• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.2
• /
• pp.83-92
• /
• 2013

RSA-CRT is a widely used algorithm that provides high performance implementation of the RSA-signature algorithm. Many previous studies on each operation step have been published to verify the physical leakages of RSA-CRT when used in smart devices. This paper proposes SAED (subtraction algorithm analysis on equidistant data), which extracts sensitive information using the event information of the subtraction operation in a reduction algorithm. SAED is an attack method that uses algorithm-dependent power signal changes. An adversary can extract a key using differential power analysis (DPA) of the subtraction operation. This paper indicates the theoretical rationality of SAED, and shows that its results are better than those of other methods. According to our experiments, only 256 power traces are sufficient to acquire one block of data. We verify that this method is more efficient than those proposed in previously published studies.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.157-168
• /
• 2005

Group key agreement protocols are designed to provide a group of parties securely communicating over a public network with a session key. The mobile computing architecture is asymmetric in the sense of computational capabilities of participants. That is, the protocol participants consist of the stationary server(application servers) with sufficient computational Power and a cluster of mobile devices(clients) with limited computational resources. It is desirable to minimize the amount of computation performed by each group member in a group involving low-power mobile devices such as smart cards or personal digital assistants(PDAs). Furthermore we are required to update the group key with low computational costs when the members need to be excluded from the group or multiple new members need to be brought into an existing group. In this paper, we propose a dynamic group key protocol which offers computational efficiency to the clients with low-power mobile devices. We compare the total communicative and computational costs of our protocol with others and prove its suity against a passive adversary in the random oracle model.

• Archives of Plastic Surgery
• /
• v.36 no.5
• /
• pp.674-677
• /
• 2009

Purpose: Typical cross finger flap is still a good method for reconstruction of fingertip injuries. However, it is necessarily followed by great loss and aesthetically unpreferable result of donor finger. Hereby, we introduce a modification of cross finger flap with reduction pulp plasty and full thickness skin graft, with which we could reduce the defect size of injured fingertip and donor site morbidity at the same time, without any need for harvesting additional skin from other part of hand. Method: This method was performed in the patients with fingertip injuries of complete amputation or in case of loss of fingertip due to necrosis after replantation. Firstly, reduction pulp plasty was performed on the injured finger to reduce the size of defect of fingertip. Additional skin flap was obtained from the pulp plasty. Secondly, cross finger flap was elevated from the adjacent finger to cover the defect on the injured finger. At the same time, defect on the donor finger produced by the flap elevation was covered by full thickness skin graft with the skin obtained from the pulp plasty of injured finger. Results: Flap and graft survived without any necrosis after surgical delay and flap detachment. All of them were healed well and did not present any severe adversary symptoms. Conclusion: Cross finger flap with reduction pulp plasty and full thickness skin graft is an effective method that we can easily apply in reconstruction of fingertip injury. We think that it is more helpful than the usual manner, especially in cases of children with less soft tissue on their fingers for preservation and reduction of the morbidity of donor finger.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.38 no.4
• /
• pp.11-21
• /
• 2015

In order to achieve success in ground operations, searching for moving targets is one of critical factors. Usually, the system of searching for adversary ground moving targets has complex properties which includes target's moving characteristics, camouflage level, terrain, weather, available search time window, distance between target and searcher, moving speed, target's tactics, etc. The purpose of this paper is to present a practical quantitative method for effectively searching for infiltrated moving targets considering aforementioned complex properties. Based upon search theories, this paper consists of two parts. One is infiltration route analysis, through terrain and mobility analysis. The other is building dynamic probability maps through Monte Carlo simulation to determine the prioritized searching area for moving targets. This study primarily considers ground moving targets' moving pattern. These move by foot and because terrain has a great effect on the target's movement, they generally travel along a constrained path. With the ideas based on the terrain's effect, this study deliberately performed terrain and mobility analysis and built a constrained path. In addition, dynamic probability maps taking terrain condition and a target's moving speed into consideration is proposed. This analysis is considerably distinct from other existing studies using supposed transition probability for searching moving targets. A case study is performed to validate the effectiveness and usefulness of our methodology. Also, this study suggests that the proposed approach can be used for searching for infiltrated ground moving target within critical time window. The proposed method could be used not only to assist a searcher's mission planning, but also to support the tactical commander's timely decision making ability and ensure the operations' success.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.11-19
• /
• 2019

