-
公开(公告)号:KR1020150129459A
公开(公告)日:2015-11-20
申请号:KR1020140056453
申请日:2014-05-12
Applicant: 한국전자통신연구원
IPC: G09C1/00
CPC classification number: H04L9/08 , G06F12/1408 , G06F2212/1052 , H04L9/002 , H04L9/0847 , H04L9/085 , H04L2209/24
Abstract: 화이트박스암호화장치가개시된다. 이장치는유무선통신하는제1 및제2 장치에서, 상기제2 장치에포함되고, 룩업테이블집합으로이루어진화이트박스암호테이블을이용하여암/복호화연산을수행하기위해, 적어도하나의룩업테이블이제거된불완전한룩업테이블집합을저장하는비휘발성메모리와, 상기비휘발성메모리로부터입력받은상기불완전한룩업테이블집합과암/복호화연산시에상기제1 장치로부터수신된상기적어도하나의룩업테이블을저장하여, 완전한룩업테이블집합을구성하는휘발성메모리및 상기완전한룩업테이블집합을이용하여상기암/복호화연산을수행하는암/복호화연산부를 포함한다.
Abstract translation: 公开了一种白盒加密装置。 在执行彼此之间的无线和有线通信的第一和第二设备中,包括在用于使用由查找表集合组成的白盒密码表进行加密/解密的第二设备中的根据本发明的设备包括: 存储存储至少一个查找表被去除的不完美查找表集合的非易失性存储器; 当执行加密/解密计算以构建不完美的查找表集合时,存储存储从非易失性存储器输入的不完美查找表集合和从第一设备接收的至少一个查找表的易失性存储器; 以及加密/解密计算单元,其使用完美查找表集进行加密/解密计算。
-
公开(公告)号:KR101408303B1
公开(公告)日:2014-06-18
申请号:KR1020110124762
申请日:2011-11-28
Applicant: 한국전자통신연구원
Abstract: 본 발명은 암호 연산 장치가 암호 연산을 수행하는 과정에서 발생하는 소비 전력, 전자파 등의 누수 정보를 이용하여 암호 연산 장치 내의 비밀 정보를 추출하는 것을 제한하기 위하여 반복되는 부채널 정보 취득을 제한하는 장치 및 그 방법에 관한 것이다. 이러한, 반복되는 부채널 정보 취득을 제한하는 장치는 암호 연산 명령을 전달받을 때마다 일정한 시간 동안 설정 횟수 이상의 암호 연산이 수행되는지 여부를 판단하고, 판단 결과에 따라 암호 연산 명령의 수행 여부를 결정하는 반복 수행 탐지부, 공급되는 전원이 차단되었을 경우, 일정한 시간 동안 반복 수행 탐지부에 임계치 이상의 전압이 유지되도록 제어하는 전압 유지부 및 반복 수행 탐지부의 결정에 따라 암호 연산을 수행하는 암호 연산부를 포함한다.
