Attacking Right-to-Left Modular Exponentiation with Timely Random Faults
نویسنده
چکیده
We show that timely induction of random failures can potentially be used to mount very cost effective attacks against smartcards deploying cryptographic schemes based on (right-to-left) modular exponentiation. We introduce a model where an external perturbation, or glitch, may cause a single modular multiplication to produce a truly random result. Based on this assumption, we present a probabilistic attack against the implemented cryptosystem. Under reasonable assumptions, we prove that using a single faulty signature the attack recovers a target bit of the secret exponent with an error probability bounded by 3 7 . We show the attack is effective even in the presence of message blinding.
منابع مشابه
Comparative Investigation of Methods of Modular Exponentiation
Main parameters of evaluation of modern information protection systems that implement RSA encryption algorithm are performance, RAM consumption and stability of algorithm of used method of modular exponentiation to the attacks on implementation, particularly in the temporal analysis. Methods of modular exponentiation (binary method, method and sliding window method) are characterized by the dep...
متن کاملFault Attacks on RSA Public Keys: Left-To-Right Implementations Are Also Vulnerable
After attacking the RSA by injecting fault and corresponding countermeasures, works appear now about the need for protecting RSA public elements against fault attacks. We provide here an extension of a recent attack [BCG08] based on the public modulus corruption. The difficulty to decompose the ”Left-To-Right” exponentiation into partial multiplications is overcome by modifying the public modul...
متن کاملRight - to - Left or Left - to - Right Exponentiation ?
The most recent left-to-right and right-to-left multibase exponentiation methods are compared for elliptic curve and modular residue groups to gauge the value and cost of switching from the normal left-toright mode to the more side channel resistant right-to-left direction in a resource constrained environment.
متن کاملImplementation of Modular Exponentiation Using Montgomery Algorithms
Several algorithms for Public Key Cryptography (PKC), such as RSA, Diffie-Hellman, and Elliptic Curve Cryptography are used for secure communications. These algorithms require modular exponentiation as their basic operation. Modular exponentiation implies repeated modular multiplication which is computationally very costly as the large operands are used. Therefore computation time is very large...
متن کاملRandomizing the Montgomery Powering Ladder
In this paper, we present novel randomized techniques to enhance Montgomery powering ladder. The proposed techniques increase the resistance against side-channel attacks and especially recently published correlation collision attacks in the horizontal setting. The first of these operates by randomly changing state such that the difference between registers varies, unpredictably, between two sta...
متن کامل