• ETRI Journal
• /
• v.32 no.3
• /
• pp.362-369
• /
• 2010

While the elliptic curve cryptosystem (ECC) is getting more popular in securing numerous systems, implementations without consideration for side-channel attacks are susceptible to critical information leakage. This paper proposes new power attack countermeasures for ECC over Koblitz curves. Based on some special properties of Koblitz curves, the proposed methods randomize the involved elliptic curve points in a highly regular manner so the resulting scalar multiplication algorithms can defeat the simple power analysis attack and the differential power analysis attack simultaneously. Compared with the previous countermeasures, the new methods are also noticeable in terms of computational cost.

• ETRI Journal
• /
• v.32 no.1
• /
• pp.102-111
• /
• 2010

Recently power attacks on RSA cryptosystems have been widely investigated, and various countermeasures have been proposed. One of the most efficient and secure countermeasures is the message blinding method, which includes the RSA derivative of the binary-with-random-initial-point algorithm on elliptical curve cryptosystems. It is known to be secure against first-order differential power analysis (DPA); however, it is susceptible to second-order DPA. Although second-order DPA gives some solutions for defeating message blinding methods, this kind of attack still has the practical difficulty of how to find the points of interest, that is, the exact moments when intermediate values are being manipulated. In this paper, we propose a practical second-order correlation power analysis (SOCPA). Our attack can easily find points of interest in a power trace and find the private key with a small number of power traces. We also propose an efficient countermeasure which is secure against the proposed SOCPA as well as existing power attacks.

• ETRI Journal
• /
• v.33 no.6
• /
• pp.989-992
• /
• 2011

Recently, Page and Vercauteren proposed a fault attack on pairing algorithms and two countermeasures against such an attack. The countermeasure uses either a random scalar or a random point to blind the input points. To defeat the countermeasure using a random point, we utilize the point addition formula on an elliptic curve. As a result, we successfully defeat the countermeasure using a random point.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.3
• /
• pp.117-121
• /
• 2007

Most existing countermeasures against classical DPA are vulnerable to new DPA, e.g., refined power analysis attack (RPA), zero-value point attack (ZPA), and doubling attack. More recently, Mamiya et al proposed a new countermeasure (so-called BRIP) against RPA, ZPA, classical DPA and SPA. This countermeasure, however, also has a vulnerability of scalar multiplication computations by exploiting specially chosen input message. Therefore, to prevent various power analysis attacks like DPA and new SPA, we propose an enhanced countermeasure by developing a new random blinding technique.

• Journal of Acupuncture Research
• /
• v.23 no.6
• /
• pp.1-8
• /
• 2006

Introduction : Even though Acupuncture has been know for its effect for a long time, recently it is required to verifiy its effect. To solve this, clinical trial, based on EBM, has been the way to explain acupuncture's treatment effect. Methods: Last year we had a clinical trial based on acupuncture. From this experience we came to a conclusion mentioned below. Results : 1. To find out acupuncture's effect more certainly, it is needed that Korean medical method or treatment should be connected to diagnosis. 2. We had found out that sham and minimal acupuncture are the most appropriate way in single blinding. 3. It is required for the acupuncturist to practice the right real acupuncture point and sham's point in clinical trial. 4. The most important thing to maintain the subjects from dropping out is to always be concerned to the subjects and management them. Conclusion : The best way to advance clinical trial on acupuncture is to use single blinding system with sham acupuncture together in controlled groups and most of all also needs a standardized acupuncture point and depth.

• Journal of Internet of Things and Convergence
• /
• v.6 no.2
• /
• pp.25-29
• /
• 2020

The elliptic curve crypto-algorithm is widely used in authentication for IoT environment, since it has small key size and low communication overhead compare to the RSA public key algorithm. If the scalar multiplication, a core operation of the elliptic curve crypto-algorithm, is not implemented securely, attackers can find the secret key to use simple power analysis or differential power analysis. In this paper, an elliptic curve scalar multiplication algorithm using a randomized scalar and an elliptic curve point blinding is suggested. It is resistant to power analysis but does not significantly reduce efficiency. Given a random r and an elliptic curve random point R, the elliptic scalar multiplication kP = u(P+R)-vR is calculated by using the regular variant Shamir's double ladder algorithm, where l+20-bit u≡rn+k(modn) and v≡rn-k(modn) using 2^lP=∓cP for the case of the order n=2^l±c.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.169-177
• /
• 2003