-
公开(公告)号:KR1020130134850A
公开(公告)日:2013-12-10
申请号:KR1020120058684
申请日:2012-05-31
Applicant: 한국전자통신연구원
IPC: H04L9/38
CPC classification number: G01R13/00 , G01R13/029 , G06F17/00 , H04L9/002
Abstract: According to the present invention, a sub-channel analysis system makes the steps of sub-channel analysis including wave-collecting, preprocessing, and analyzing into processes, forms a profile managing each process with connection of processes to allow a user to easily check a parameter used in each process and wave which is the operating result of each process. Therefore, the user can easily understand all the steps of sub-channel analysis including wave-collecting, preprocessing, and analyzing by referring to the profile. [Reference numerals] (110) Wave-collecting unit;(120) Preprocessing unit;(130) Analysis unit;(140) Profile-forming unit;(AA) Water leak information;(BB) Analysis result
Abstract translation: 根据本发明,子信道分析系统使得包括波收集,预处理和分析处理的子信道分析步骤形成了通过进程连接来管理每个进程的简档,以允许用户容易地检查 每个过程中使用的参数和波,这是每个过程的操作结果。 因此,用户可以通过参考配置文件轻松了解子渠道分析的所有步骤,包括收集波,预处理和分析。 (110)收集单元(120)预处理单元;(130)分析单元;(140)轮廓形成单元;(AA)漏水信息;(BB)分析结果
-
公开(公告)号:KR101869064B1
公开(公告)日:2018-07-19
申请号:KR1020120058684
申请日:2012-05-31
Applicant: 한국전자통신연구원
IPC: H04L9/38
CPC classification number: G01R13/00 , G01R13/029 , G06F17/00 , H04L9/002
Abstract: 본발명에서는부채널분석시스템에서파형수집, 전처리, 분석에이르는부채널분석의각 과정을프로세스로만들고, 각과정을프로세스의연결로관리하는프로파일을구성하여, 각프로세스에서사용되는파라미터와프로세스의동작결과물인각각의파형을쉽게확인할수 있도록함으로써, 프로파일의참조를통해파형수집, 전처리, 분석등의부채널분석의모든과정을쉽게이해할수 있도록한다.
-
公开(公告)号:KR1020140116725A
公开(公告)日:2014-10-06
申请号:KR1020130031652
申请日:2013-03-25
Applicant: 한국전자통신연구원
CPC classification number: H04L9/003 , H04L9/0631 , H04L2209/08 , H04L2209/125
Abstract: The present invention relates to a method and an apparatus to process block encryption. The disclosed method to process block encryption comprises the steps of: generating an OPc divided value, an RAND divided value, and an S divided value by dividing an OPc generated by encrypting an OP via a block algorithm, a random number RAND and a random number S by the preset byte unit; determining a sequence of a process using the RAND divided value and a process using the S divided value and the OPc divided value; sequentially performing a logic operation between the RAND divided value and the OPc divided value, and a logic operation between the S divided value and the OPc divided value in accordance to the determined sequence; sequentially performing block encryption for a value resulted from the logic operation between the RAND divided value and the OPc divided value, and a value resulted from the logic operation between the S divided value and the OPc divided value in accordance to the determined sequence; and eliminating the block encryption result of the value resulted from the logic operation between the S divided value and the OPc divided value, and outputting the block encryption result of the value resulted from the logic operation between the RAND divided value and the OPc divided value. The present invention, performs in multiple times, an exclusive logic operation between the OPc value and the random number RAND and performs the logic operation and the encryption process using the random number RAND, and the logic operation and the encryption process using the random number S in accordance to an arbitrary sequence, thereby increasing the attack complexity to calculate a correlation coefficient at some point of a power consumption waveform when a correlation power analysis is performed effectively defending against a correlation power analysis attack.
Abstract translation: 本发明涉及一种处理块加密的方法和装置。 所公开的处理块加密的方法包括以下步骤:通过将通过块算法加密生成的OPc,随机数RAND和随机数除以产生的OPc,生成OPc划分值,RAND分割值和S分割值 S以预设字节单位; 使用所述RAND分割值确定处理的序列,以及使用所述S分割值和所述OPc分割值的处理; 根据所确定的顺序顺序地执行RAND分割值和OPc分割值之间的逻辑运算以及S分割值与OPc分割值之间的逻辑运算; 根据所确定的顺序对由RAND分割值和OPc分割值之间的逻辑运算产生的值以及由S分割值和OPc分割值之间的逻辑运算产生的值进行顺序执行块加密; 并且消除由S分割值和OPc分割值之间的逻辑运算导致的值的块加密结果,并输出由RAND分割值和OPc分割值之间的逻辑运算产生的值的块加密结果。 本发明多次执行OPc值和随机数RAND之间的异或逻辑运算,并使用随机数RAND执行逻辑运算和加密处理,并使用随机数S的逻辑运算和加密处理 从而提高攻击的复杂度,以便在相对功率分析进行有效防御相关功率分析攻击时计算功耗波形的某一点的相关系数。
-
Patent Agency Ranking
公开(公告)号:KR1020140068445A
公开(公告)日:2014-06-09
申请号:KR1020120135944
申请日:2012-11-28
Applicant: 한국전자통신연구원
Abstract: An apparatus for controlling injection of an error into a controlled device and a method thereof are disclosed. An apparatus for controlling injection of an error according to an embodiment of the present invention includes: an error injecting unit which injects a predetermined error into a controlled device to cause the controlled device to generate error information; a controlled device state sensing unit which senses whether the controlled device is in an inoperable state; and a control unit which extracts secret information of the controlled device using the error information generated by the controlled device, and initializes the controlled device when it is sensed that the controlled device is in an inoperable state. The apparatus additionally includes a communication control unit which provides the control unit with the error information generated by the controlled device and initializes the controlled device using an initialization command received from the control unit. Therefore, a process of repeated error injection and information extraction can be automated to minimize user intervention, thereby improving user convenience.
