• Electronics and Telecommunications Trends
• /
• v.36 no.6
• /
• pp.78-87
• /
• 2021

Information technology (IT) has been applied to various fields, and currently, IT devices and systems are used in very important areas, such as aviation, industry, and national defense. Such devices and systems are subject to various types of malicious attacks, which can be software or hardware based. Compared to software-based attacks, hardware-based attacks are known to be much more difficult to detect. A hardware Trojan horse is a representative example of hardware-based attacks. A hardware Trojan horse attack inserts a circuit into an IC chip. The inserted circuit performs malicious actions, such as causing a system malfunction or leaking important information. This has increased the potential for attack in the current supply chain environment, which is jointly developed by various companies. In this paper, we discuss the future direction of research by introducing attack cases, the characteristics of hardware Trojan horses, and countermeasure trends.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.219-222
• /
• 2013

The Side Channel attack methods proposed by P.Kocher are mainly used for cryptanalysis different cipher algorithms even though they are claimed to be strongly secured. Those kinds of attacks depend on environment implementation especially on the hardware implementation of the algorithm to the crypto module. side-channel attacks are a type of attack introduced by P.Kocher and is applicable according to each environment or method that is designed. This kind of attack can analyze and also extract important information by reading the binary code data via measurement of changes in electricity(voltage) consumption, running time, error output and sounds. Thus, in this paper, we discuss recent SPA and DPA attacks as well as recent countermeasure techniques.

• Journal of Internet Computing and Services
• /
• v.12 no.5
• /
• pp.39-46
• /
• 2011

The user authentication on the security applications is one of the most important process. Because character based password is commonly used for user authentication, it is most important to protect the keyboard. Due to the reason, several software solutions for keyboard security have been applied to critical sites. This paper introduces vulnerabilities to the commonly used USB keyboard, implements a sample code using the vulnerabilities and evaluates the possibility for the keyboard data to be stolen in the guarded environment. Through the comparison of the result, a countermeasure to the vulnerabilities is proposed.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.5
• /
• pp.711-717
• /
• 2016

Recently, fuel cell generation system with high energy efficiency and low CO2 emission is energetically interconnected with distribution power system. Especially, MCFC(molten carbonate fuel cell) operating at high temperature conditions is commercialized and installed as a form of large scale power generation system. However, it is reported that power system disturbances such as harmonic distortion, surge phenomenon, unbalance current, EMI(Electromagnetic Interference), EMC (Electromagnetic Compatibility) and so on, have caused several problems including malfunction of protection device and damage of control devices in the large scale FCGS(Fuel Cell Generation System). Under these circumstances, this paper proposes countermeasure algorithms to prevent power system disturbances based on the modelling of PSCAD/EMTDC and P-SIM software. From the simulation results, it is confirmed that proposed algorithms are useful method for the stable operation of a large scale FCGS.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.221-223
• /
• 2014

Power analysis attack on cryptographic hardware device aims to study the power consumption while performing operations using secrets keys. Power analysis is a form of side channel attack which allow an attacker to compute the key encryption from algorithm using Simple Power Analysis (SPA), Differential Power Analysis (DPA) or Correlation Power Analysis (CPA). The theoretical weaknesses in algorithms or leaked informations from physical implementation of a cryptosystem are usually used to break the system. This paper describes how power analysis work and we provide an overview of countermeasures against power analysis attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.2
• /
• pp.129-139
• /
• 2006

ARIA is a 128-bit block cipher, which became a Korean Standard in 2004. According to recent research this cipher is attacked by first order DPA attack In this paper, we explain a masking technique that is a countermeasure against first order DPA attack and apply it to the ARIA. And we implemented a masked ARIA for the 8 bit microprocessor based on AVR in software. By using this countermeasure, we verified that it is secure against first order DPA attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1443-1454
• /
• 2016

Balanced encoding method that implement Dual-rail logic style based on hardware technique to software is efficient countermeasure against side-channel analysis without additional memory. Since balanced encoding keep Hamming weight and/or Hamming distance of intermediate values constantly, using this method can be effective as countermeasure against side channel analysis due to elimination of intermediate values having HW and/or HD relating to secret key. However, former studies were presented for Constant XOR operation, which can only be applied to crypto algorithm that can be constructed XOR operation, such as PRINCE. Therefore, our first proposal of new Constant ADD, Shift operations can be applied to various symmetric crypto algorithms based on ARX. Moreover, we did not used look-up table to obtain efficiency in memory usage. Also, we confirmed security of proposed Constant operations with Mutual Information Analysis.

• Journal of the Korean Society of Safety
• /
• v.28 no.5
• /
• pp.61-65
• /
• 2013

Occupational stresses of steel manufacturing workers have been investigated using an organized questionnaire composed of 40 items. Three hypothesizes were developed based on the literature review of related researches. Empirical data surveyed from ones working in steel manufacturing jobs were collected and the in-depth statistical analyses using Statistical Package for the Social Sciences(SPSS) software were performed. These statistical results indicate that the existence of occupational stress may cause to take place industrial accidents. Consequentially, the prevention of occupational stress helps to promote the will to work, following by increasing job satisfaction in working circumstance of steel manufacturing.

• ETRI Journal
• /
• v.37 no.5
• /
• pp.1012-1022
• /
• 2015

Conventional cryptographic algorithms are not sufficient to protect secret keys and data in white-box environments, where an attacker has full visibility and control over an executing software code. For this reason, cryptographic algorithms have been redesigned to be resistant to white-box attacks. The first white-box AES (WB-AES) implementation was thought to provide reliable security in that all brute force attacks are infeasible even in white-box environments; however, this proved not to be the case. In particular, Billet and others presented a cryptanalysis of WB-AES with 230 time complexity, and Michiels and others generalized it for all substitution-linear transformation ciphers. Recently, a collision-based cryptanalysis was also reported. In this paper, we revisit Chow and others's first WB-AES implementation and present a conditional re-encoding method for cryptanalysis protection. The experimental results show that there is approximately a 57% increase in the memory requirement and a 20% increase in execution speed.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.4
• /
• pp.65-71
• /
• 2019

IAs smart device penetration rate is more than 90%, mobile transaction ratio using smart device is increasing. Smart contracts are used in various areas of real life including smart trading. By applying smart contracts to the platform for smart transactions through block-chain technology, the threat of hacking or forgery can be reduced. However, various threats to devices in smart transactions can pose a threat to the use of block chain Etherium, an important element in privilege and personal information management. Smart contract used in block chain Ethereum includes important information or transaction details of users. Therefore, in case of an attack of privilege elevation, it is very likely to exploit transaction details or forge or tamper with personal information inquiry. In this paper, we propose a detection and countermeasure method for privilege escalation attack, which is especially important for block chain for secure smart transaction using block chain Ethereum. When comparing the results of this study with the results of similar applications and researches, we showed about 12~13% improvement in performance and suggested the future countermeasures through packet analysis.