Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Journal of Cryptographic Engineering
Erschienen in: Journal of Cryptographic Engineering 1/2013

01.04.2013 | CHES 2012

Attacking RSA–CRT signatures with faults on montgomery multiplication

verfasst von: Pierre-Alain Fouque, Nicolas Guillermin, Delphine Leresteux, Mehdi Tibouchi, Jean-Christophe Zapalowicz

Erschienen in: Journal of Cryptographic Engineering | Ausgabe 1/2013

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

In this paper, we present several efficient fault attacks against implementations of RSA–CRT signatures that use modular exponentiation algorithms based on Montgomery multiplication. They apply to any padding function, including randomized paddings, and as such are the first fault attacks effective against RSA–PSS. The new attacks are based on the assumption that a small register can be forced to either zero, or a constant value, or a value with zero high-order bits. We show that these models are quite realistic, as such faults can be achieved against many proposed hardware designs for RSA signatures.
Vorheriger Artikel Unified and optimized linear collision attacks and their application in a non-profiled setting: extended version

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Fußnoten
1
Meaning that all the PEs are the same.
 
Literatur
1.
Aciiçmez, O., Schindler, W., Koç, Ç.K.: Improving Brumley and Boneh timing attack on unprotected SSL implementations, pp. 139–146. In ACM Conference on Computer and Communications, Security (2005)
2.
Aumüller, C., Bier, P., Fischer, W., Hofreiter, P., Seifert, J.-P.: Fault attacks on RSA with CRT: concrete results and practical countermeasures. In CHES, pp. 260–275 (2002)
3.
Bellare, M., Rogaway, P.: PSS: provably secure encoding method for digital signatures. Submission to IEEE P1363 (1998)
4.
Bellare, M., Rogaway, P.: Probabilistic signature scheme. Patent, 2001. US 6266771
5.
Blömer, J., Otto, M., Seifert, J.-P.: A new CRT-RSA algorithm secure against Bellcore attacks, pp. 311–320. In: ACM Conference on Computer and Communications, Security (2003)
6.
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In EUROCRYPT, pp. 37–51 (1997)
7.
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of eliminating errors in cryptographic computations. J. Cryptol. 14(2), 101–119 (2001)MathSciNetMATHCrossRef
8.
Brier, E., Naccache, D., Nguyen, P.Q., Tibouchi, M.: Modulus fault attacks against RSA-CRT signatures. In: CHES, pp. 192–206 (2011)
9.
Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)CrossRef
10.
Chen, Y., Nguyen, P.Q.: Faster algorithms for approximate common divisors. In: EUROCRYPT, pp. 502–519 (2012)
11.
Chow, G.C.T., Eguro, K., Luk, W., Leong, P.: A Karatsuba-based Montgomery multiplier. In: FPL’10, pp. 434–437 (2010)
12.
Ciet, M., Joye, M.: Practical fault countermeasures for Chinese remaindering based cryptosystems. In: Breveglieri, L., Koren, I. (eds.) FDTC, pp. 124–131 (2005)
13.
14.
Coron, J.-S., Giraud, C., Morin, N., Piret, G., Vigilant, D.: Fault attacks and countermeasures on Vigilant’s RSA-CRT algorithm. In FDTC, pp. 89–96 (2010)
15.
Coron, J.-S., Joux, A., Kizhvatov, I., Naccache, D., Paillier, P.: Fault attacks on RSA signatures with partially unknown messages. In: CHES, pp. 444–456 (2009)
16.
Coron, J.-S., Mandal, A.: PSS is secure against random fault attacks. In: ASIACRYPT, pp. 653–666 (2009)
17.
Coron, J.-S., Naccache, D., Tibouchi, M.: Fault attacks against EMV signatures. In: CT-RSA, pp. 208–220 (2010)
18.
Fouque, P.-A., Guillermin, N., Leresteux, D., Tibouchi, M., Zapalowicz, J.-C.: Attacking rsa-crt signatures with faults on montgomery multiplication. In CHES, pp. 447–462 (2012)
19.
