• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.91-96
• /
• 2004

In this paper, we introduce two forgery attacks on the PMAC. If it has no truncation then the attack requires about $2^{n}$ 2+1/ chosen texts, otherwise, the attack requires about $2^{n}$ 2+1/ chosen texts and $2^{n-}$$\tau$ MAC verifications where $\tau$ is the size of the MAC. We also give a forgery attack on the TMAC variant which requires about $2^{n}$ 2+1/ texts.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.33-41
• /
• 2010

Many experimental results shows that RSA-CRT algorithm can be broken by fault analysis attacks. We analyzed the previous fault attacks and their countermeasures on RSA-CRT algorithm and found an weakness of the countermeasure proposed by Abid and Wang. Based on these analyses, we propose a new countermeasure which uses both double exponentiation and fault infective computation method. The proposed method efficiently computes a fault verification information using double exponentiation. And, it is designed to resist simple power analysis attack and (N-1) attack.

• Bulletin of the Korean Chemical Society
• /
• v.18 no.4
• /
• pp.390-394
• /
• 1997

Nucleophilic substitution reactions of 2-thiopheneethyl benzenesulfonates (2-TEB) and 3-thiopheneethyl benzenesulfonates (3-TEB) with anilines and N,N-dimethylanilines (DMA) are investigated in acetonitrile at 60.0 ℃. The cross-interaction constants ρxz determined for the reactions with anilines are large negative (- 0.50) which are comparable to those for the similar predominantly frontside-attack SN2 reactions of 1-phenylethyl (1-PEB), 2-phenylethyl (2-PEB) and cumyl benzenesulfonates. A large negative ρxz value (- 0.4∼- 0.8) is considered to provide a mechanistic criterion for the frontside-attack SN2 mechanism with a four-center transition state. In agreement with this proposal the kinetic isotope effects, kH/kD, involving deuterated aniline nucleophiles are all greater than one reflecting partial N-H(D) bond cleavage in the transition state. The MO theoretical reactant structures of 1-PEB, 2-PEB and 2-TEB based on the PM3 calculation show that the benzene ring blocks the backside nucleophile approach to the reaction center carbon (Cα) enforcing the frontside-attack SN2 mechanism.

• Bulletin of the Korean Chemical Society
• /
• v.24 no.5
• /
• pp.583-592
• /
• 2003

The gas phase identity nucleophilic substitution reactions of halide anions (X = F, Cl, Br) with cyclopentadienyl halides (1) are investigated at the B3LYP/6-311+G**, MP2/6-311+G** and G2(+)MP2 levels involving five reaction pathways: σ-attack $S_N2$, β-$S_N$2'-syn, β-$S_N$2'-anti, γ-$S_N$2'-syn and γ-$S_N$2'-anti paths. In addition, the halide exchange reactions at the saturated analogue, cyclopentyl halides (2), and the monohapto circumambulatory halide rearrangements in 1 are also studied at the same three levels of theory. In the σ-attack $S_N2$ transition state for 1 weak positive charge develops in the ring with X = F while negative charge develops with X = Cl and Br leading to a higher energy barrier with X = F but to lower energy barriers with X = Cl and Br than for the corresponding reactions of 2. The π-attack β-$S_N$2' transition states are stabilized by the strong $n_C-{\pi}^{*}_{C=C}$ charge transfer interactions, whereas the π-attack γ-$S_N$2' transition states are stabilized by the strong $n_C-{\sigma}^{*}_{C-X}$ interactions. For all types of reaction paths, the energy barriers are lower with X = F than Cl and Br due to the greater bond energy gain in the partial C-X bond formation with X = F. The β-$S_N$2' paths are favored over the γ-$S_N$2' paths only with X = F and the reverse holds with X = Cl and Br. The σ-attack $S_N2$ reaction provides the lowest energy barrier with X = Cl and Br, but that with X = F is the highest energy barrier path. Activation energies for the circumambulatory rearrangement processes are much higher (by more than 18 kcal $mol^{-1}$) than those for the corresponding $S_N2$ reaction path. Overall the gas-phase halide exchanges are predicted to proceed by the σ-attack $S_N2$ path with X = Cl and Br but by the β-$S_N$2'-anti path with X = F. The barriers to the gas-phase halide exchanges increase in the order X = F < Br < Cl, which is the same as that found for the gas-phase identity methyl transfer reactions.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.3
• /
• pp.9-17
• /
• 2012

