Introduction of Side Channel Analysis /e-Banking authentication technologies in Korea

2017-06-09

▣ Title : Introduction of Side Channel

Analysis / e-Banking

authentication technologies in Korea

Speaker

: Prof.

Dong-Guk Han (Kookmin U.) / Dr. Shim Hee-won

(Financial Security Agency)

Date

& Time : Friday, October 18 (1:30

~ 3:00pm)

Place

: LG Research Building, Room #101

Host

: Prof. Pil Joong Lee (Tel. 2232) 

▣ Abstract :

Introduction of Side Channel Analysis

 

In

cryptography, a side channel attack is any attack based on information gained

from the physical implementation of a cryptosystem, rather than brute force or

theoretical weaknesses in the algorithms (compare cryptanalysis). For example,

timing information, power consumption, electromagnetic leaks or even sound can

provide an extra source of information which can be exploited to break the

system. Some side-channel attacks require technical knowledge of the internal

operation of the system on which the cryptography is implemented, although

others such as differential power analysis are effective as black-box attacks.

Many powerful side channel attacks are based on statistical methods pioneered

by Paul Kocher. A power analysis attack can provide even more detailed

information by observing the power consumption of a hardware device such as CPU

or cryptographic circuit. These attacks are roughly categorized into simple

power analysis (SPA) and differential power analysis (DPA). Today, I will

introduce SPA and DPA on AES and its countermeasures.

 

e-Banking authentication technologies in

Korea

 

In

recent years we have witnessed the increase of online-banking abuses. Since

e-banking is used widely, malicious and criminal users have become more

interested in it. Consequently, more sophisticated attacks on online-banking

have come up. Most recent trends go towards complex phishing, pharmingor memory hacking. Attacker exploit on one hand psychological and sociological

properties of users and on the other hand technical flaws and weaknesses. As

online transactions require new authentication methods, banks are trying to

introduce new approaches

 

in

order to prevent attacks being successful and to increase security. So, this

presentation introduces recent authentication technologies to ensure the

security for e-banking.

 

목록