• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.453-460
• /
• 2014

Fault injection attack is the process of attempting to acquire the information on-chip through inject artificially generated error code into the cryptographic algorithms operation (or perform) which is implemented in hardware or software. From the details above, the laser-assisted failure injection attacks have been proven particularly successful. In this paper, we propose an improved laser probing system for fault injection attack which is called the Dual-Laser FA tool set, a hybrid approach of the Flash-pumping laser and fiber laser. The main concept of the idea is to improve the laser probe through utilizing existing equipment. The proposed laser probe can be divided into two parts, which are Laser-I for laser cutting, and Laser-II for fault injection. We study the advantages of existing equipment, and consider the significant parameters such as energy, repetition rate, wavelength, etc. In this approach, it solves the high energy problem caused by flash-pumping laser in higher repetition frequency from the fiber laser.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.997-1006
• /
• 2019

To overcome the difficulties and inefficiencies of the existing power analysis attack, we try to extract the secret key embedded in a cryptographic device using attack model based on MLP(Multi-Layer Perceptron) method. The target of our proposed power analysis attack is the AES-128 encryption module implemented on an 8-bit processor XMEGA128. We use the divide-and-conquer method in bytes to recover the whole 16 bytes secret key. As a result, the MLP-based power analysis attack can extract the secret key with the accuracy of 89.51%. Additionally, this MLP model has the 94.51% accuracy when the pre-processing method on power traces is applied. Compared to the machine leaning-based model SVM(Support Vector Machine), we show that the MLP can be a outstanding method in power analysis attacks due to excellent ability for feature extraction.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.17-24
• /
• 2010

A differential fault attack(DFA) is one of the most efficient side channel attacks on block ciphers. Almost all block ciphers, such as DES, AES, ARIA, SEED and so on., have been analysed by this attack. In the case of the known DFAs on SEED, the attacker induces permanent faults on a whole left register of round 16. In this paper, we analyse SEED against DFA with differential characteristics and addition-XOR characteristics of the round function of SEED. The fault assumption of our attack is that the attacker induces 1-bit faults on a particular register. By using our attack, we can recover last round keys and the master key with about $2^{32}$ simple arithmetic operations. It can be simulated on general PC within about a couple of second.

• Journal of the Korean Society of Fisheries and Ocean Technology
• /
• v.26 no.4
• /
• pp.333-340
• /
• 1990

The authors carried out a visiualizational model test by the hydrogen bubble method to examine the pattern of the fluid flow besides the simple camber type and plane type otter board in circulation water channel. The experimental conditions are velocity of flow 0.05 and 0.1m/sec, angle of attack 0$^{\circ}$~45$^{\circ}$(5$^{\circ}$step). The results obtained are as follows: 1. In the case of the simple camber type otter board located angle of attack 25$^{\circ}$, vortex at the leading edge was geneated at 1/2 of chord length. 2. Size of the vortex generated in the trailing edge was about 2~3 times larger then that of the leading edge. 3. In the case of the simple camber type otter board located angle of attack 30$^{\circ}$, separation of stream-line at leading edge was generated at 1/3 of chord length. 4. Nearest stream-line in the back side of the simple camber type otter board was bent in the direction of otter board when the angle of attack was 25$^{\circ}$ and 30$^{\circ}$, and in the case of plane type otter board was expanded outside of the flow direction. 6. Area separated of the simple camber type otter board at the angle of attack 30$^{\circ}$ was smaller then that of plane type otter board. 7. Flow speed in the back side of the simple camber type otter board was about 1.4 times faster then that in the front side, and in the case of the plane otter board about 1.2 times faster.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.261-270
• /
• 2015

In information security devices, such as Smart Cards, vulnerabilities of the RSA algorithm which is used to protect the data were found in the Side Channel Analysis. The RSA is especially vulnerable to Power Analysis which uses power consumption when the algorithm is working. Typically Power Analysis is divided into SPA(Simple Power Analysis) and DPA(Differential Power Analysis). On top of this, there is a CA(Collision Analysis) which is a very powerful attack. CA makes it possible to attack using a single waveform, even if the algorithm is designed to secure against SPA and DPA. So Message blinding, which applies the window method, was considered as a countermeasure. But, this method does not provide sufficient safety when the window size is small. Therefore, in this paper, we propose a new countermeasure that provides higher safety against CA. Our countermeasure is a combination of message and exponent blinding which is applied to the window method. In addition, through experiments, we have shown that our countermeasure provides approximately 124% higher attack complexity when the window size is small. Thus it can provide higher safety against CA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.859-865
• /
• 2013

