• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1255-1261
• /
• 2020

Cache side-channel attack is a class of attacks to retrieve sensitive information from a system by exploiting shared cache resources in CPUs. As the attacks are delivered to wide range of environments from mobile systems to cloud systems recently, many detection strategies have been proposed. Since the conventional cache side-channel attacks are likely to incur tremendous number of cache events, most of the previous detection mechanisms were designed to carefully monitor mostly cache events. However, recently proposed attacks tend to incur less cache events during the attack. PRIME+ABORT attack, for example, leverages the Intel TSX instead of accessing cache to measure access time. Because of the characteristic, attack detection mechanisms based on cache events may hardly detect the attack. In this paper, we conduct an in-depth analysis of the PRIME+ABORT attack to identify the other useful hardware events for detection rather than cache events. Based on our finding, we present a novel mechanism called PRIME+ABORT Detector to detect the PRIME+ABORT attack and demonstrate that the detection mechanism can achieve 99.5% success rates with 0.3% performance overhead.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1059-1068
• /
• 2022

A Post-Quantum Cryptographic algorithm NTRU, which is designed by considering the computational power of quantum computers, satisfies the mathematically security level. However, it should consider the characteristics of side-channel attacks such as power analysis attacks in hardware implementation. In this paper, we verify that the private key can be recovered by analyzing the power signal generated during the decryption process of NTRU. To recover the private keys, the Simple Power Analysis (SPA), Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) were all applicable. There is a shuffling technique as a basic countermeasure to counter such a power side-channel attack. Neverthe less, we propose a more effective method. The proposed method can prevent CPA and DDLA attacks by preventing leakage of power information for multiplication operations by only performing addition after accumulating each coefficient, rather than performing accumulation after multiplication for each index.

• International Journal of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.17-28
• /
• 2024

As listed as one of the most important requirements for Post-Quantum Cryptography standardization process by National Institute of Standards and Technology, the resistance to various side-channel attacks is considered very critical in deploying cryptosystems in practice. In fact, cryptosystems can easily be broken by side-channel attacks, even though they are considered to be secure in the mathematical point of view. The timing attack(TA) and the simple power analysis attack(SPA) are such side-channel attack methods which can reveal sensitive information by analyzing the timing behavior or the power consumption pattern of cryptographic operations. Thus, appropriate measures against such attacks must carefully be considered in the early stage of cryptosystem's implementation process. The Montgomery multiplier is a commonly used and classical gadget in implementing big-number-based cryptosystems including RSA and ECC. And, as recently proposed as an alternative of building blocks for implementing post quantum cryptography such as lattice-based cryptography, the big-number multiplier including the Montgomery multiplier still plays a role in modern cryptography. However, in spite of its effectiveness and wide-adoption, the multiplier is known to be vulnerable to TA and SPA. And this paper proposes a new countermeasure for the Montgomery multiplier against TA and SPA. Briefly speaking, the new measure first represents a multiplication operand without 0 digits, so the resulting multiplication operation behaves in a very regular manner. Also, the new algorithm removes the extra final reduction (which is intrinsic to the modular multiplication) to make the resulting multiplier more timing-independent. Consequently, the resulting multiplier operates in constant time so that it totally removes any TA and SPA vulnerabilities. Since the proposed method can process multi bits at a time, implementers can also trade-off the performance with the resource usage to get desirable implementation characteristics.

• Journal of Sensor Science and Technology
• /
• v.21 no.6
• /
• pp.402-407
• /
• 2012

We report a Fabry-Perot interferometer (FPI)-based multi-channel micro-spectrometer used for multi-gas measurement in the spectral range of $3-5{\mu}m$ and its gas sensing performance. The fabricated infrared (IR) spectrometer consists of two parts: an FPI on the top side for selective IR filtering and a $V_2O_5$-based IR detector array on the bottom side for the detection of the filtered IR. Experimental results show that the FPI-based multi-channel gas sensor has reliability and selectivity for simultaneously detecting environmentally harmful gases such as $CH_4$, $CO_2$, $N_2O$ and CO in the spectral range of $3-5{\mu}m$. The fabricated FPI-based multi-channel gas sensor also demonstrated that a reliable and selective detection of gas concentrations ranging from 0 to 500 ppm is feasible. In addition, the electrical characteristics demonstrate a superior response performance in regards to the selectivity in the multi-target gases.

