At CHES 2000, Schindler introduced a timing attack that enables the factorization of an RSA-modulus if RSA implementations use the Chinese Remainder Theorem and Montgomery multiplication. In this paper we introduce another approach for deriving the secret prime factor by focusing on the conditional branch Schindler used in his attack. One of the countermeasures against Schindler’s attack is the...

We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 2 pairs of plaintext, while FEAL8-MAC can be broken with 2 pairs. The proposed atta...

Background Despite considerable advances in reproductive technology, its application is like a double-edged sword, which is associated with numerous challenges. One of the most challenging issues for couples is disclosure of conception circumstances to the offspring. The purpose of this qualitative study was to explore the decisions of infertile couples undergoing assisted reproductive donation...

In this paper, a robust optimal zero-watermarking technique based on genetic algorithm for secret watermark sharing is proposed for the purpose of copyright protection. It is implemented in discrete cosine transform (DCT) for gray scale images in which the visual secret sharing is used to generate unexpanded master and secret shares for the watermark. The GA based zero watermarking is used to s...

Although Differential Fault Analysis (DFA) led to powerful applications against public key [15] and secret key [12] cryptosystems, very few works have been published in the area of stream ciphers. In this paper, we present the first application of DFA to the software eSTREAM candidate Rabbit that leads to a full secret key recovery. We show that by modifying modular additions of the next-state ...

The commonly used technique for cheating detection requires that extra information be given to each participant. However, in a secret sharing scheme when the size of shares increases the security of the system degrades. In this paper we study the cheating problem in Shamir's scheme (in the sense of Tompa and Woll 1] attack) and present alternative solutions to this problem. First we consider ch...

In this work we present new timing vulnerabilities that arise in the inversion of the error syndrome through the Extended Euclidean Algorithm that is part of the decryption operation of code-based Cryptosystems. We analyze three types of timing attack vulnerabilities theoretically and experimentally: The first allows recovery of the zero-element of the secret support, the second is a refinement...

In this thesis we study a problem of doing Verifiable Secret Sharing (VSS) and Multiparty Computations (MPC) in a model where private channels between the players and a broadcast channel is available. The adversary is active, adaptive and has an unbounded computing power. The thesis is based on two papers [CDD00, CDD99]. In [CDD00] we assume that the adversary can corrupt any set from a given a...

‧Protecting elliptic curve cryptography against memory disclosure attacks ‧A guess-then-algebraic attack on LFSR-based stream ciphers with nonlinear filter ‧ How to compare selections of points of interest for side-channel distinguishers in practice

A passive attacker can compromise a generic anonymity protocol by applying the so called disclosure attack, i.e. a special traffic analysis attack. In this work we present a more efficient way to accomplish this goal, i.e. we need less observations by looking for unique minimal hitting sets. We call this the hitting set attack or just HS-attack. In general, solving the minimal hitting set probl...