Esmbedded devices such as smart cards and electronic passports highly demand security of sensitive data. So, the secure implementation of the cryptographic system against various side-channel attacks are becoming more important. In particular, the fault injection attack is one of the threats to the cryptosystem and can destroy the whole system only with single pair of the plain and cipher texts. Therefore, the implementors must consider seriously the attack. Several techniques for preventing fault injection attacks were introduced to a variety of the cryptosystem, But the countermeasures are still inefficient to be applied to the classical RSA cryptosystem. This paper introduces an efficient countermeasure against the fault injection attack for the classical RSA cryptosystem, which is based on the famous Fermat's theorem. The proposed countermeasure has the advantage that it has less computational overhead, compared with the previous countermeasures.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.9B
• /
• pp.1369-1380
• /
• 2010

In this paper, we propose the efficient Second-Order Differential Power Analysis attack, which has ability to find significant information such as secret key in the devices consisting IT convergence environment such as Smartgrid, Advanced Metering Infrastructure(AMI) and ZigBee-based home networking service. This method helps to find the secret key easily at a device, even though it uses a countermeasure like masking which makes First-Order DPA attack harder. First, we present the performance results of our implementation which implements practical Second-Order DPA attack using the existing preprocessing function, and analyze it. Then we propose a stronger preprocessing function which overcomes countermeasures like masking. Finally, we analyze the results of the Second-Order CPA attack using proposed preprocessing function and verify that proposed scheme is very threatening to the security fields of IT convergence technology through the experimental results.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.31 no.2
• /
• pp.17-24
• /
• 2003

This paper presents results from steady wind tunnel test conducted on a $65^{\circ}$ delta wing at a root chord Reynolds number of $1.76{\times}10^6$. In these experiments, the wing was instrumented with 188 pressure taps, conjunction with powerful multi-channel data logging system, allowed the wing upper surface pressure distribution to be measured. Analysis indicates that the wing upper surface distribution can provide considerable insight into the comvined aerodynamic effects of angle of attack and sideslip on the wing. In a sideslip condition, the strength of the vortex on the windward side is much stronger than that of leeward side. This asymmetric pressure disstribution betwwen each side of wings result in a negative value of rolling moment. However, at a certatin range of angle of attck and sideslip angle(${\alpha}$=$24^{\circ}{\sim}36^{\circ}C$, ${\beta}$=$-5^{\circ}{\sim}-15^{\circ}C$) abrupt change of sign of rolling monent, rolling monent reversal, was observed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.193-200
• /
• 2023

Cryptanalysis can be performed by various techniques such as known plaintext attack, differential attack, side-channel analysis, and the like. Recently, many studies have been conducted on cryptanalysis using deep learning. A known-plaintext attack is a technique that uses a known plaintext and ciphertext pair to find a key. In this paper, we use deep learning technology to perform a known-plaintext attack against S-PRESENT, a reduced version of the lightweight block cipher PRESENT. This paper is significant in that it is the first known-plaintext attack based on deep learning performed on a reduced lightweight block cipher. For cryptanalysis, MLP (Multi-Layer Perceptron) and 1D and 2D CNN(Convolutional Neural Network) models are used and optimized, and the performance of the three models is compared. It showed the highest performance in 2D convolutional neural networks, but it was possible to attack only up to some key spaces. From this, it can be seen that the known-plaintext attack through the MLP model and the convolutional neural network is limited in attackable key bits.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.993-1000
• /
• 2017

When the availability of embedded device is considered, combined countermeasure such as first-order masking and hiding countermeasures is quite attractive because the security and efficiency can be provided at the same time. Especially, combined countermeasure can be applied to the confusion and diffusion layers of the first and last rounds in order to provide the efficiency. Also, the middle rounds only employs first-order masking countermeasure or no countermeasure. In this paper, we suggest a novel side channel analysis with low complexity in the output of diffusion layer. In general, the attack target cannot be set to the output of diffusion layer owing to the high complexity. When the diffusion layer of block cipher is composed of AND operations, we show that the attack complexity can be reduced. Here, we consider that the main algorithm is SEED. Then, the attack complexity with $2^{32}$ can be reduced by $2^{16}$ according to the fact that the correlation between the combination of S-box outputs and that of the outputs of diffusion layer. Moreover, compared to the fact that the main target is the output of S-box in general, we demonstrate that the required number of traces can be reduced by 43~98% in terms of simulated traces. Additionally, we show that only 8,000 traces are enough to retrieve the correct key by suggested scheme, although it fails to reveal the correct key when performing the general approach on 100,000 traces in realistic device.