Abstract: Provided is a module and method for transmitting information using a wireless hidden signal, which is capable of transmitting important information data requiring extreme security using a wireless hidden signal, and allowing the important information to be detected and distinguished by only promised transmitting/receiving parties so that the possibility of the wireless hidden signal being discovered can be minimized and security can be enhanced. The module for transferring information using a wireless hidden signal includes: a hidden formatting unit configured to generate a transmission data frame structure based on data that needs to be wirelessly transmitted; a hidden encoding unit configured to encode the generated transmission data frame structure to generate and output a hidden encoded bit stream; and a hidden modulation unit configured to convert the output hidden encoded bit stream into a wireless signal in a wireless transmission format.

Abstract: Disclosed herein is a method for detecting a covert channel in wireless communication. The method includes setting a wireless communication specification, detecting a covert timing channel, and detecting a covert storage channel.

Abstract: Disclosed herein are a hardware security module, a device having the hardware security module, and a method for operating the device. The method for verifying integrity of executable code in a device includes dividing, by a Micro-Control Unit (MCU), executable code into multiple blocks, generating, by the MCU, hash values corresponding to the blocks resulting from the division, storing, by a Hardware Security Module (HSM), the generated hash values, calculating, by the MCU, at least one hash value, among hash values of the multiple blocks when the executable code boots, and comparing, by the HSM, the calculated hash value with a hash value corresponding to the calculated hash value, among the hash values stored in the HSM.

Abstract: Disclosed herein are an apparatus and method for authenticating an IoT device. The method, performed by the IoT device authentication apparatus, includes transmitting, by the IoT device authentication apparatus, a random number to the IoT device and encrypting, by the IoT device authentication apparatus, the random number using a previously registered first white-box cryptography value through a white-box cryptography method; generating, by the IoT device, a first device response value from a previously registered first device challenge value using a Physical Unclonable Function (PUF) and encrypting, by the IoT device, the random number, received from the IoT device authentication apparatus, using the first device response value; and performing, by the IoT device authentication apparatus, authentication of the IoT device by checking whether the random number encrypted using the white-box cryptography method matches the random number encrypted using the PUF, which is received from the IoT device.

Abstract: Disclosed herein are an apparatus and method for device authentication. The method for device authentication based on a certificate using a PUF, performed by an apparatus for device authentication based on a certificate using a PUF, includes acquiring previously stored first Challenge-Response-Pair (CRP) information corresponding to identification information received from a device that requests authentication and generating a certificate including a public key generated using the first CRP information; transmitting a message in which the certificate encrypted using the first response value of the first CRP information as a server secret key and the first challenge value of the first CRP information are included to the device; and authenticating the device by verifying an encrypted signature message received from the device through a secure channel.

Abstract: Disclosed is a method of generating secret information on the basis of a ring oscillator. According to an embodiment of the present disclosure, there is provided an apparatus for generating secret information on the basis of a ring oscillator, the apparatus including: multiple PUF information generation units each including at least one ring oscillator cell and generating physically unclonable function (PUF) information generated by the at least one ring oscillator cell; a phase checking unit cross-checking phases for the multiple pieces of the PUF information that are output from the multiple PUF information generation units, respectively; and a secret key generation unit outputting secret key information based on a result of comparing the multiple phases received from the phase checking unit.

Abstract: Disclosed herein are a white-box encryption method for preventing a fault injection attack and an apparatus for the same. The white-box encryption method is configured to acquire a first intermediate value by inputting plaintext to a first part, among all of rounds of a white-box-based encryption algorithm, before table redundancy operations are performed, to input the first intermediate value to a second part for performing the table redundancy operations through at least two lookup tables to which different encodings based on a secret key are applied, among all of the rounds, to acquire a second intermediate value by inputting the output values of the at least two lookup tables to at least one XOR lookup table, and to output ciphertext for the plaintext based on a third part for decoding the second intermediate value.

Abstract: Disclosed herein are a hardware security module, a device having the hardware security module, and a method for operating the device. The method for verifying integrity of executable code in a device includes dividing, by a Micro-Control Unit (MCU), executable code into multiple blocks, generating, by the MCU, hash values corresponding to the blocks resulting from the division, storing, by a Hardware Security Module (HSM), the generated hash values, calculating, by the MCU, at least one hash value, among hash values of the multiple blocks when the executable code boots, and comparing, by the HSM, the calculated hash value with a hash value corresponding to the calculated hash value, among the hash values stored in the HSM.

Abstract: Disclosed herein are an apparatus and method for authenticating an IoT device. The method, performed by the IoT device authentication apparatus, includes transmitting, by the IoT device authentication apparatus, a random number to the IoT device and encrypting, by the IoT device authentication apparatus, the random number using a previously registered first white-box cryptography value through a white-box cryptography method; generating, by the IoT device, a first device response value from a previously registered first device challenge value using a Physical Unclonable Function (PUF) and encrypting, by the IoT device, the random number, received from the IoT device authentication apparatus, using the first device response value; and performing, by the IoT device authentication apparatus, authentication of the IoT device by checking whether the random number encrypted using the white-box cryptography method matches the random number encrypted using the PUF, which is received from the IoT device.