Abstract translation: 公开了一种用于控制将误差注入受控装置的装置及其方法。 根据本发明的实施例的用于控制错误的注入的装置包括:错误注入单元,其将预定的错误注入到受控设备中,以使受控设备产生错误信息; 受控设备状态感测单元,其感测受控设备是否处于不可操作状态; 以及控制单元,其使用由受控设备生成的错误信息来提取受控设备的秘密信息,并且当感测到受控设备处于不可操作状态时初始化受控设备。 该装置还包括通信控制单元,其向控制单元提供由受控设备生成的错误信息,并使用从控制单元接收的初始化命令来初始化受控设备。 因此,重复错误注入和信息提取的过程可以自动化以最小化用户干预,从而提高用户便利性。
-
公开(公告)号:KR1020120129045A
公开(公告)日:2012-11-28
申请号:KR1020110047064
申请日:2011-05-18
Applicant: 한국전자통신연구원
CPC classification number: G06F21/755
Abstract: PURPOSE: A method for implementing a symmetric key encoding algorithm corresponding to a sub-channel attack is provided to calculate masked S-box by creating and storing an affine map table and a masked inversion table. CONSTITUTION: An affine conversion table is created and stored(S20). A masking inversion table is created and stored(S30). The masked S-box is calculated using the affine conversion table and the masking inversion table(S40). The affine conversion table and the masking inversion table are commonly used at every round. [Reference numerals] (AA) Start; (BB) Finish; (S10) Inversion table is stored; (S20) Affine conversion table is stored; (S30) Masking inversion table is stored; (S40) Masked S-box is calculated using the affine conversion table, the affine conversion table, and the masking inversion table
Abstract translation: 目的:提供一种实现与子信道攻击相对应的对称密钥编码算法的方法,通过创建和存储仿射映射表和掩码反转表来计算被掩蔽的S盒。 构成:创建并存储仿射变换表(S20)。 创建并存储掩蔽反转表(S30)。 使用仿射变换表和掩蔽反演表计算掩蔽的S-box(S40)。 通常在每一轮使用仿射变换表和掩蔽反演表。 (附图标记)(AA)开始; (BB)完成; (S10)存储反转表; (S20)存储仿射转换表; (S30)存储掩码反转表; (S40)使用仿射变换表,仿射变换表和掩蔽反转表来计算被掩蔽的S盒
-
公开(公告)号:KR1020110071931A
公开(公告)日:2011-06-29
申请号:KR1020090128654
申请日:2009-12-22
Applicant: 한국전자통신연구원
IPC: H04L9/38
Abstract: PURPOSE: A waveform information file generation method for a subchannel analysis system is provided to improve analysis speed according to the reduction of data quantity, by collecting many waveform files. CONSTITUTION: A waveform information file comprises a header field(100), a data field(200) and an additional information field(300). The header field comprises information for managing waveform data to be transmitted. The header field includes a data type(110), project information(120), a sampling frequency(130), waveform number, waveform length(150), voltage offset(160) and voltage gain(170). 32 bit integer type data can be recorded in the sampling frequency, the waveform number and waveform length domain. 32 bit floating point data can be recorded in the voltage offset and the voltage gain domain. The waveform data to be transmitted can be recorded in the data field. The additional information field records information for signal processing added to the waveform data to be transmitted.
