• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.10
• /
• pp.67-78
• /
• 2003

As optical network technology advances and high bandwidth Internet is demanded for the exponential growth of internet traffic volumes, the Dense-Wavelength Division Multiplexing (DWDM) networks have been widely accepted as a promising approach to the Next Generation Optical Internet (NGOI) backbone networks for nation wide or global coverage. Important issues in the NGOI based on DWDM networks are the Routing and Wavelength Assignment(RWA) problem and survivability. Especially, fault/attack detection, localization and recovery schemes in All Optical Transport Network(AOTN) is one of the most important issues because a short service disruption in DWDM networks carrying extremely high data rates causes loss of vast traffic volumes. In this paper, we suggest a fault/attack management model for NGOI through analyzing fault/attack vulnerability of various optical backbone network devices and propose fault/attack recovery procedure considering Extended-LMP(Link Management Protocol) and RSVP-TE+(Resource Reservation Protocol-Traffic Engineering) as control protocols in IP/GMPLS over DWDM.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.11-25
• /
• 2011

The Miller algorithm is employed in the typical pairing computation such as Weil, Tate and Ate for implementing ID based cryptosystem. By analyzing the Mrabet's attack that is one of fault attacks against the Miller algorithm, this paper presents au efficient fault attack in Affine coordinate system, it is the most basic coordinates for construction of elliptic curve. The proposed attack is the effective model of a count check fault attack, it is verified to work well by practical fault injection experiments and can omit the probabilistic analysis that is required in the previous counter fault model.

• ETRI Journal
• /
• v.33 no.6
• /
• pp.989-992
• /
• 2011

Recently, Page and Vercauteren proposed a fault attack on pairing algorithms and two countermeasures against such an attack. The countermeasure uses either a random scalar or a random point to blind the input points. To defeat the countermeasure using a random point, we utilize the point addition formula on an elliptic curve. As a result, we successfully defeat the countermeasure using a random point.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.965-973
• /
• 2022

As IoT(Internet of Things) devices become common, many algorithms have been developed to protect users' personal information. The laser fault injection attack that threatens those algorithms is a side-channel analysis that intentionally injects a laser beam to the outside of a device to acquire confidential information or abnormal privileges of the system. There are many studies to determine the timing of fault injection to reduce the number of necessary fault injections, but the location to inject faults is only repeatedly searched for the entire area of the device. However, when fault injection is performed in an algorithm-independent area, the attacker cannot obtain the intended faulted statement or attempt to bypass authentication, so finding areas vulnerable to fault injection and performing an attack is an important consideration in achieving a high attack success rate. In this paper, we show that a 100% attack success rate can be achieved by determining the vulnerable areas for fault injection by using electromagnetic and thermal information generated from the device's chip. Based on this, we propose an efficient fault injection attack system.

• Proceedings of the IEEK Conference
• /
• 2003.11c
• /
• pp.101-104
• /
• 2003

As optical network technology advances, the Dense-Wavelength Division Multiplexing(DWDM) networks have been widely accepted as a promising approach to the Next Generation Optical Internet (NGOI) backbone networks. Especially. a fault/attack management scheme in NGOI backbone networks is one of the most important issues because a short service disruption in DWDM networks carrying extremely high data rates causes loss of vast traffic volumes. In this paper, we suggest a fault/attack management model for NGOI backbone networks and propose a fault/attack recovery procedure in IP/GMPLS over DWDM.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.3-10
• /
• 2012

In this paper, we propose a fault injection attack on stream cipher A5/3 used in GSM. The fault assumption of this attack is based on that of fault injection attacks proposed in FDTC'05 and CISC-W'10. This attack is applicable to A5/3 supporting 64/128-bit session key, respectively, and can recover the session key by using a small number of fault injections. These works are the first known key recovery attack results on A5/3.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.33-41
• /
• 2010

Many experimental results shows that RSA-CRT algorithm can be broken by fault analysis attacks. We analyzed the previous fault attacks and their countermeasures on RSA-CRT algorithm and found an weakness of the countermeasure proposed by Abid and Wang. Based on these analyses, we propose a new countermeasure which uses both double exponentiation and fault infective computation method. The proposed method efficiently computes a fault verification information using double exponentiation. And, it is designed to resist simple power analysis attack and (N-1) attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.195-200
• /
• 2009

CRT-based RSA algorithm, which was implemented on smartcard, microcontroller and so on, leakages secret primes p and q by fault attacks using laser injection, EM radiation, ion beam injection, voltage glitch injection and so on. Among the many fault injection methods, voltage glitch can be injected to target device without any modification, so more practical. In this paper, we made an experiment on the fault injection attack using abnormal source voltage. As a result, CRT-RSA's secret prime p and q are disclosed by fault attack with voltage glitch injection which was introduced by several previous papers, and also succeed the fault attack with source voltage blocking for proper period.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1009-1017
• /
• 2012

The fault injection attack has been developed to extract the secret key which is embedded in a crypto module by injecting errors during the encryption process. Especially, an attacker can find master key of AES using injection of just one byte. In this paper, we proposed a countermeasure resistant to the these fault attacks by checking the differences between input and output. Using computer simulation, we also verified that the proposed AES implementation resistant to fault attack shows better fault detection ratio than previous other methods and has small computational overheads.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.585-591
• /
• 2013

Recently, the combined attack which is a combination of side channel analysis and fault attack has been developed to extract the secret key during the cryptographic processes using a security device. Unfortunately, an attacker can find the private key of RSA cryptosystem through one time fault injection and power signal analysis. In this paper, we diagnosed SPA/FA resistant BNP(Boscher, Naciri, and Prouff) exponentiation algorithm as having threats to a similar combined attack. And we proposed a simple countermeasure to resist against this combined attack by randomizing the private key using error infective method.