• The KSFM Journal of Fluid Machinery
• /
• v.13 no.3
• /
• pp.30-36
• /
• 2010

The detailed heat transfer coefficients on a rotating dimpled channel were measured by the hue detection based the transient liquid crystal technique. The dimples were fabricated on the one side of the channel and the tested channel aspect ratio was 4, 6, and 12 with fixed channel width. Tested Reynolds number based on the channel hydraulic diameter was varied from 21,000 to 47,000. A stationary case and two different rotating conditions were tested so that the dimple fabricated surface became leading or trailing surface. For all rotating conditions, the minimum averaged heat transfer coefficient was measured for the channel aspect ratio of 6. Generally, the highest averaged heat transfer coefficient was observed for the highest aspect ratio cases due to increased dimple induced vortex strength.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.971-980
• /
• 2017

Data deduplication can be utilized to reduce storage space in cloud storage services by storing only a single copy of data rather than all duplicated copies. Users who are concerned the confidentiality of their outsourced data can use secure encryption algorithms, but it makes data deduplication ineffective. In order to reconcile data deduplication with encryption, Liu et al. proposed a new server-side cross-user deduplication scheme by exploiting password authenticated key exchange (PAKE) protocol in 2015. In this paper, we demonstrate that this scheme has side channel which causes insecurity against the confirmation-of-file (CoF), or duplicate identification attack.

• The KIPS Transactions:PartC
• /
• v.19C no.3
• /
• pp.179-184
• /
• 2012

Due to the absence of an alternative algorithm SHA-2, NIST (National Institute of Standards and Technology) is proceeding to development project of SHA-3. NIST announced five candidates of the final round at the end of 2010. Side-channel attack scenarios of five candidates for SHA-3 final round have been proposed. In this paper, we prove the possibility of the analysis against 32-bit modular addition by 8-bit blocks from our experiment on ARM chip board with a register size of 32-bit. In total we required 9700 power traces to successfully recover the 128-bit secret key for the attack against.

• Journal of the Korean Institute of Telematics and Electronics D
• /
• v.35D no.9
• /
• pp.93-99
• /
• 1998

A novel four-channel narrowband wavelength demultiplexer using integrated four vertical directional coupler structures is proposed and theoretically investigated. Four ridge waveguide with different ridge width are vertically coupled to a strip-loaded waveguide which results four different wavelengths filtered out to each ridge waveguide. In order to reduce the side-lobes, the coupling coefficients are varied along the propagation direction. The spectral responses of channels were found to be quite uniform. An average channel spacing of 7 nm with power coupling efficiency of ~90%, 3-dB passband width of 2 nm, and 20 dB side-lobe suppression ratio was achieved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.527-536
• /
• 2020

It has been found that an attacker can extract the secret key embedded in a security device and recover the operation instruction using power consumption traces which are some kind of side channel information. Many profiling-based side channel attacks based on a deep learning model such as MLP(Multi-Layer Perceptron) method are recently researched. In this paper, we implemented a disassembler for operation instruction set used in the micro-controller AVR XMEGA128-D4. After measuring the template traces on each instruction, we automatically made the pre-processing process and classified the operation instruction set using a deep learning model CNN. As an experimental result, we showed that all instructions are classified with 87.5% accuracy and some core instructions used frequently in device operation are with 99.6% respectively.

• Journal of Power Electronics
• /
• v.13 no.5
• /
• pp.896-908
• /
• 2013

Under high grid impedance conditions, it is difficult to guarantee the stability of grid-connected inverters with an LCL filter designed based on ideal grid conditions. In this paper, the theoretical basis for output impedance calculation is introduced. Based on the small-signal model, the d-d channel closed-loop output impedance models adopting the converter-side current control method and the grid-side current control method are derived, respectively. Specifically, this paper shows how to simplify the stability analysis which is usually complemented based on the generalized Nyquist stability criterion (GNC). The stability of each current-controlled grid-connected system is analyzed via the proposed simplified method. Moreover, the influence of the LCL parameters on the stability margin of grid-connected inverter controlled with converter-side current is studied. It is shown that the stability of grid-connected systems is fully determined by the d-d channel output admittance of the grid-connected inverter and the inductive component of the grid impedance. Experimental results validate the proposed theoretical stability analysis.