Reduce-by-Feedback: Timing Resistant and DPA-Aware Modular Multiplication Plus: How to Break RSA by DPA
نویسنده
چکیده
We (re-) introduce the Reduce-By-Feedback scheme given by Vielhaber (1987), Benaloh and Dai (1995), and Jeong and Burleson (1997). We show, how to break RSA, when implemented with the standard version of Reduce-by-Feedback or Montgomery multiplication, by Differential Power Analysis. We then modify Reduce-by-Feedback to avoid this attack. The modification is not possible for Montgomery multiplication. We show that both the original and the modified Reduce-by-Feedback algorithm resist timing attacks. Furthermore, some VLSI-specific implementation details (delayed carry adder, re-use of MUX tree and logic) are provided.
منابع مشابه
Leak Resistant Arithmetic
In this paper we show how the usage of Residue Number Systems (RNS) can easily be turned into a natural defense against many side-channel attacks (SCA). We introduce a Leak Resistant Arithmetic (LRA), and present its capacities to defeat timing, power (SPA, DPA) and electromagnetic (EMA) attacks. keywords: Side Channel Attacks, Residue Number Systems, RNS Montgomery multiplication
متن کاملRandomized Scalar Multiplication Algorithm against Power Analysis Attacks
Nowadays, power analysis attacks are becoming more and more advanced. Compared with any other kind of physical attacks, power analysis attacks are more efficient for attacker to obtain secret data stored in smart cards or other embedded devices. Among power analysis attacks, Simple Power Analysis (SPA) and Differential Power Analysis (DPA) are the two main attacks on the elliptic curve cryptosy...
متن کاملHighly Efficient Elliptic Curve Scalar Multiplication Method with Resistance against Side Channel Attacks
Elliptic Curve Cryptosystems (ECCs) has attracted many researchers and has been included in many standards. ECC is evolving as an attractive alternative to other public-key schemes such as RSA by offering the smallest key size and the highest strength per bit. Small key sizes and computational efficiency make ECCs not only applicable to hosts processing security protocols over wired networks, b...
متن کاملParallel FPGA Implementation of RSA with Residue Number Systems — Can side - channel threats be avoided ? — Mathieu Ciet
In this paper, we present a new parallel architecture to avoid side-channel analysis such as: timing attack, simple/differential power analysis, fault induction attack and simple/differential electromagnetic analysis. We use a Montgomery Multiplication based on Residue Number Systems. Thanks to RNS, we develop a design able to perform an RSA signature in parallel on a set of identical and indep...
متن کاملAn Improved and Efficient Countermeasure against Power Analysis Attacks
Recently new types of differential power analysis attacks (DPA) against elliptic curve cryptosystems (ECC) and RSA systems have been introduced. Most existing countermeasures against classical DPA attacks are vulnerable to these new DPA attacks which include refined power analysis attacks (RPA), zero-value point attacks (ZPA), and doubling attacks. The new attacks are different from classical D...
متن کامل