• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.1
• /
• pp.280-295
• /
• 2015

Block cipher ARIA was first proposed by some South Korean experts in 2003, and later, it was established as a Korean Standard block cipher algorithm by Korean Agency for Technology and Standards. In this paper, we focus on the security evaluation of ARIA block cipher against the recent zero-correlation linear cryptanalysis. In addition, Partial-sum technique and FFT (Fast Fourier Transform) technique are used to speed up the cryptanalysis, respectively. We first introduce some 4-round linear approximations of ARIA with zero-correlation, and then present some key-recovery attacks on 6/7-round ARIA-128/256 with the Partial-sum technique and FFT technique. The key-recovery attack with Partial-sum technique on 6-round ARIA-128 needs $2^{123.6}$ known plaintexts (KPs), $2^{121}$ encryptions and $2^{90.3}$ bytes memory, and the attack with FFT technique requires $2^{124.1}$ KPs, $2^{121.5}$ encryptions and $2^{90.3}$ bytes memory. Moreover, applying Partial-sum technique, we can attack 7-round ARIA-256 with $2^{124.6}$ KPs, $2^{203.5}$ encryptions and $2^{152}$ bytes memory and 7-round ARIA-256 employing FFT technique, requires $2^{124.7}$ KPs, $2^{209.5}$ encryptions and $2^{152}$ bytes memory. Our results are the first zero-correlation linear cryptanalysis results on ARIA.

• ETRI Journal
• /
• v.44 no.3
• /
• pp.512-523
• /
• 2022

Random delay countermeasures introduce random delays into the execution flow to break the synchronization and increase the complexity of the side channel attack. A novel method for attacking devices with random delay countermeasures has been proposed by using a maximal overlap discrete wavelet transform (MODWT)-based power trace alignment algorithm. Firstly, the random delay in the power traces is sensitized using MODWT to the captured power traces. Secondly, it is detected using the proposed random delay detection algorithm. Thirdly, random delays are removed by circular shifting in the wavelet domain, and finally, the power analysis attack is successfully mounted in the wavelet domain. Experimental validation of the proposed method with the National Institute of Standards and Technology certified Advanced Encryption Standard-128 cryptographic algorithm and the SAKURA-G platform showed a 7.5× reduction in measurements to disclosure and a 3.14× improvement in maximum correlation value when compared with similar works in the literature.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1091-1102
• /
• 2014

The power analysis attack is a cryptanalytic technique to retrieve an user's secret key using the side-channel power leakage occurred during the execution of cryptographic algorithm embedded on a physical device. Especially, many power analysis attacks have targeted on an exponentiation algorithm which is composed of hundreds of squarings and multiplications and adopted in public key cryptosystem such as RSA. Recently, a new correlation power attack, which is tried when two modular multiplications have a same input, is proposed in order to recover secret key. In this paper, after reviewing the principle of side-channel attack based on input collisions in modular multiplications, we analyze the vulnerability of some exponentiation algorithms having regularity property. Furthermore, we present an improved exponentiation countermeasure to resist against the input collision-based CPA(Correlation Power Analysis) attack and existing side channel attacks and compare its security with other countermeasures.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.1
• /
• pp.43-50
• /
• 2022

Correlation Power Analysis(CPA) is a sub-channel attack method that measures the detailed power consumption of attack target equipment equipped with cryptographic algorithms and guesses the secret key used in cryptographic algorithms with more than 90% probability. Since CPA performs analysis based on statistics, a large amount of data is necessarily required. Therefore, the CPA must measure power consumption for at least about 15 minutes for each attack. In this paper proposes a method of using a Convolutional Neural Network(CNN) capable of accumulating input data and predicting results to solve the data collection problem of CPA. By collecting and learning the power consumption of the target equipment in advance, entering any power consumption can immediately estimate the secret key, improving the computational speed and 96.7% of the secret key estimation accuracy.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.7C
• /
• pp.640-648
• /
• 2009

Summation generator with high period and high linear complexity can be easily implemented by a simple hardware or software and it is proper to apply in mobile security system for ubiquitous environments. However the generator has been some weaknesses from Dawson's divided-and-conquer attack, Golic's correlation attack and Meier's fast correlation attack. In this paper, we propose an improved version($2^{128}$security level) of $E_0$algorithm, CVC-NSG(Circular-Clock-Controlled - Nonlinear Summation Generator), which partially replaces LFSRs with nonlinear FSRs and controls the irregular clock to reinforce it's own weaknesses. Finally, we analyze our proposed design in terms of security and performance.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.5 no.3
• /
• pp.158-163
• /
• 2012

