• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.8
• /
• pp.3045-3052
• /
• 2010

The international standard signature algorithm DSA has been guaranteed its security based on discrete logarithm problem. Recently, the DSA was known to be vulnerable to some fault analysis attacks in which the secret key stored inside of the device can be extracted by occurring some faults when the device performs signature algorithm. After analyzing an existing fault attack presented by Bao et al., this paper proposed a new fault analysis attack by disturbing the random number. Furthermore, we presented a countermeasure to compute DSA signature that has its immunity in the two types of fault attacks. The security and efficiency of the proposed countermeasure were verified by computer simulations.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.12
• /
• pp.2167-2176
• /
• 2016

In the multi-server environment, remote user authentication has a very critical issue because it provides the authorization that enables users to access their resource or services. For this reason, numerous remote user authentication schemes have been proposed over recent years. Recently, Lin et al. have shown that the weaknesses of Baruah et al.'s three factors user authentication scheme for multi-server environment, and proposed an enhanced biometric-based remote user authentication scheme. They claimed that their scheme has many security features and can resist various well-known attacks; however, we found that Lin et al.'s scheme is still insecure. In this paper, we demonstrate that Lin et al.'s scheme is vulnerable against the outsider attack and user impersonation attack, and propose a new biometric-based scheme for authentication and key agreement that can be used in the multi-server environment. Lastly, we show that the proposed scheme is more secure and can support the security properties.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.10
• /
• pp.661-667
• /
• 2018

Recently, the smart home market is growing due to the development of wireless communication technology and sensor devices, and various devices are being utilized. Such an IoT environment collects various vast amount of device information for intelligent services, receives services based on user information, controls various devices, and provides communication between different types of devices. However, with this growth, various security threats are occurring in the smart home environment. In fact, Proofpoint and HP warned about the cases of damage in a smart home environment and the severity of security vulnerabilities, and cases of infringement in various environments were announced. Therefore, in this paper, we have studied secure mutual authentication method between smart nodes used in smart home to solve security problems that may occur in smart home environment. In the case of the proposed thesis, security evaluations are performed using random numbers and frequently updated session keys and secret keys for well-known vulnerabilities that can occur in IoT environments and sensor devices such as sniffing, spoofing, device mutual authentication, And safety. In addition, it is confirmed that it is superior in security and key management through comparison with existing smart home security protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.335-344
• /
• 2016

It is known that power analysis is one of the most powerful attack in side channel analysis. Among power analysis single trace attack is widely studied recently since it uses one power consumption trace to recover secret key of public cryptosystem. Recently Sim et al. proposed new exponentiation algorithm for RSA cryptosystem with higher attack complexity to prevent single trace attack. In this paper we analyze the vulnerability of exponentiation algorithm described by Sim et al. Sim et al. applied message blinding and random exponentiation splitting method on $2^t-ary$ for higher attack complexity. However we can reveal private key using information exposed during pre-computation generation. Also we describe modified algorithm that provides higher attack complexity on collision attack. Proposed algorithm minimized the reuse of value that are used during exponentiation to provide security under single collision attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.509-517
• /
• 2015

Side Channel Analysis of applying the power-consumption was known as effective method to analyze the key of security device based on chip. The precedential information of power-consumption was measured by the voltage distribution method using by series connection of resistor. This method was dependent on the strength of the voltage. If the voltage cannot be acquired much information which is involved with the key, the information of power-consumption significantly might be influenced by noise. If so, some of the information of power-consumption might be lost and distorted. Then, this loss can reduce the performance of the analysis. For the first time, this paper will be introduced the better way of the improvement with using the method of Current to Voltage Converter with OP-Amp. The suggested method can reduce the effect of the noise which is included in the side channel information. Therefore we can verify the result of our experiments which is provided with the improvement of the performance of side channel analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.827-835
• /
• 2022

In order to use online financial services, user authentication technology is necessary. Password check through keyboard typing is the most common technique. However, since it became known that key stokes on the keyboard can be intercepted easily, many Internet banking services and easy payment services have adopted the virtual keyboard. However, contrary to the expectation that the virtual keyboard will be safe, there is a risk that key strokes on the virtual keyboard can be leaked. In this paper, we analyzed the possibility of password leaking on the virtual keyboard and presented a password leaking method using mouse event hooking and screen capture in PC operating system. In addition, we inspected the possibility of password leak attacks on several famous Korea Internet banking websites and simple payment services, and as a result, we verified that the password input method through the virtual keyboard in the PC operating system is not secure.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.8
• /
• pp.1428-1434
• /
• 2006

In this paper, we propose the scheme solving privacy infringement in RFID systems with improving the scalability of back-end server. With RFID/USN becoming important subject, many approaches have been proposed and applied. However, limits of RFID, low computation power and storage, make the protection of privacy difficult. The Hash Chain scheme has been known as one guaranteeing forward security, confidentiality and indistinguishability. In spite of that, it is a problem that requires much of computation to identify tags in Back-End server. In this paper, we introduce an efficient key search method, the Hellman Method, to reduce computing complexity in Back-End server. Hellman Method algorism progresses pre-computation and (re)search. In this paper, after applying Hellman Method to Hash chain theory, We compared Preservation and key reference to analyze and apply to parallel With guaranteeing requistes of security for existing privacy protecting Comparing key reference reduced computation time of server to reduce computation complex from O(m) to $O(\frac{m{^2/3}}{w})$ than the existing form.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.47 no.1
• /
• pp.139-149
• /
• 2010

Random scalar countermeasures, which carry out the scalar multiplication by the ephemeral secret key, against the differential power analysis of ECIES and ECDH have been known to be secure against various power analyses. However, if an attacker can find this ephemeral key from the one power signal, these countermeasures can be analyzed. In this paper, we propose a new power attack method which can do this analysis. Proposed attack method can be accomplished while an attacker compares the elliptic curve doubling operations and we use the principle component analysis in order to ease this comparison. When we have actually carried out the proposed power analysis, we can perfectly eliminate the error of existing function for the comparison and find a private key from this elimination of the error.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.243-252
• /
• 2023

As an efficient key recovery attack on SIDH/SIKE was proposed, CSIDH is drawing attention again. CSIDH is an isogeny-based key exchange algorithm that is safe against known attacks to date, and provide efficient NIKE by modernizing CRS scheme. In this paper, we firstly present the optimized implementation of CSIDH-512 on ARM Cortex-M7. We use three-level hybrid Montgomery reduction and present the results of our implementation, limitations, and future research directions. This is a CSIDH implementation in 32-bit embedded devices that has not been previously presented, and it is expected that the results of this paper will be available to implement CSIDH and derived cryptographic algorithms in various embedded environments in the future.

• The KIPS Transactions:PartC
• /
• v.10C no.2
• /
• pp.133-140
• /
• 2003

IKE, which is the standard key management protocol for IPSEC, is said to have several known problems. To resolve the problems of the IKE, two protocol proposals are being discussed in the IETF. the IKE version 2 and Just Fast Keying protocols. They should satisfy several protocol design requirements such as the protocol simplicity, the endurability against DOS attacks, the degree of the PFS, the identity protection, the cryptographic negotiation, and the authentication methods. In this paper, we summarize the characteristics of these two protocols and try to analyze their implications according to the protocol design requirements.