nach oben

Journal of Cryptographic Engineering

Erschienen in:

01.11.2014 | Regular Paper

Power attacks in the presence of exponent blinding

verfasst von: Werner Schindler, Andreas Wiemers

Erschienen in: Journal of Cryptographic Engineering | Ausgabe 4/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Exponent blinding has been known as an effective countermeasure against side-channel attacks on RSA. However, if single power traces reveal some exponent bits with certainty, an attack by Fouque et al. (Power attack on small RSA public exponent. Springer, Berlin, pp 339–353, 2006) applies that recovers the exponent. Since this attack becomes infeasible if some of these assumed exponent bits are incorrect it has not been assumed to be a realistic threat in the context of side-channel attacks. In this paper we present three generic attack variants (basic attack, enhanced attack, alternate attack), which work in the presence of considerable error rates at each bit position, disproving the hypothesis that mere exponent blinding is always sufficient to protect SPA-resistant implementations against any type of power attacks. Simulation experiments confirm that for small blinding factors the basic attack permits error rates of more than \(25~\%\). The enhanced attack allows smaller error rates but requires much less power traces and computations. Unlike the basic attack and the enhanced attack the alternate attack (against ECC and RSA without CRT) cannot effectively be prevented by simply enlarging the blinding factor. This paper extends (Schindler and Itoh, Exponent blinding does not always lift (Partial) SPA resistance to higher-level security. Springer, Berlin, pp 73–90, 2011) by many new results.

Nächster Artikel New algorithms for batch verification of standard ECDSA signatures

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Acıiçmez, O., Schindler, W.: A vulnerability in RSA implementations due to instruction cache analysis and its demonstration on openSSL. In: Malkin, T. (ed.) Topics in Cryptology—CT-RSA 2008, Lecture Notes in Computer Science, pp. 256–273. Springer, Berlin (2008)CrossRef

Bronstein, I.N., Semendjaev, K.A.: Taschenbuch der Mathematik, 21st edn. Harri Deutsch-Verlag, Leipzig (1982)

Ciet, M.: Aspects of Fast and Secure Arithmetics for Elliptic Curve Cryptography. PhD thesis, Catholic University of Louvain, Belgium (2003)

Cohen, H.: A Course in Computational Algebraic Number Theory. Springer, Berlin (2000). (Forth Printing)

Coron, J.S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems—CHES 1999, Lecture Notes in Computer Science, pp. 292–302. Springer, Berlin (1999)

Courrège, J.C., Feix, B., Roussellet, M.: Simple power analysis on exponentiation revisited. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) Smart Card Research and Advanced Application—CARDIS 2010, Lecture Notes in Computer Science, pp. 65–79. Springer, Berlin (2010)

Diaconis, P.: Group Representations in Probability and Statistics. Lecture Notes—Monograph Series, vol. 11. Institute of Mathematical, Statistics, Hayward (1988)

Fouque, P., Kunz-Jacques, S., Martinet, G., Muller, F., Valette, F.: Power attack on small RSA public exponent. In: Goubin, L., Matsui, M. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2006, Lecture Notes in Computer Science, pp. 339–353. Springer, Berlin (2006)CrossRef

Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Berlin (2004)MATH

10.

Henecka, W., May, A., Meurer, A.: Correcting errors in RSA private keys. In: Rabin, T. (ed.) Advances in Cryptology—CRYPTO 2010, Lecture Notes in Computer Science, pp. 351–369. Springer, Berlin (2010)CrossRef

11.

Itoh, K., Yamamoto, D., Yajima, J., Ogata, W.: Collision-based power attack for RSA with small public exponent. In: IEICE Transactions on Information and Systems, vol. E92-D, no. 5, pp. 897–908 (2009)

12.

Itoh, K., Izu, T., Takenaka, M.: Address-bit differential power analysis of cryptographic schemes OK-ECDH and OK-ECDSA. In: Kaliski, B., Koç, Ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2002, Lecture Notes in Computer Science, pp. 129–143. Springer, Berlin (2002)

13.

Jones, G.J.: On the Markov Chain central limit theorem. Probab. Surv. 1, 299–320 (2004)

14.

Knuth, D.E.: The Art of Computer Programming. vol. 1, 3rd edn., Addison-Wesley, Reading (Cal.) (2000)

15.

Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS and other systems. In: Koblitz, N. (ed.) Advances in Cryptology—CRYPTO ‘96, Lecture Notes in Computer Science, pp. 104–113. Springer, Berlin (1996)

16.

Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Krawczyk, H. (ed.) Advances in Cryptology—CRYPTO 99, Lecture Notes in Computer Science, pp. 388–397. Springer, Berlin (1998)

17.

Krüger, A.: The Schindler-Itoh-attack in case of partial information leakage. In: Schindler, W., Huss, S. (eds.) Constructive Side-Channel Analysis and Secure Design—COSADE 2012, Lecture Notes in Computer Science, pp. 199–214. Springer, Berlin (2012)

18.

Lang, S.: Algebra, 3rd edn. Addison-Wesley, Reading (Cal.) (1993)

19.

van Lint, J.H.: Introduction to Coding Theory. Graduate Texts in Mathematics, 2nd edn. Springer, Berlin (1991)

20.

Schindler, W.: A combined timing and power attack. In: Paillier, P., Naccache, D. (eds.) Public Key Cryptography—PKC 2002, Lecture Notes in Computer Science, pp. 263–279. Springer, Berlin (2002)

21.

Schindler, W., Itoh, K.: Exponent blinding does not always lift (Partial) SPA resistance to higher-level security. In: Lopez, J., Tsudik, G. (eds.) Applied Cryptography and Network Security—ACNS 2011, Lecture Notes in Computer Science, pp. 73–90. Springer, Berlin (2011)

22.

Yen, S., Lien, W., Moon, S., Ha, J.: Power analysis by exploiting chosen message and internal collisions—vulnerability of checking mechanism for RSA-decryption. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005, Lecture Notes in Computer Science, pp. 73–90. Springer, Berlin (2005)

Titel: Power attacks in the presence of exponent blinding
verfasst von: Werner Schindler
Andreas Wiemers
Publikationsdatum: 01.11.2014
Verlag: Springer Berlin Heidelberg
Erschienen in: Journal of Cryptographic Engineering / Ausgabe 4/2014
Print ISSN: 2190-8508
Elektronische ISSN: 2190-8516
DOI: https://doi.org/10.1007/s13389-014-0081-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"