2006 | OriginalPaper | Buchkapitel
Practical Modifications of Leadbitter et al.’s Repeated-Bits Side-Channel Analysis on (EC)DSA
verfasst von : Katsuyuki Takashima
Erschienen in: Information Security Applications
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In this paper, we will report practical modifications of the side-channel analysis to (EC)DSA [1, 2, 4, 31] that Leadbitter et al. have proposed in [12]. To apply the analyses, we assume that the window method is used in the exponentiation (EC scalar multiplication) calculation and the side-channel information described in Section [2] can be collected. So far, the method in [12] haven’t been effective when
q
is 160 bit long and the window size
w
< 9. We show that the modified method we propose in this paper is effective even when
q
is 160 bit long and
w
=4, that is, in the case of frequent implementation. First, we estimate the window size
w
necessary for the proposed analyses (attacks) to succeed. Then by experiment of the new method, we show that private keys of (EC)DSA can be obtained under the above assumptions, in practical time and with sufficient success rate. The result raises the necessity of countermeasures against the analyses (attacks) in the window method based implementation of (EC)DSA.