The blockchain is a technique for managing transaction data in distributed computing manner without the involvement of central trust authority. The blockchain has been used in various area such as manufacturing, culture, and public as well as finance because of its advantage of the security, efficiency and applicability. In the blockchain, it was considered safe against 51% attack because the adversary could not have more than 50% hash power. However, there have been cases caused by large-scale computing attacks such as 51% and selfish mining attack, and the frequency of these attacks is increasing. In addition, since the development of quantum computers can hold exponentially more information than their classical computer, it faces a new type of threat using quantum algorithms. In this paper, we perform the security analysis of blockchain attacks composing the large computing capabilities including quantum computing attacks. Finally, we suggest the technologies and future direction of the blockchain development in order to be safe against large-scale computing attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.103-113
• /
• 2007

In this paper, we present a security analysis of Lightweight RFID Mutual Authentication Protocols-LMAP[10], $M^2AP$[11], EMAP[12]. Based on simple logic operations, the protocols were designed to be suitable for lightweight environments such as RFID systems. In [8,9], it is shown that these protocols are vulnerable to do-synchronization attacks with a high probability. The authors also presented an active attack that partially reveals a tag's secret values including its ID. In this paper, we point out an error from [9] and show that their do-synchronization attack would always succeed. We also improve the active attack in [9] to show an adversary can compute a tag's ID as well as certain secret keys in a deterministic way. As for $M^2AP$ and EMAP, we show that eavesdropping $2{\sim}3$ consecutive sessions is sufficient to reveal a tag's essential secret values including its ID that allows for tracing, do-synchronization and/or subsequent impersonations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.99-109
• /
• 2007

Lee et al. recently proposed an RFID mutual authentication scheme based on synchronized secret information. However, we found that their protocol is vulnerable to a spoofing attack in which an adversary can impersonate a legal tag to the reader by sending a malicious random number. To remedy this vulnerability, we propose two RFID authentication protocols which are secure against all possible threats including backward and forward traceability. Furthermore, one of the two proposed protocols requires only three hash operations(but, $[m/2]{\cdot}2+3$ operations in resynchronization state, m is the number of tags) in the database to authenticate a tag, hence it is well suitable fur large scale RFID systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.141-148
• /
• 2011

Recently, various social network services have been grown. Among them, personal relationships based social network services such as Facebook and Twitter make a remarkable growth of industry. In such services, users' profiles are very important for establishing the relationship between two users. However some information in a user's profile causes the leakage of the user's privacy, and thus we have to deal with the information in the profile. Especially, we have to treat contact information, such as the phone number and the e-mail address, very carefully since an adversary can use the information to violate the user's privacy in real life. In this paper, we propose two profile management systems that can enhance the privacy of users in social network services. We compare our systems with existing profile management techniques in well-known social network services such as Facebook and Twitter, and show that our systems provide enhanced privacy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.57-72
• /
• 2010

Hash based RFID protocols proposed by Ha and M.Burmester is a scheme that tag's ID is updated using hash function to provide forward secrecy after session end. But this protocols have a problem both privacy and efficiency. This paper analyze a problem for privacy to apply a privacy game model proposed by Vaudenay. we analyze the cause that these scheme is difficult with tag's cheap implementation and efficient resynchronization. To solve these problems, we proposed a new hash based mutual authentication protocol which apply only two protocol's advantages. this protocols is based of resynchronization algorithm for Ha et al.'s protocol and added a new simple counter to record the numner of continuous desynchronization between tag and reader secret informations. this counter is more simple than cyclic counter proposed by M. Burmester's protocol. Also, we prove that proposal protocol improve a privacy against a privacy attack which is executed for Ha and M. Burmester's protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.73-90
• /
• 2010

Recently, Tan et al. introduced a serverless search protocol in which a mobile reader maintains a tag authentication list and authenticates a tag using the list without connecting authentication server. A serverless RFID system is different from general RFID systems which use on-line server models. In the serverless RFID system, since the mobility of a personalized reader must be considered, we have to protect not only the privacy of a tag but also the privacy of a mobile reader. In this paper, we define new security requirements for serverless RFID search system and propose a secure serverless RFID search system. In our system, since tag authentication information maintained by a reader is updated in every session, we can provide the backward untraceability of a mobile reader. Also we use an encrypted timestamp to block a replay attack which is major weakness of search protocols. In addition, we define a new adversary model to analyze a serverless RFID search system and prove the security of our proposed system using the model.