This paper proposes an FHIDS(Fuzzy logic based Hybrid Intrusion Detection System) design that detects anomaly and misuse attacks by using a Naive Bayesian algorithm, Data Mining, and Fuzzy Logic. The NB-AAD(Naive Bayesian based Anomaly Attack Detection) technique using a Naive Bayesian algorithm within the FHIDS detects anomaly attacks. The DM-MAD(Data Mining based Misuse Attack Detection) technique using Data Mining within it analyzes the correlation rules among packets and detects new attacks or transformed attacks by generating the new rule-based patterns or by extracting the transformed rule-based patterns. The FLD(Fuzzy Logic based Decision) technique within it judges the attacks by using the result of the NB-AAD and DM-MAD. Therefore, the FHIDS is the hybrid attack detection system that improves a transformed attack detection ratio, and reduces False Positive ratio by making it possible to detect anomaly and misuse attacks.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.3 s.357
• /
• pp.33-40
• /
• 2007

In this paper, low-rate TCP attack as one of shrew attacks is considered and the scaling based dynamic time warping (S-DTW) algorithm is introduced. The low-rate TCP attack can not be detected by the detection method for the previous flooding DoS/DDoS (Denial of Service/Distirbuted Denial of Service) attacks due to its low average traffic rate. It, however, is a periodic short burst that exploits the homogeneity of the minimum retransmission timeout (RTO) of TCP flows and then some pattern matching mechanisms have been proposed to detect it among legitimate input flows. A DTW mechanism as one of detection approaches has proposed to detect attack input stream consisting of many legitimate or attack flows, and shown a depending method as well. This approach, however, has a problem that legitimate input stream may be caught as an attack one. In addition, it is difficult to decide a threshold for separation between the legitimate and the malicious. Thus, the causes of this problem are analyzed through simulation and the scaling by maximum auto-correlation value is executed before computing the DTW. We also discuss the results on applying various scaling approaches and using standard deviation of input streams monitored.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.1
• /
• pp.33-43
• /
• 2023

The National Institute of Standards and Technology (NIST), which is working on the Post-Quantum Cryptography (PQC) standardization project, announced four algorithms that have been finalized for standardization. In this paper, we demonstrate through experiments that private keys can be exposed by Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) attacks on polynomial coefficient-wise multiplication algorithms that operate in the process of generating signatures using CRYSTALS-Dilithium algorithm. As a result of the experiment on ARM-Cortex-M4, we succeeded in recovering the private key coefficient using CPA or DDLA attacks. In particular, when StandardScaler preprocessing and continuous wavelet transform applied power traces were used in the DDLA attack, the minimum number of power traces required for attacks is reduced and the Normalized Maximum Margines (NMM) value increased by about 3 times. Conseqently, the proposed methods significantly improves the attack performance.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.437-440
• /
• 2009

We propose a fast stream cipher ASC16 for software implementation. ASC16 has a very simple structure with ASR(Arithmetic Shift Register), NLF(Non-Linear Filter), and NLB(Non-Linear Block), and is executed by a word. It is a stream cipher for wireless communication, which makes 32bit key streams using s-box with non-linear transformation. The processed result is almost same as SSC2, 32bit output stream cipher, developed by Zhang, Carroll, and Chan. The period is longer than SSC2, and it causes the difficulty of Correlation attack and raises security very much. The proposed ASC16 is efficiently used in the process of a fast cipher in the limited environment such as wireless communication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1059-1068
• /
• 2022

A Post-Quantum Cryptographic algorithm NTRU, which is designed by considering the computational power of quantum computers, satisfies the mathematically security level. However, it should consider the characteristics of side-channel attacks such as power analysis attacks in hardware implementation. In this paper, we verify that the private key can be recovered by analyzing the power signal generated during the decryption process of NTRU. To recover the private keys, the Simple Power Analysis (SPA), Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) were all applicable. There is a shuffling technique as a basic countermeasure to counter such a power side-channel attack. Neverthe less, we propose a more effective method. The proposed method can prevent CPA and DDLA attacks by preventing leakage of power information for multiplication operations by only performing addition after accumulating each coefficient, rather than performing accumulation after multiplication for each index.