Public Key Perturbation of Randomized RSA Implementations

被引：0

作者：

Berzati, Alexandre ^{[1
,2
]}

Canovas-Dumas, Cecile ^{[1
]}

Goubin, Louis ^{[2
]}

机构：

[1] CEA, LETI, MINATEC, 17 Rue Martyrs, F-38054 Grenoble 9, France

[2] Versailles St Quentin En Yvelines Univ, F-78035 Versailles, France

来源：

CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2010 | 2010年 / 6225卷

关键词：

RSA; fault attacks; exponent randomization/blinding; public modulus; ELLIPTIC CURVE CRYPTOSYSTEMS; FAULT ATTACKS; EXPONENT;

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Among all countermeasures that have been proposed to thwart side-channel attacks against RSA implementations, the exponent randomization method - also known as exponent blinding - has been very early suggested by P. Kocher in 1996, and formalized by J.-S. Coron at CHES 1999. Although it has been used for a long time, some authors pointed out the fact that it does not intrinsically remove all sources of leakage. At CHES 2003, P.-A. Fouque and F. Valette devised the so-called "Doubling Attack" that can recover the blinded secret exponent from an SPA analysis. In this paper, we consider the case of fault injections. Although it was conjectured by A. Berzati et al. at CT-RSA 2009 that exponent randomization avoids fault attacks, we describe here how to recover the RSA private key under a practical fault model. Our attack belongs to the family of public key perturbations and is the first fault attack against RSA implementations with the exponent randomization countermeasure. In practice, for a 1024-bit RSA signature algorithms, the attack succeeds from about 1000 faulty signatures.

引用

页码：306 / +

页数：4

共 50 条

[31] Performance Analysis of Public key Cryptographic Systems RSA and NTRU
Challa, Narasimham
Pradhan, Jayaram
[J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2007, 7 (08): : 87 - 96
[32] Key Generation Research of RSA Public Cryptosystem and Matlab Implement
Wang, Hongjun
Song, Zhiwen
Niu, Xiaoyu
Ding, Qun
[J]. 2013 INTERNATIONAL CONFERENCE ON SENSOR NETWORK SECURITY TECHNOLOGY AND PRIVACY COMMUNICATION SYSTEM (SNS & PCS), 2013, : 125 - 129
[33] Development of Public Key Cryptosystem RSA via Multidimensional Algebra
Abo-Alsood, Hadeel Hadi
Hamza, Mohammed Hassan
Al-Bairmani, Sukaina Abdullah
Yassein, Hassan Rashed
[J]. INTERNATIONAL JOURNAL OF MATHEMATICS AND COMPUTER SCIENCE, 2024, 19 (04): : 1177 - 1182
[34] New VLSI architectures of RSA public-key cryptosystem
Wang, PA
Tsai, WC
Shung, GB
[J]. ISCAS '97 - PROCEEDINGS OF 1997 IEEE INTERNATIONAL SYMPOSIUM ON CIRCUITS AND SYSTEMS, VOLS I - IV: CIRCUITS AND SYSTEMS IN THE INFORMATION AGE, 1997, : 2040 - 2043
[35] A teaching module on the history of public-key cryptography and RSA
Jankvist, Uffe Thomas
[J]. BSHM BULLETIN-JOURNAL OF THE BRITISH SOCIETY FOR THE HISTORY OF MATHEMATICS, 2008, 23 (03): : 157 - 168
[36] FPGA implementation of RSA public-key cryptographic coprocessor
Hani, MK
Lin, TS
Shaikh-Husin, N
[J]. IEEE 2000 TENCON PROCEEDINGS, VOLS I-III: INTELLIGENT SYSTEMS AND TECHNOLOGIES FOR THE NEW MILLENNIUM, 2000, : B6 - B11
[37] FAST DECIPHERMENT ALGORITHM FOR RSA PUBLIC-KEY CRYPTOSYSTEM
QUISQUATER, JJ
COUVREUR, C
[J]. ELECTRONICS LETTERS, 1982, 18 (21) : 905 - 907
[38] An efficient VLSI architecture for RSA public-key cryptosystem
Chiang, JS
Chen, JK
[J]. ISCAS '99: PROCEEDINGS OF THE 1999 IEEE INTERNATIONAL SYMPOSIUM ON CIRCUITS AND SYSTEMS, VOL 1: VLSI, 1999, : 496 - 499
[39] A SEMANTICALLY SECURE PUBLIC-KEY CRYPTOSYSTEM BASED ON RSA
Romankov, V. A.
[J]. PRIKLADNAYA DISKRETNAYA MATEMATIKA, 2015, 29 (03): : 32 - 40
[40] Moduli for testing implementations of the RSA cryptosystem
Walter, CD
[J]. 14TH IEEE SYMPOSIUM ON COMPUTER ARITHMETIC, PROCEEDINGS, 1999, : 78 - 85

← 1 2 3 4 5 →