Abstract translation: 目的:提供一种用于子通道分析系统的波形信息文件生成方法,通过收集许多波形文件,根据数据量的减少来提高分析速度。 构成:波形信息文件包括头字段(100),数据字段(200)和附加信息字段(300)。 报头字段包括用于管理要发送的波形数据的信息。 标题字段包括数据类型(110),项目信息(120),采样频率(130),波形号,波形长度(150),电压偏移(160)和电压增益(170)。 32位整数型数据可以记录在采样频率,波形数和波形长度域中。 32位浮点数据可以记录在电压偏移和电压增益域中。 要发送的波形数据可以记录在数据字段中。 附加信息字段记录添加到要发送的波形数据中的信号处理信息。
-
公开(公告)号:KR100932905B1
公开(公告)日:2009-12-21
申请号:KR1020070106214
申请日:2007-10-22
Applicant: 한국전자통신연구원
Abstract: Sensing data relay apparatus and method, sensing data management apparatus and method, a sensor network system thereof are provided to prevent data loss and transmission delay by stably transmitting data in a state that security information and close nodes are not established. A pre-authentication data delay unit(211) relays first sensing data received from a mobile sensor node(200) to a base node(220) at minimum transmission rate, and a security information receiving unit(212) receives and stores not only share encryption key about the mobile sensor node but also re-setup data transmission rate from the base node. An authentication unit(213) authenticates second sensing data received from the mobile sensor node with the share encryption key, and a post-authentication data relay unit(214) relays the authenticated second sensing data to the base node at the re-setup data transmission rate.
Abstract translation: 提供感测数据中继设备和方法,感测数据管理设备和方法及其传感器网络系统,以通过在安全信息和关闭节点未建立的状态下稳定地传输数据来防止数据丢失和传输延迟。 预认证数据延迟单元(211)以最小传输速率将从移动传感器节点(200)接收的第一感测数据中继到基节点(220),并且安全信息接收单元(212)不仅接收并存储 加密密钥关于移动传感器节点,而且还从基节点重新建立数据传输速率。 认证单元(213)使用共享加密密钥认证从移动传感器节点接收到的第二感测数据,并且认证后数据中继单元(214)在重新建立数据传输时将认证的第二感测数据中继到基节点 率。
-
公开(公告)号:KR1020090059222A
公开(公告)日:2009-06-11
申请号:KR1020070125956
申请日:2007-12-06
Applicant: 한국전자통신연구원
Abstract: A method and a system for detecting bogus sensor nodes in a wireless sensor network are provided to judge whether or not data is forged in a wireless relay interval by directly checking the forged data without sensor nodes that relay data. A first sensor node(110) transmits first data to a wireless relay section(120), and receives second data corresponding to the first data from a second sensor node. The first sensor node judges whether or not the first data are forged in the wireless relay section based on the comparison of the received second data with the first dat. The second sensor node receives the first data from the sensor nodes adjacent sensor node, and generates the second data by processing the received first data.
Abstract translation: 提供了一种用于检测无线传感器网络中的假传感器节点的方法和系统,用于通过直接检查伪造的数据来判断在无线中继间隔中是否伪造数据,而无需传送数据的传感器节点。 第一传感器节点(110)将第一数据发送到无线中继部分(120),并且从第二传感器节点接收对应于第一数据的第二数据。 第一传感器节点基于接收到的第二数据与第一数据的比较来判断第一数据是否在无线中继部分中伪造。 第二传感器节点从相邻传感器节点的传感器节点接收第一数据,并且通过处理所接收的第一数据来生成第二数据。
-
-
-
-
-
-
-
-
-
Search Results
54
records
(took 0.024 seconds)