In this paper, we propose a SPN 256 bit block cipher so called XSB(eXtended SPN Block cipher) which has a symmetric structure in encryption and decryption. The proposed XSB is composed of the even numbers of N rounds where the first half of them, 1 to N/2-1 round, applies a pre-function and the last half of them, N/2+1 to N round, employs a post-function. Each round consists of a round key addition layer, a substiution layer, a byte exchange layer and a diffusion layer. And a symmetry layer is located in between the pre-function layer and the post-function layer. The symmetric layer is composed with a multiple simple bit slice involution S-Boxes. The bit slice involution S-Box symmetric layer increases difficult to attack cipher by Square attack, Boomerang attack, Impossible differentials cryptanalysis etc.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.135-140
• /
• 2004

In Crypto 2002 May analyzed the relation between the size of two primes and private key in unbalanced RSA with small CRT exponent. Also in Crypto 2003 he showed that if $N^{1}$4/ amount of most significant bits(least significant bits) of $d_{p}$ is exposed in balanced RSA with CRT, N can be factored. To prove this he used Howgrave-Graham's Theorem. In this paper we show that if $N^{1}$4/ amount of $d_{p}$ , p is smaller than q, and bigger than $N^{0.382}$ to avoid May's attack, is exposed in unbalanced RSA with small CRT exponent, it is enough to expose $d_{p}$ . We use Coppersmith's theorem with unbalanced primes.

• Journal of Communications and Networks
• /
• v.12 no.1
• /
• pp.1-4
• /
• 2010

As a countermeasure to simple power attack, the unified point addition codes for the elliptic curve cryptosystem were introduced. However, some authors proposed a different kind of power attacks to the codes. This power attack uses the observation that some internal operations in the codes behave differently for addition and doubling. In this paper, we propose a new countermeasure against such an attack. The basic idea of the new countermeasure is that, if one of the input points of the codes is transformed to an equivalent point over the underlying finite field, then the code will behave in the same manner for addition and doubling. The new countermeasure is highly efficient in that it only requires 27(n-1)/3 extra ordinary integer subtractions (in average) for the whole n-bit scalar multiplication. The timing analysis of the proposed countermeasure is also presented to confirm its SPA resistance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.47-57
• /
• 2004

The Goldreich-Goldwasser-Halevi(GGH)'s signature scheme from Crypto '97 is cryptanalyzed, which is based on the well-blown lattice problem. We mount a chosen message attack on the signature scheme, and show the signature scheme is vulnerable to the attack. We collects n lattice points that are linearly independent each other, and constructs a new basis that generates a sub-lattice of the original lattice. The sub-lattice is shown to be sufficient to generate a valid signature. Empirical results are presented to show the effectiveness of the attack Finally, we show that the cube-like parameter used for the private-key generation is harmful to the security of the scheme.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.1
• /
• pp.105-112
• /
• 2014

The utilization of Wireless Ad Hoc Network which can build easily network using wireless device in difficult situation to build network is very good. However, it has security threat element because it transfers data by only forwarding of wireless devices. The measures against this should be prepared because damage by especially routing attack can affect the entire network. It is hard to distinguish malicious node and normal node among nodes composing network and it is not easy also to detect routing attack and respond to this. In this paper, we propose new method which detect routing attack and can respond to this. The amount of traffic in all nodes is measured periodically to judge the presence or absence of attack node on the path set. The technique that hides inspection packet to suspected node and transmits is used in order to detect accurately attack node in the path occurred attack. The experiment is performed by comparing SRAODA and SEAODV technique to evaluate performance of the proposed technique and the excellent performance can be confirmed.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.2
• /
• pp.171-179
• /
• 2011

Feistel and SPN are the two main structures in a block cipher. Feistel is a symmetric structure which has the same structure in encryption and decryption, but SPN is not a symmetric structure. Encrypt round function and decrypt round function in SPN structure have three parts, round key addition and substitution layer with S-box for confusion and permutation layer for defusion. Most SPN structure for example ARIA and AES uses 8 bit S-Box at substitution layer, which is vulnerable to Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. In this paper, we propose a SPN which has a symmetric structure in encryption and decryption. The whole operations of proposed algorithm are composed of the even numbers of N rounds where the first half of them, 1 to N/2 round, applies a right function and the last half of them, (N+1)/2 to N round, employs an inverse function. And a symmetry layer is located in between the right function layer and the inverse function layer. The symmetric layer is composed with a multiple simple bit slice involution S-Boxes. The bit slice involution S-Box symmetric layer increases difficult to attack cipher by Square attack, Boomerang attack, Impossible differentials cryptanalysis etc. The proposed symmetric SPN block cipher with bit slice involution S-Box is believed to construct a safe and efficient cipher in Smart Card and RFID environments where electronic chips are built in.