• Proceedings of the IEEK Conference
• /
• 2004.06b
• /
• pp.521-524
• /
• 2004

For implementation of Cryptographic algorithms, security against implementation attacks such as side-channel attacks as well as the speed and the size of the circuit is important. Power Analysis attacks are powerful techniques of side-channel attacks to exploit secret information of crypto-processors. In this thesis the FPGA implementation of versatile elliptic crypto-processor is described. Explain the analysis of power consumption of ALTERA FPGA(FLEX10KE) that is used in our hand made board. Conclusively this thesis presents clear proof that implementations of Elliptic Curve Crypto-systems are vulnerable to Differential Power Analysis attacks as well as Simple Power Analysis attacks.

• Nuclear Engineering and Technology
• /
• v.51 no.1
• /
• pp.138-145
• /
• 2019

With the application of digital technology to safety-critical infrastructures, cyber-attacks have emerged as one of the new dangerous threats. In safety-critical infrastructures such as a nuclear power plant (NPP), a cyber-attack could have serious consequences by initiating dangerous events or rendering important safety systems unavailable. Since a cyber-attack is conducted intentionally, numerous possible cases should be considered for developing a cyber security system, such as the attack paths, methods, and potential target systems. Therefore, prior to developing a risk-informed cyber security strategy, the importance of cyber-attacks and significant critical digital assets (CDAs) should be analyzed. In this work, an importance analysis method for cyber-attacks on an NPP was proposed using the probabilistic safety assessment (PSA) method. To develop an importance analysis framework for cyber-attacks, possible cyber-attacks were identified with failure modes, and a PSA model for cyber-attacks was developed. For case studies, the quantitative evaluations of cyber-attack scenarios were performed using the proposed method. By using quantitative importance of cyber-attacks and identifying significant CDAs that must be defended against cyber-attacks, it is possible to develop an efficient and reliable defense strategy against cyber-attacks on NPPs.

• ETRI Journal
• /
• v.38 no.2
• /
• pp.387-396
• /
• 2016

This paper introduces a new type of collision attack on first-order masked Advanced Encryption Standards. This attack is a known-plaintext attack, while the existing collision attacks are chosen-plaintext attacks. In addition, our method requires significantly fewer power measurements than any second-order differential power analysis or existing collision attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.39-49
• /
• 2020

In this paper, we show that the Chinese standard block cipher SM4 is vulnerable to the side channel attacks and present a countermeasure to resist them. We firstly validate that the secret key of SM4 can be recovered by differential power analysis(DPA) and correlation power analysis(CPA) attacks. Therefore we analyze the vulnerable element caused by power attack and propose a first order masking-based countermeasure to defeat DPA and CPA attacks. Although the proposed countermeasure unfortunately is still vulnerable to the profiling power attacks such as deep learning-based multi layer perceptron(MLP), it can sufficiently overcome the non-profiling attacks such as DPA and CPA.

• Journal of Digital Contents Society
• /
• v.19 no.3
• /
• pp.579-586
• /
• 2018

Simple Power Analysis(SPA) and Differential Power Analysis(DPA) attacks are Side Channel Attacks(SCA) which were introduced in 1999 by Kocher et al [2]. SPA corresponds to attacks in which an adversary directly recovers key material from the inspection of a single measurement trace (i.e. power consumption or electromagnetic radiation). DPA is a more sophisticated attacks in which the leakage corresponding to different measurement traces (i.e. different plaintexts encrypted under the same key) is combined. Defenses against SPA and DPA are difficult, since they essentially only reduce the signal the adversary is reading, PA and DPA. This paper presents a study on rekeying and sponged-based approach against SCA with current secure schemes. We also propose a fixed ISAP scheme with more secure encryption and authentication based on secure re-keying and sponge functions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.35-43
• /
• 2003

The randomization of scalar multiplication in ECC is one of the fundamental concepts in defense methods against side-channel attacks. This paper proposes a countermeasure against simple and differential power analysis attacks through randomizing the transformed m-ary method based on a random m-ary receding algorithm. The proposed method requires an additional computational load compared to the standard m-ary method, yet the power consumption is independent of the secret key. Accordingly, since computational tracks using random window width can resist against SPA and DPA, the proposed countermeasure can improve the security for smart cards.

• ETRI Journal
• /
• v.29 no.5
• /
• pp.619-632
• /
• 2007

Side channel attacks are a very serious menace to embedded devices with cryptographic applications. To counteract such attacks many randomization techniques have been proposed. One efficient technique in elliptic curve cryptosystems randomizes addition chains with binary signed digit (BSD) representations of the secret key. However, when such countermeasures have been used alone, most of them have been broken by various simple power analysis attacks. In this paper, we consider combinations which can enhance the security of countermeasures using BSD representations by adding additional countermeasures. First, we propose several ways the improved countermeasures based on BSD representations can be attacked. In an actual statistical power analysis attack, the number of samples plays an important role. Therefore, we estimate the number of samples needed in the proposed attack.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.356-360
• /
• 2006

Recently, many power analysis attacks have been proposed. Since the attacks are powerful, it is very important to implement cryptosystems securely against the attacks. We propose countermeasures against power analysis attacks for elliptic curve cryptosystems based on Koblitz curves (KCs), which are a special class of elliptic curves. That is, we make our countermeasures be secure against SPA, DPA, and new DPA attacks, specially RPA, ZPA, using a random point at each execution of elliptic curve scalar multiplication. And since our countermeasures are designed to use the Frobenius map of KC, those are very fast.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1127-1136
• /
• 2021

In the field of power analysis attacks, electrical noise and misalignment of the power consumption trace are the major factors that determine the success of the attack. Therefore, several studies have been conducted to overcome this problem, and one of them is a signal processing method based on wavelet transform. Up to now, discrete wavelet transform, which can compress the trace, has been mostly used for power side-channel power analysis because continuous wavelet transform techniques increase data size and analysis time, and there is no efficient scale selection method. In this paper, we propose an efficient scale selection method optimized for power analysis attacks. Furthermore, we show that the analysis performance can be greatly improved when using the proposed method. As a result of the CPA(Correlation Power Analysis) and DDLA(Differential Deep Learning Analysis) experiments, which are non-profiling attacks, we confirmed that the proposed method is effective for noise reduction and trace alignment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.1094-1107
• /
• 2013

NTRU cryptosystem has been suggested for protecting wireless body area networks, which is secure in the sense of traditional cryptanalysis. In this paper, we fulfill the first power analysis attack on the ultra-low-power environment of wireless body area networks. Specifically, two practical differential power analyses on NTRU algorithm are proposed, which can attack the existing countermeasures of NTRU. Accordingly, we suggest three countermeasures against our attacks. Meanwhile, practical experiments show that although the attacks in this paper are efficient, our countermeasures can resist them effectively.