Abstract: Disclosed herein is a method of operating an authentication server based on a Physical Unclonable Function (PUF), which includes transmitting a Challenge-Response Pair (CRP) update request message to a user device when a CRP update event occurs, receiving a CRP update response message from the user device in response to the CRP update request message, generating a secret key corresponding to the CRP update request message, decrypting the CRP update response message with the secret key, and updating a CRP corresponding to the secret key in a database using the decrypted CRP update response message.

Abstract: A secret information generation apparatus and a method for operating the secret information generation apparatus. The secret information generation apparatus includes a resistor-capacitor circuit, and a microcontroller unit including a first pin connected to an input terminal of the resistor-capacitor circuit and a second pin connected to an output terminal of the resistor-capacitor circuit, wherein the microcontroller unit is configured to transmit a digital value corresponding to a challenge to the resistor-capacitor circuit through the first pin, receive an output value of the resistor-capacitor circuit corresponding to the digital value through the second pin, convert the received value into a digital value using an analog-to-digital converter, extract one or more valid bits from the converted digital value, and then generate a response.

Abstract: Disclosed herein are an apparatus and method for generating secret information. The apparatus includes a data communication unit for receiving a request to output a content value and outputting the content value; and a microcontroller unit for generating a Physically Unclonable Function (PUF) response based on the content value, calculating the characteristic value of the PUF response, and generating secret information using the PUF response, the error of which is corrected using the characteristic value.

Abstract: Disclosed is a method of generating secret information on the basis of a ring oscillator. According to an embodiment of the present disclosure, there is provided an apparatus for generating secret information on the basis of a ring oscillator, the apparatus including: multiple PUF information generation units each including at least one ring oscillator cell and generating physically unclonable function (PUF) information generated by the at least one ring oscillator cell; a phase checking unit cross-checking phases for the multiple pieces of the PUF information that are output from the multiple PUF information generation units, respectively; and a secret key generation unit outputting secret key information based on a result of comparing the multiple phases received from the phase checking unit.

Abstract: Provided are an operation method and a secure terminal for performing the method. The operation method may include receiving, from a user terminal, a plain text on which an external encoding operation is to be performed, performing the external encoding operation on the plain text, and transmitting the external encoding operated plain text to the user terminal, and the operation method may include receiving, from a user terminal, a cryptogram in which a white-box cryptography operation is performed on an external encoding operated plain text; performing an external decoding operation on the cryptogram; and transmitting the external decoding operated cryptogram to the user terminal.

Abstract: A white box encryption device is provided. The device included in a second device among a first device and the second device performing wired or wireless communication, and performing an encryption/decryption operation using a white box encryption table consisting of a look-up table set, includes, a non-volatile memory configured to store an incomplete look-up table set in which at least one look-up table or a portion of entire look-up table is removed, a volatile memory configured to store the incomplete look-up table set received from the non-volatile memory and the at least one look-up table received from the first device at a time of the encryption/decryption operation, and construct a complete look-up table set, and an encryption/decryption operation unit configured to perform the encryption/decryption operation using the complete look-up table set.

Abstract: An electric vehicle and a device and method for charging the electric vehicle are disclosed. The device for charging an electric vehicle includes a charger cable communication unit, a charger security unit, and a control unit. The charger cable communication unit receives encrypted electric vehicle charging information from an electric vehicle. The charger security unit decrypts the encrypted electric vehicle charging information. The control unit determines whether the decrypted electric vehicle charging information is identical with charger charging information. The charger security unit encrypts the charger charging information if the control unit of the device for charging an electric vehicle determines that the decrypted electric vehicle charging information is not identical with the charger charging information. The charger cable communication unit sends the encrypted charger charging information to the electric vehicle.

Abstract: A Radio Frequency Identification (RFID) tag and an interrogator that support a normal mode and a secure mode, and operating methods thereof are provided. The RFID tag may notify the interrogator of whether a current operating mode of the RFID tag is the normal mode or the secure mode, may perform different inventory processes based on the current operating mode, and may perform an authentication of the interrogator. Here, the RFID tag and the interrogator may also perform a mutual authentication.

Abstract: A masking addition operation apparatus for prevention of a side channel attack, includes a random value generation unit generating a first random value for a first input, second random value for a second input, and a summation random value. The masking addition operation apparatus includes an operation part performing an operation on the first and second random values, a previous carry input, and first and second masked random values generated based on the first and second random values. The masking addition operation apparatus includes a carry generator generating a carry input using a result of the operation part; and a summation bit generator generating a summation bit using the summation random value, the first and second random values, the previous carry input and the first and second masked random values.

Abstract: An apparatus for processing an F-function in a SEED encryption system includes: an arithmetic operation masking conversion unit for converting a logical operation mask value obtained by performing a logical operation of a SEED F-function input value and a random mask value into an arithmetic operation mask value; and a masking G-function unit for taking the arithmetic operation mask value from the arithmetic operation masking conversion unit as an input and producing an arithmetic operation output.

Abstract: Disclosed are a radio frequency identification (RFID) security apparatus and a method thereof. According to the RFID security method, a secure tag reader performs determining an AES key using security information received from a secure tag and generating an output key using the determined AES key, decrypting AES data received from the secure tag using the output key, and encrypting data to be transmitted to the secure tag using the output key and transmitting the data, and a secure tag performs generating an output key using an AES key and security information, and transmitting the security information to a secure tag reader, encrypting data to be transmitted to the secure tag reader using the output key, and transmitting the encrypted data to the secure tag reader, and decrypting data received from the secure tag reader using the output key.