Abstract:
본 발명은 암호 연산 장치가 암호 연산을 수행하는 과정에서 발생하는 소비 전력, 전자파 등의 누수 정보를 이용하여 암호 연산 장치 내의 비밀 정보를 추출하는 것을 제한하기 위하여 반복되는 부채널 정보 취득을 제한하는 장치 및 그 방법에 관한 것이다. 이러한, 반복되는 부채널 정보 취득을 제한하는 장치는 암호 연산 명령을 전달받을 때마다 일정한 시간 동안 설정 횟수 이상의 암호 연산이 수행되는지 여부를 판단하고, 판단 결과에 따라 암호 연산 명령의 수행 여부를 결정하는 반복 수행 탐지부, 공급되는 전원이 차단되었을 경우, 일정한 시간 동안 반복 수행 탐지부에 임계치 이상의 전압이 유지되도록 제어하는 전압 유지부 및 반복 수행 탐지부의 결정에 따라 암호 연산을 수행하는 암호 연산부를 포함한다.
Abstract:
According to the present invention, a sub-channel analysis system makes the steps of sub-channel analysis including wave-collecting, preprocessing, and analyzing into processes, forms a profile managing each process with connection of processes to allow a user to easily check a parameter used in each process and wave which is the operating result of each process. Therefore, the user can easily understand all the steps of sub-channel analysis including wave-collecting, preprocessing, and analyzing by referring to the profile. [Reference numerals] (110) Wave-collecting unit;(120) Preprocessing unit;(130) Analysis unit;(140) Profile-forming unit;(AA) Water leak information;(BB) Analysis result
Abstract:
The present invention relates to a method and an apparatus to process block encryption. The disclosed method to process block encryption comprises the steps of: generating an OPc divided value, an RAND divided value, and an S divided value by dividing an OPc generated by encrypting an OP via a block algorithm, a random number RAND and a random number S by the preset byte unit; determining a sequence of a process using the RAND divided value and a process using the S divided value and the OPc divided value; sequentially performing a logic operation between the RAND divided value and the OPc divided value, and a logic operation between the S divided value and the OPc divided value in accordance to the determined sequence; sequentially performing block encryption for a value resulted from the logic operation between the RAND divided value and the OPc divided value, and a value resulted from the logic operation between the S divided value and the OPc divided value in accordance to the determined sequence; and eliminating the block encryption result of the value resulted from the logic operation between the S divided value and the OPc divided value, and outputting the block encryption result of the value resulted from the logic operation between the RAND divided value and the OPc divided value. The present invention, performs in multiple times, an exclusive logic operation between the OPc value and the random number RAND and performs the logic operation and the encryption process using the random number RAND, and the logic operation and the encryption process using the random number S in accordance to an arbitrary sequence, thereby increasing the attack complexity to calculate a correlation coefficient at some point of a power consumption waveform when a correlation power analysis is performed effectively defending against a correlation power analysis attack.
Abstract:
An apparatus for controlling injection of an error into a controlled device and a method thereof are disclosed. An apparatus for controlling injection of an error according to an embodiment of the present invention includes: an error injecting unit which injects a predetermined error into a controlled device to cause the controlled device to generate error information; a controlled device state sensing unit which senses whether the controlled device is in an inoperable state; and a control unit which extracts secret information of the controlled device using the error information generated by the controlled device, and initializes the controlled device when it is sensed that the controlled device is in an inoperable state. The apparatus additionally includes a communication control unit which provides the control unit with the error information generated by the controlled device and initializes the controlled device using an initialization command received from the control unit. Therefore, a process of repeated error injection and information extraction can be automated to minimize user intervention, thereby improving user convenience.
Abstract:
PURPOSE: A method for implementing a symmetric key encoding algorithm corresponding to a sub-channel attack is provided to calculate masked S-box by creating and storing an affine map table and a masked inversion table. CONSTITUTION: An affine conversion table is created and stored(S20). A masking inversion table is created and stored(S30). The masked S-box is calculated using the affine conversion table and the masking inversion table(S40). The affine conversion table and the masking inversion table are commonly used at every round. [Reference numerals] (AA) Start; (BB) Finish; (S10) Inversion table is stored; (S20) Affine conversion table is stored; (S30) Masking inversion table is stored; (S40) Masked S-box is calculated using the affine conversion table, the affine conversion table, and the masking inversion table
Abstract:
PURPOSE: A waveform information file generation method for a subchannel analysis system is provided to improve analysis speed according to the reduction of data quantity, by collecting many waveform files. CONSTITUTION: A waveform information file comprises a header field(100), a data field(200) and an additional information field(300). The header field comprises information for managing waveform data to be transmitted. The header field includes a data type(110), project information(120), a sampling frequency(130), waveform number, waveform length(150), voltage offset(160) and voltage gain(170). 32 bit integer type data can be recorded in the sampling frequency, the waveform number and waveform length domain. 32 bit floating point data can be recorded in the voltage offset and the voltage gain domain. The waveform data to be transmitted can be recorded in the data field. The additional information field records information for signal processing added to the waveform data to be transmitted.
Abstract:
Sensing data relay apparatus and method, sensing data management apparatus and method, a sensor network system thereof are provided to prevent data loss and transmission delay by stably transmitting data in a state that security information and close nodes are not established. A pre-authentication data delay unit(211) relays first sensing data received from a mobile sensor node(200) to a base node(220) at minimum transmission rate, and a security information receiving unit(212) receives and stores not only share encryption key about the mobile sensor node but also re-setup data transmission rate from the base node. An authentication unit(213) authenticates second sensing data received from the mobile sensor node with the share encryption key, and a post-authentication data relay unit(214) relays the authenticated second sensing data to the base node at the re-setup data transmission rate.
Abstract:
A method and a system for detecting bogus sensor nodes in a wireless sensor network are provided to judge whether or not data is forged in a wireless relay interval by directly checking the forged data without sensor nodes that relay data. A first sensor node(110) transmits first data to a wireless relay section(120), and receives second data corresponding to the first data from a second sensor node. The first sensor node judges whether or not the first data are forged in the wireless relay section based on the comparison of the received second data with the first dat. The second sensor node receives the first data from the sensor nodes adjacent sensor node, and generates the second data by processing the received first data.