• Proceedings of the KSME Conference
• /
• 2008.11b
• /
• pp.2754-2758
• /
• 2008

Numerical investigation has been carried out for laminar flow ($Re{\leq}150$) past a square cylinder in cross freestream with an angle of attack. This study would be the first step towards understanding flow-induced forces on cylindrical structures under a strong gust of wind from the viewpoint of wind hazards. Collecting all the numerical results obtained, we propose contour diagrams of drag/lift coefficients and Strouhal number (St) on an Re-Angle plane.

• Journal of Advanced Navigation Technology
• /
• v.16 no.2
• /
• pp.211-218
• /
• 2012

In this paper, we propose a fault injection attack on AES-CMAC, which is defined by IETF. The fault assumption used in this attack is based on that introduced at FDTC'05. This attack can recover the 128-bit secret key of AES-CMAC by using only small number of fault injections. This result is the first known key recovery attack result on AES-CMAC.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.151-158
• /
• 2011

Bivium is a simplified version of Trivium, a hardware profile finalist of the eSTREAM project. Bivium has an internal state size of 177 bits and a key length of 80 bits. In this paper, a guess and determine attack on this cipher is introduced. In the proposed method, the best linear approximations for the updating functions are first defined. Then by using these calculated approximations, a system of linear equations is built. By guessing 30 bits of internal state, the system is solved and all the other 147 remaining bits are determined. The complexity of the attack is O ($2^{30}$), which is an improvement to the previous guess and determine attack with a complexity of order O($2^{52.3}$).

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.19 no.3
• /
• pp.253-270
• /
• 2015

Two major simultaneous attack strategies have been introduced, as one of cooperative attack of multiple missiles. One strategy is an undesignated time attack, in which the missiles communicate among themselves to synchronize the arrival times by reducing the mutual differences of times-to-go of multiple missiles during the homing. The other is a designated time attack, in which a common impact time is commanded to all members in advance, and thereafter each missile tries to home on the target on time independently. For this individual homing, Impact-Time-Control Guidance (ITCG) law is required. After introducing cooperative proportional navigation (CPN) for the first strategy, this article presents a new closed-form ITCG guidance solution for the second strategy. It is based on the linear formulation, employing base trajectories driven by PNG with various navigation constants. Nonlinear simulation of several engagement situations demonstrates the performance and feasibility of the proposed ITCG law.

• Journal of the Semiconductor & Display Technology
• /
• v.21 no.4
• /
• pp.86-91
• /
• 2022

Cache bypassing is a scheme to prevent unnecessary cache blocks from occupying the capacity of the cache for avoiding cache contamination. This method is introduced to alleviate the problems of non-volatile memories (NVMs)-based memory system. However, the prior works have been studied without considering wear-out attack. Malicious writing to a small area in NVMs leads to the failure of the system due to the limited write endurance of NVMs. This paper proposes a novel scheme to prolong the lifetime with higher resistance for the wear-out attack. First, the memory reference pattern is found by modified reuse distance calculation for each cache block. If a cache block is determined as the target of the attack, it is forwarded to higher level cache or main memory without updating the NVM-based cache. The experimental results show that the write endurance is improved by 14% on average and 36% on maximum.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.27-33
• /
• 2011

At FDTC'05 and CISC-W'10, the authors showed that if they decrease the number of rounds of AES and Triple-DES by using the fault injections, it is possible to recover the secret key of the target algorithms, respectively. In this paper, we propose a key recovery attack on HMAC by using the main idea of these attacks. This attack is applicable to HMAC based on MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, the attack result on HMAC-SHA-2 is the first known key recovery attack result on this algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1207-1216
• /
• 2020

Since the server system in the cloud environments can simultaneously operate multiple OS and commonly share the memory space between users, an adversary can recover some secret information using cache side-channel attacks. In this paper, the Flush+Reload attack, a kind of cache side-channel attacks, is applied to the optimized precomputation table implementation of Korea block cipher standard ARIA. As an experimental result of attack on ARIA-128 implemented in Ubuntu environment, we show that the adversary can extract the 16 bytes last round key through Flush+Reload attack. Furthermore, the master key of ARIA can be revealed from last and first round key used in an encryption processing.

• ETRI Journal
• /
• v.31 no.5
• /
• pp.625-627
• /
• 2009

This letter describes an improved side-channel attack on DES with the first four rounds masked. Our improvement is based on truncated differentials and power traces which provide knowledge of Hamming weights for the intermediate data computed during the enciphering of plaintexts. Our results support the claim that masking several outer rounds rather than all rounds is not sufficient for the ciphers to be resistant to side-channel attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.107-111
• /
• 2006

We analyze Domingo-Feller's first privacy homomorphism scheme with known-plaintext attack As a result, it is possible to get the secret key if we blow two known plaintext-ciphertext pairs when modulus n is public, and three or more pairs are sufficient when modulus n is secret.

• Journal of Information Processing Systems
• /
• v.8 no.1
• /
• pp.175-190
• /
• 2012

Shuffling is an effective method to build a publicly verifiable mix network to implement verifiable anonymous channels that can be used for important cryptographic applications like electronic voting and electronic cash. One shuffling scheme by Groth is claimed to be secure and efficient. However, its soundness has not been formally proven. An attack against the soundness of this shuffling scheme is presented in this paper. Such an attack compromises the soundness of the mix network based on it. Two new shuffling protocols are designed on the basis of Groth's shuffling and batch verification techniques. The first new protocol is not completely sound, but is formally analyzed in regards to soundness, so it can be applied to build a mix network with formally proven soundness. The second new protocol is completely sound, so is more convenient to apply. Formal analysis in this paper guarantees that both new shuffling protocols can be employed to build mix networks with formally provable soundness. Both protocols prevent the attack against soundness in Groth's scheme. Both new shuffling protocols are very efficient as batch-verification-based efficiency-improving mechanisms have been adopted. The second protocol is even simpler and more elegant than the first one as it is based on a novel batch cryptographic technique.