• International Journal of Internet, Broadcasting and Communication
• /
• v.10 no.3
• /
• pp.11-25
• /
• 2018

While being believed that decrypting any RSA ciphertext is as hard as factorizing the RSA modulus, it was also shown that, if additional information is available, breaking the RSA cryptosystem may be much easier than factoring. For example, Coppersmith showed that, given the 1/2 fraction of the least or the most significant bits of one of two RSA primes, one can factorize the RSA modulus very efficiently, using the lattice-based technique. More recently, introducing the so called cold boot attack, Halderman et al. showed that one can recover cryptographic keys from a decayed DRAM image. And, following up this result, Heninger and Shacham presented a polynomial-time attack which, given 0.27-fraction of the RSA private key of the form (p, q, d, $d_p$, $d_q$), can recover the whole key, provided that the given bits are uniformly distributed. And, based on the work of Heninger and Shacham, this paper presents a different approach for recovering RSA private key bits from decayed key information, under the assumption that some random portion of the private key bits is known. More precisely, we present the algorithm of recovering RSA private key bits from erased key material and elaborate the formula of describing the number of partially-recovered RSA private key candidates in terms of the given erasure rate. Then, the result is justified by some extensive experiments.

• International Journal of Ocean System Engineering
• /
• v.1 no.2
• /
• pp.110-119
• /
• 2011

Numerical and experimental studies were performed to investigate the aerodynamic performance of a thin wing in close vicinity to the ground. The vortex lattice method (VLM) was utilized to simulate the wing in ground (WIG) effect, which included freely deforming wake elements. The numerical results acquired through the VLM were compared to the experimental results. The experiment entailed varying the ground clearance using the DHMTU (Department of Hydromechanics of the Marine Technical University of Saint Petersburg) wing and the WIG craft model in the wind tunnel. The aero-dynamic influence of the design parameters, such as angles of attack, aspect ratios, taper ratios, and sweep angles were studied and compared between the numerical and experimental results associated with the WIG craft. Both numerical and experimental results suggested that the endplate augments the WIG effect for a small ground clearance. In addition, the vortex lattice method simulated the wake deformation following the wing in the influence of the ground effect.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3911-3924
• /
• 2016

Compared to the classical cryptography, lattice-based cryptography is more secure, flexible and simple, and it is believed to be secure against quantum computers. In this paper, an efficient signature scheme is proposed from the ring learning with errors (R-LWE), which avoids sampling from discrete Gaussians and has the characteristics of the much simpler description etc. Then, the scheme is implemented in C/C++ and makes a comparison with the RSA signature scheme in detail. Additionally, a linearly homomorphic signature scheme without trapdoor is proposed from the R-LWE assumption. The security of the above two schemes are reducible to the worst-case hardness of shortest vectors on ideal lattices. The security analyses indicate the proposed schemes are unforgeable under chosen message attack model, and the efficiency analyses also show that the above schemes are much more efficient than other correlative signature schemes.

• Journal of computational fluids engineering
• /
• v.16 no.4
• /
• pp.14-20
• /
• 2011

The initial unfolding motion simulation of a sub-munition with drag ribbon for precision guidance and reliable operation has been investigated by analyzing its unsteady aerodynamic load and fluid structure interaction. The effects of change in the ribbon configuration and flow angle are numerically studied using a commercial software "XFLOW" based on Lattice-Boltzmann Method. It is shown that the motion is affect adversely by the separation bubble formed posterior part of the fuselage. The rolling moment for arming of the sub-munition is increased with angle of attack and rotational movement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.2
• /
• pp.95-103
• /
• 2005

Convolution modular lattices appeared in the analysis of NTRU public key cryptosystem. We present three guess-then-reduce methods on convolution modular lattices, and apply them to practical parameters of NTRU. For the present our methods don't affect significantly the security of them. However, Hey have room for improvement and can be used to estimate mole closely the security of systems related to convolution modular lattices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.709-719
• /
• 2023

Recently, Post-Quantum Cryptography (PQC), which is secure against attacks using quantum computers, has been actively studied. In 2022, the KpqC competition, a competition for domestic PQC standardization, was launched, and a total of 16 candidate algorithms were received, and the first round is underway. In this paper, we apply Alexander May's Meet-LWE attack to TiGER, a lattice-based key encapsulation mechanism that is a candidate for the first round of the KpqC competition, and analyze its concrete attack complexity. The computational results of applying the Meet-LWE attack to each of the proposed parameters of TiGER show that the proposed TiGER192 parameter, which targets 192-bit quantum security, actually achieves 170-bit classical security. In addition, we propose a parameter setting to increase the attack complexity against the Meet-LWE attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.551-561
• /
• 2018

As the computational technology using quantum computing has been developed, several threats on cryptographic systems are recently increasing. Therefore, many researches on post-quantum cryptosystems which can withstand the analysis attacks using quantum computers are actively underway. Nevertheless, the lattice-based NTRU system, one of the post-quantum cryptosystems, is pointed out that it may be vulnerable to the fault injection attack which uses the weakness of implementation of NTRU. In this paper, we investigate the fault injection attacks and their previous countermeasures on the NTRU signature system and propose a secure and efficient countermeasure to defeat it. As a simulation result, the proposed countermeasure has high fault detection ratio and low implementation costs.

• Bulletin of the Korean Mathematical Society
• /
• v.51 no.5
• /
• pp.1347-1356
• /
• 2014

In this paper, we analyze the security of the KMOV public key cryptosystem. KMOV is based on elliptic curves over the ring $\mathbb{Z}_n$ where n = pq is the product of two large unknown primes of equal bit-size. We consider KMOV with a public key (n, e) where the exponent e satisfies an equation ex-(p+1)(q+1)y = z, with unknown parameters x, y, z. Using Diophantine approximations and lattice reduction techniques, we show that KMOV is insecure when x, y, z are suitably small.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.399-405
• /
• 2003

A new type of signature scheme, called NTRUSign, based on solving the approximately closest vector problem in an NTRU lattice was proposed in［7］,［8］. However no security proof against chosen messages attack has been made for this scheme. In this paper, we show that NTRUSign signature scheme contains the weakness of malleability. From this, one can derive new valid signatures from any previous message-signature pair which means that NTRUSign is not secure against strongly existential forgery.