introduced Differential Power Attack on block ciphers. This attack allows to extract secret key used in cryptographic primitives even if these are executed inside tamper-resistant devices such as smart card. At FSE 2003 and 2004, Akkar and Goubin presented several masking methods, randomizing the first few and last few($3{\sim}4$) rounds of the cipher with independent random masks at each round and thereby disabling power attacks on subsequent inner rounds, to protect iterated block ciphers such as DES against Differential Power Attack. Since then, Handschuh and Preneel have shown how to attack Akkar's masking method using Differential Cryptanalysis. This paper presents how to combine Truncated Differential Cryptanalysis and Power Attack to extract the secret key from intermediate unmasked values and shows how much more efficient our attacks are implemented than the Handschuh-Preneel method in term of reducing the number of required plaintexts, even if some errors of Hamming weights occur when they are measured.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.59-69
• /
• 2011

Since power analysis attack which uses a characteristic that power consumed by crypto device depends on processed data has been proposed, many logics that can block these correlation originally have been developed. DRP logic has been adopted by most of logics maintains power consumption balanced and reduces correlation between processed data and power consumption. However, semi-custom design is necessary because recently design circuits become more complex than before. This design method causes unbalanced design pattern that makes DRP logic consumes unbalanced power consumption which is vulnerable to power analysis attack. In this paper, we have developed new logic style which adds another discharge phase to discharge two output nodes at the same time based on DyCML to remove this unbalanced power consumption. Also, we simulated 1bit fulladder to compare proposed logic with other logics to prove improved performance. As a result, proposed logic is improved NED and NSD to 60% and power consumption reduces about 55% than any other logics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.153-166
• /
• 2011

Recent trends in mobile device market whose services are rapidly expanding to provide wireless internet access are drawing people's attention to mobile security. Especially, since threats to information leakage are reaching to the critical level due to the frequent interchange of important data such as personal and financial information through wireless internet, various encryption algorithms has been developed to protect them. The encryption algorithms confront the serious threats by the appearance of side channel attack (SCA) which uses the physical leakage information such as timing, and power consumption, though the their robustness to threats is theoretically verified. Against the threats of SCA, researches including the performance and development direction of SCA should precede. Among tile SCA methods, the power analysis (PA) attack overcome this misalignment problem. The conventional methods require large computational power and they do not effectively deal with the delay changes in a power trace. To overcome the limitation of the conventional methods, we proposed a novel alignment method using peak matching. By computer simulations, we show the advantages of the proposed method compared to the conventional alignment methods.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.4
• /
• pp.613-621
• /
• 2021

This study conducted a network analysis to determine how COVID-19 vaccine-related issue spread on Twitter during the introduction stage of the COVID-19. Issue diffusion tendency is analyzed according to the time period: phase 1 (initiation of vaccine introduction: March 7 - April 3, 2021), phase 2 (stagnant period of vaccination: April 4 - April 22, 2021), and phase 3 (increase of vaccination: April 23 - May 5, 2021). NodeXL was used for data collection and analysis. Daily Twitter network data were collected by entering search terms highly related to the COVID-19 vaccine. This study found that side effects-related opinions were repeatedly formed throughout the analysis period. As the vaccination rate increased and death cases were reported on media, death-related issues also emerged on Twitter. On the other hand, vaccine safety did not receive much attention on Twitter. The results of this study highlight the role of social media as a channel of issue diffusion when a national disaster strikes. We emphasize the need for the government to monitor public opinions on social media and reflect them in crisis communication strategies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.193-200
• /
• 2023

Cryptanalysis can be performed by various techniques such as known plaintext attack, differential attack, side-channel analysis, and the like. Recently, many studies have been conducted on cryptanalysis using deep learning. A known-plaintext attack is a technique that uses a known plaintext and ciphertext pair to find a key. In this paper, we use deep learning technology to perform a known-plaintext attack against S-PRESENT, a reduced version of the lightweight block cipher PRESENT. This paper is significant in that it is the first known-plaintext attack based on deep learning performed on a reduced lightweight block cipher. For cryptanalysis, MLP (Multi-Layer Perceptron) and 1D and 2D CNN(Convolutional Neural Network) models are used and optimized, and the performance of the three models is compared. It showed the highest performance in 2D convolutional neural networks, but it was possible to attack only up to some key spaces. From this, it can be seen that the known-plaintext attack through the MLP model and the convolutional neural network is limited in attackable key bits.