Side-Channel Attacks on Textbook RSA and ElGamal Encryption

نویسنده

  • Ulrich Kühn
چکیده

This paper describes very efficient attacks on plain RSA encryption as usually described in textbooks. These attacks exploit side channels caused by implementations that, during decryption, incorrectly make certain assumption on the size of message. We highlight different assumptions that are easily made when implementing plain RSA decryption and present corresponding attacks. These attacks make clear that plain RSA is a padding scheme that has to be checked carefully during decryption instead of simply assuming a length of the transported message. Furthermore we note that the attacks presented here do also work against a similar setting of ElGamal encryption with only minimal changes.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Why Textbook ElGamal and RSA Encryption Are Insecure

We present an attack on plain ElGamal and plain RSA encryption. The attack shows that without proper preprocessing of the plaintexts, both ElGamal and RSA encryption are fundamentally insecure. Namely, when one uses these systems to encrypt a (short) secret key of a symmetric cipher it is often possible to recover the secret key from the ciphertext. Our results demonstrate that preprocessing me...

متن کامل

Comparison of two Public Key Cryptosystems

Since the time public-key cryptography was introduced by Diffie andHellman in 1976, numerous public-key algorithms have been proposed. Some of thesealgorithms are insecure and the others that seem secure, many are impractical, eitherthey have too large keys or the cipher text they produce is much longer than theplaintext. This paper focuses on efficient implementation and analysis of two mostpo...

متن کامل

Elimination of Side Channel attacks on a Precision Timed Architecture

Side-channel attacks exploit information-leaky implementations of cryptographic algorithms to find the encryption key. These information leaks are caused by the underlying execution platform which contain hardware elements designed to optimize performance at the expense of predictable execution time. This shows that for security systems, not only does the software need to be secure, but the exe...

متن کامل

Securing RSA algorithm against timing attack

Security plays an important role in many embedded systems. All security based algorithms are implemented in hardware or software, and on physical devices which interact with the systems and influenced by their environments. The attacker extracts, investigate and monitor these physical interactions and extracts side channel information which is used in cryptanalysis. This type of cryptanalysis i...

متن کامل

Further Results and Considerations on Side Channel Attacks on RSA

This paper contains three parts. In the first part we present a new side channel attack on plaintext encrypted by EME-OAEP PKCS#1 v.2.1. In contrast with Manger ́s attack, we attack that part of the plaintext, which is shielded by the OAEP method. In the second part we show that Bleichenbacher’s and Manger’s attack on the RSA encryption scheme PKCS#1 v.1.5 and EME-OAEP PKCS#1 v.2.1 can be conver...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2003