We establish the security requirements and derive a generic condition of elliptic curve scalar multiplication to resist against DPA and Goubin’s attack. Also we show that if a scalar multiplication algorithm satisfies our generic condition, then both attacks are infeasible. Showing that the randomized signed scalar multiplication using Ha-Moon's receding algorithm satisfies the generic condition, we recommend the randomized signed scalar multiplication using Ha-Moon's receding algorithm to be protective against both attacks. Also we newly design a random recoding method to Prevent two attacks. Finally, in efficiency comparison, it is shown that the recommended method is a bit faster than Izu-Takagi’s method which uses Montgomery-ladder without computing y-coordinate combined with randomized projective coordinates and base point blinding or isogeny method. Moreover. Izu-Takagi’s method uses additional storage, but it is not the case of ours.

• Korean Journal of Acupuncture
• /
• v.29 no.1
• /
• pp.23-36
• /
• 2012

Objectives : This study was conducted to investigate effective treatment point selection method using oppressive pain in acupoints as elementary attempt for standard methodology of clinical acupuncture studies. Methods : Twenty seven subjects with hypertension or within prehypertension category - systolic and diastolic blood pressure (BP) over 120/80mmHg - were divided into two groups, oppressive pain point treatment group and oppressive painless point treatment group. In oppressive pain point treatment group, single point acupuncture (SPA) was conducted for 16 sessions during 8 weeks on most oppressive painful point among 6 selected acupuncture points used in previous trials and clinic. As a SPA intervention, 15 minutes with deqi sensation- elevating manipulation was conducted on the treatment acupoint. Same process was conducted in oppressive painless point treatment group on most oppressive painless point with subject blinding. Results : Significant reduction was observed in both systolic and diastolic BP after short time intervention (15.5/8.8 mmHg, 10.7/7.1 mmHg, P<0.05, respectively at 1 week) and maintained for 8 weeks intervention period in all groups (12.8/8.0 mmHg, 19.4/12.6 mmHg, P<0.05, respectively). No significant difference of BP change between oppressive pain point treatment group (N=10) and oppressive painless point treatment group (N=9) was observed during 8 weeks study period. Conclusions : SPA treatment as used in this pilot study was effective for lowering BP in mild hypertensive population, but oppressive pain in acupoint had no effect on treatment. This present result suggests the possibility of SPA for hypertension treatment regardless of oppressive pain.

• Journal of Acupuncture Research
• /
• v.25 no.6
• /
• pp.77-93
• /
• 2008

Objectives : Though there were many clinical studies of acupuncture effects they didn't have appropriate control group or use another therapy for control group. So, we didn't say it was true acupuncture effect, though subjects in clinical study improved. Recently several sham needles for control group were developed and validated. This study aimed at summarizing the validation studies of these needles and evaluating the control group of the acupuncture clinical study. Methods : Computerized literature searches were performed using 'acupuncture' and 'placebo or sham' with a limitation of the results to RCTs in Pubmed, Sciencedirect, NDSL, KISS, RISS. Data were extracted regarding study design, sample size, acupuncture point, stimulation form, credibility testing. And We have examined 106 acupuncture clinical studies published by Pubmed from January 1, 2005 to April 30, 2008. Data were extracted author's country, subject of study, type of study groups, type of control groups, type of blinding, difference between the results in the control groups. Results : Streitberger's placebo needle, Fink's sham needle, Park sham needle, Kim sham needle were developed. They were validated at domestic and abroad. But the results were deviation depending on the each of the researcher. They has shown that sample, acupuncture points, experiences or knowledge of acupuncture dependent on the results. Recent three years, acupuncture clinical trial had different results. Significant differences between Study group and control group emerged from using other therapy or non-treatment for control group. Many study has no significant differences using sham acupuncture for control groups. Conclusions : Acupuncture clinical studies need to meet several requirements. First of all, they require the basics of randomized controlled clinical studies such as blinding and the accurate implementation and description of randomization. And also need to research the unique circumstances of these studies such as the development of sham acupuncture and blinding method which differs from other clinical trials.