Garner, H.L.: The residue number system. In: IRE-AIEE-ACM ’59 (Western), pp. 146–153. ACM (1959)
20.
Giraud, C.: An RSA implementation resistant to fault attacks and to simple power analysis. IEEE Trans. Comput. 55(9), 1116–1120 (2006)CrossRef
21.
Howgrave-Graham, N.: Approximate integer common divisors. In: CaLC, pp. 51–66 (2001)
22.
Huang, M., Gaj, K., Kwon, S., El-Ghazawi, T.A.: An optimized hardware architecture for the Montgomery multiplication algorithm. In: Public Key Cryptography, pp. 214–228 (2008)
23.
24.
Koç, Ç.K., Acar, T.: Analyzing and comparing Montgomery multiplication algorithms. IEEE Micro 16(3), 26–33 (1996)CrossRef
25.
McIvor, C., McLoone, M., McCanny, J.: Modified Montgomery modular multiplication and RSA exponentiation techniques. IEE Proc. Comput. Digital Tech. 151(6), 402–408 (2004)CrossRef
26.
Mentens, N., Sakiyama, K., Preneel, B., Verbauwhede, I.: Efficient pipelining for modular multiplication architectures in prime fields. In: Proceedings of the 17th ACM Great Lakes symposium on VLSI, GLSVLSI ’07, pp. 534–539, New York, NY, USA, ACM (2007)
27.
Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44, 519–521 (1985)MATHCrossRef
28.
Nozaki, H., Motoyama, M., Shimbo, A., Kawamura, S.: Implementation of RSA algorithm based on RNS Montgomery multiplication. In: CHES, pp. 364–376 (2001)
29.
30.
Orup, H.: Simplifying quotient determination in high-radix modular multiplication. In: IEEE Symposium on Computer Arithmetic’95, pp. 193–193 (1995)
31.
Rivain, M.: Securing RSA against fault analysis by double addition chain exponentiation. In: CT-RSA, pp. 459–480 (2009)
32.
Schindler, W.: A timing attack against RSA with the Chinese remainder theorem. In: CHES, pp. 109–124 (2000)
33.
Shamir, A.: Improved method and apparatus for protecting public key schemes from timing and fault attacks. Patent Application, 1998. WO 1998/052319 A1
34.
Skorobogatov, S.: Optical fault masking attacks. In: FDTC, pp. 23–29 (2010)
35.
Skorobogatov, S.P., Anderson, R.J.: Optical fault induction attacks. In: CHES, pp. 2–12 (2002)
36.
37.
Suzuki, D.: How to maximize the potential of FPGA resources for modular exponentiation. In: CHES, pp. 272–288 (2007)
38.
Tenca, A.F., Koç, Ç.K.: A scalable architecture for Montgomery multiplication. In: Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems, CHES ’99, PP. 94–108, London, UK. Springer, Berlin (1999)
39.
40.
Vigilant, D.: RSA with CRT: a new cost-effective solution to thwart fault attacks. In: CHES, pp. 130–145 (2008)
41.
Walter, C.D.: Montgomery’s multiplication technique: How to make it smaller and faster. In: CHES, pp. 80–93 (1999)
42.
Yen, S.-M., Moon, S.-J., Ha, J.: Hardware fault attack on RSA with CRT revisited. In: ICISC, pp. 374–388 (2002)
Metadaten
Titel
Attacking RSA–CRT signatures with faults on montgomery multiplication
verfasst von
Pierre-Alain Fouque
Nicolas Guillermin
Delphine Leresteux
Mehdi Tibouchi
Jean-Christophe Zapalowicz
Publikationsdatum
01.04.2013
Verlag
Springer-Verlag
Erschienen in
Journal of Cryptographic Engineering / Ausgabe 1/2013
Print ISSN: 2190-8508
Elektronische ISSN: 2190-8516
DOI
https://doi.org/10.1007/s13389-013-0050-x

Weitere Artikel der Ausgabe 1/2013

Journal of Cryptographic Engineering 1/2013 Zur Ausgabe

CHES 2012

On the practical use of physical unclonable functions in oblivious transfer and bit commitment protocols

CHES 2012

Unified and optimized linear collision attacks and their application in a non-profiled setting: extended version

CHES 2012

Simple photonic emission analysis of AES

CHES 2012

Code-based cryptography on reconfigurable hardware: tweaking Niederreiter encryption for performance

Ches 2012

Introduction to the CHES 2012 special issue