2011 | OriginalPaper | Buchkapitel
Fault Attacks on the Montgomery Powering Ladder
verfasst von : Jörn-Marc Schmidt, Marcel Medwed
Erschienen in: Information Security and Cryptology - ICISC 2010
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Security-aware embedded devices which are likely to operate in hostile environments need protection against physical attacks. For the RSA public-key algorithm, protected versions of the Montgomery powering ladder have gained popularity as countermeasures for such attacks.
In this paper, we present a general fault attack against RSA implementations which use the Montgomery powering ladder. In a first step, we discuss under which realistic fault assumptions our observation can be used to attack basic implementations. In a second step, we extend our attack to a scenario, where the message is blinded at the beginning of the exponentiation algorithm. To the best of our knowledge this is the first fault attack on a blinded Montgomery powering ladder.