• 정보보호학회논문지
• /
• 제18권4호
• /
• pp.45-52
• /
• 2008

$K{\ddot{u}}c{\ddot{u}}k$은 eSTREAM 프로젝트에 제안된 스트림 암호인 Grain-v1에 대하여, 공격자에게 키스트림 수열이 주어지면 이를 1-비트 좌측 이동시킨 키스트림 수열을 생성할 수 있음을 보였다[5]. 본 논문에서는 [5]에서 제안된 공격을 확장하여 연관키 선택 Ⅳ 공격을 제안한다. 본 공격은 Grain-v1의 초기화 과정의 취약점을 이용하여 비밀키의 부분 정보를 획득하여 $2^{25.02}$개의 Ⅳ와 $2^{56}$의 시간 복잡도로 Grain-v1의 비밀키를 복구한다. 본 공격은 Grain-v1에 대한 첫 번째 키 복구 공격이다.

• 정보보호학회논문지
• /
• 제28권4호
• /
• pp.803-807
• /
• 2018

Fantomas와 Robin은 FSE 2014에서 제안된 경량 블록암호 패밀리 LS-designs에 포함되는 블록암호로, 비트슬라이스 구현이 가능한 L-Box와 S-Box를 사용하여 부채널 분석 대응기법인 마스킹 기법을 효율적으로 적용할 수 있도록 설계되었다. 본 논문은 연관키 차분경로 분석을 통한 Fantomas와 Robin의 전체 128비트 키의 복구공격이 각각 $2^{56}$, $2^{72}$의 시간 복잡도와 $2^{52}$, $2^{69}$개의 선택 평문으로 가능함을 보인다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권9호
• /
• pp.3266-3285
• /
• 2014

With limited computing and storage resources, many network applications of encryption algorithms require low power devices and fast computing components. CHESS-64 is designed by employing simple key scheduling and Data-Dependent operations (DDO) as main cryptographic components. Hardware performance for Field Programmable Gate Arrays (FPGA) and for Application Specific Integrated Circuits (ASIC) proves that CHESS-64 is a very flexible and powerful new cipher. In this paper, the security of CHESS-64 block cipher under related-key differential cryptanalysis is studied. Based on the differential properties of DDOs, we construct two types of related-key differential characteristics with one-bit difference in the master key. To recover 74 bits key, two key recovery algorithms are proposed based on the two types of related-key differential characteristics, and the corresponding data complexity is about $2^{42.9}$ chosen-plaintexts, computing complexity is about $2^{42.9}$ CHESS-64 encryptions, storage complexity is about $2^{26.6}$ bits of storage resources. To break the cipher, an exhaustive attack is implemented to recover the rest 54 bits key. These works demonstrate an effective and general way to attack DDO-based ciphers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권6호
• /
• pp.2148-2167
• /
• 2021

The proliferation of the Internet of Things (IoT) technologies and applications, especially the rapid rise in the use of mobile devices, from individuals to organizations, has led to the fundamental role of secure wireless networks in all aspects of services that presented with many opportunities and challenges. To ensure the CIA (confidentiality, integrity and accessibility) security model of the networks security and high efficiency of performance results in various resource-constrained applications and environments of the IoT platform, DDO-(data-driven operation) based constructions have been introduced as a primitive design that meet the demand of high speed encryption systems. Among of them, the TMN-family ciphers which were proposed by Tuan P.M., Do Thi B., etc., in 2016, are entirely suitable approaches for various communication applications of wireless mobile networks (WMNs) and advanced wireless sensor networks (WSNs) with high flexibility, applicability and mobility shown in two different algorithm selections, TMN64 and TMN128. The two ciphers provide strong security against known cryptanalysis, such as linear attacks and differential attacks. In this study, we demonstrate new probability results on the security of the two TMN construction versions - TMN64 and TMN128, by proposing efficient related-key recovery attacks. The high probability characteristics (DCs) are constructed under the related-key differential properties on a full number of function rounds of TMN64 and TMN128, as 10-rounds and 12-rounds, respectively. Hence, the amplified boomerang attacks can be applied to break these two ciphers with appropriate complexity of data and time consumptions. The work is expected to be extended and improved with the latest BCT technique for better cryptanalytic results in further research.

• 해양환경안전학회지
• /
• 제27권3호
• /
• pp.429-438
• /
• 2021

The mandatory installation of the ECDIS (Electronic Chart Display and Information System) became an important navigational equipment for navigation officer. In addition, ECDIS is a key component of the ship's digitalization in conjunction with various navigational equipment. Meanwhile, cyber-attacks emerge as a new threat along with digitalization. Damage caused by cyber-attacks is also reported in the shipping sector, and IMO recommends that cybersecurity guidelines be developed and included in International Security Management (ISM). This study analyzed the cybersecurity hazards of ECDIS, where various navigational equipment are connected. To this end, Importance-Performance Analysis (IPA) was conducted on navigation officer using ECDIS. As a result, the development of technologies for cyber-attack detection and prevention should be priority. In addition, policies related to 'Hardware and Software upgrade', 'network access control', and 'data backup and recovery' were analyzed as contents to be maintained. This paper is significant in deriving risk factors from the perspective of ECDIS users and analyzing their priorities, and it is necessary to analyze various cyber-attacks that may occur on ships in the future.

• 융합보안논문지
• /
• 제19권3호
• /
• pp.43-50
• /
• 2019

초연결사회에서 전력기반시설과 정보통신기반시설은 핵심 국가기반시설 중에서도 핵심이다. 그러나 전력기반시설은 최근에 이슈가 되고 있는 북한의 고 고도 핵 전자기파(HEMP) 위협에 매우 치명적이며, 따라서 공격 이후의 빠른 복구를 통한 복원성은 국가의 생존성과 직결되어 있다. 그러므로 전력기반시설은 다른 어떤 핵심기반시설보다 우선하여 선제적인 방호대책과 조기 복구계획이 수립되어야 한다. 본 논문에서는 HEMP 위협의 특성을 살펴보고, 그에 대한 전력기반시설의 위험성 및 효과적인 주요 방호대책을 살펴보았다. 향후 우리나라의 전력기반시설에 대한 '고출력 전자기파 침해 방지' 관련 법·제도의 제·개정 방향을 정립하는데 도움을 줄 수 있을 것으로 기대한다.