You Sung Kang

A Security Framework for a Drone Delivery Service

Delivery drones are unmanned aerial vehicles (UAV) utilized to transport packages, food, medicine, or other goods. With high demand for a prompt and efficient delivery, a drone delivery system can be an effective solution for timely deliveries and especially for emergency management. However, current delivery drone systems lack crucial security functions. Drones may have to operate in unsupervised hostile areas, and therefore be vulnerable to physical capture in addition to conventional cyber attacks. A captured drone can be analyzed by a white-box attack model in which the attacker has full control over the execution environment of cryptographic modules in static and dynamic methods including all side-channel information. In this paper, we propose and evaluate a security framework which utilizes white-box cryptography in order to protect critical data and cryptographic keys in delivery drones from white-box attacks. The experimental results show that the proposed framework is cost effective in terms of resource usage and thus is suitable even for resource-limited UAV.

A new fault cryptanalysis on montgomery ladder exponentiation algorithm

The Montgomery ladder exponentiation algorithm is recognized as a very efficient countermeasure against Simple Power Analysis and C Safe-Error Attacks on RSA or elliptic curve cryptosystem. In this paper, we demonstrate the vulnerability of the Montgomery ladder algorithm to fault analysis attack when an error is injected during its operation in an embedded cryptographic chip. After injecting an error, we measure the power traced and compare it with an original correct trace. As a result, we can derive the secret key of the public-key cryptosystems such as RSA by computing the correlation coefficients of two power traces for correct and faulty cryptographic operations with same input.

Security Analysis on RFID Mutual Authentication Protocol

Radio frequency identification RFID has received much attention both in industry and academia in recent years. To this extent, the international standards group, ISO/IEC JTC 1/SC 31, is in the midst of standardization activity to define the security extension to the EPCglobal Generation 2 Gen2 ultra high frequency UHF air interface protocols for secure RFID communications. In this paper, we investigate a vulnerability of an RFID mutual authentication protocol that was highlighted in a recent letteri¾?[5]. Our analysis presents that the attack on the mutual authentication protocol is just a relay operation between a legitimate reader and a legitimate tag. We also propose the threshold values of data rate between a reader and a tag based on link timing parameters of passive UHF RFID systems.

Efficient key detection method in the correlation electromagnetic analysis using peak selection algorithm

A side channel analysis is a very efficient attack against small devices such as smart cards and wireless sensor nodes. In this paper, we propose an efficient key detection method using a peak selection algorithm in order to find the advanced encryption standard secret key from electromagnetic signals. The proposed method is applied to a correlation electromagnetic analysis (CEMA) attack against a wireless sensor node. Our approach results in increase in the correlation coefficient in comparison with the general CEMA. The experimental results show that the proposed method can efficiently and reliably uncover the entire 128-bit key with a small number of traces, whereas some extant methods can reveal only partial subkeys by using a large number of traces in the same conditions.