An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis

@article{Giraud2006AnRI,
  title={An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis},
  author={Christophe Giraud},
  journal={IEEE Transactions on Computers},
  year={2006},
  volume={55},
  pages={1116-1120}
}
Nowadays, side channel attacks allow an attacker to recover secrets stored in embedded devices more efficiently than any other kind of attack. [...] Key Method This method can be used to obtain fast FA-resistant RSA signature generations in both the straightforward method and Chinese remainder theorem modes. Moreover, as it has been shown that fault attacks can benefit from the weaknesses introduced by some SPA countermeasures, we ensure that our method resists SPA and, thus, does not require supplementary SPA…Expand
How can we overcome both side channel analysis and fault attacks on RSA-CRT?
TLDR
Fumaroli and Vigilant's scheme can be broken by fault attacks and a direction to construct efficient countermeasures secure against all known side channel analyses and fault attacks on RSA-CRT with low time complexity is proposed. Expand
How can we overcome both side channel analysis and fault attacks on RSA-CRT?
TLDR
Fumaroli and Vigilant's scheme can be broken by fault attacks and a direction to construct efficient countermeasures secure against all known side channel analyses and fault attacks on RSA-CRT with low time complexity is proposed. Expand
Protecting CRT RSA against Fault and Power Side Channel Attacks
TLDR
This paper evaluates some very popular and potent SCAs against RSA, and proposes an SCA protection scheme for RSA based on Chinese Remainder Theorem (CRT) that can thwart them. Expand
Secure RSA implementation against horizontal correlation power analysis attack
TLDR
A novel exponentiation algorithm is proposed to defeat previous implementation attacks, as well as the HCPA attack, in particular, and be used to implement a secure Chinese remainder theorem-based RSA (CRT-RSA) cryptosystem by thwarting the Bellcore attack. Expand
Fault and Power Analysis Attack Protection Techniques for Standardized Public Key Cryptosystems
TLDR
This book chapter describes and analyzes the existing implementation attack ecosystem and proposes an algorithm that is applicable to both modular exponentiation and scalar multiplication and is capable of providing broad resistance, acting as an all-in-one protection framework for RSA/ECC schemes. Expand
Defeating with Fault Injection a Combined Attack Resistant Exponentiation
TLDR
Two new attacks are presented here two new algorithms that can defeat the side-channel and fault injection analysis, one of which requires the combination of a single fault injection with a differential treatment, and a more secure version of this algorithm that thwarts these attacks. Expand
Side-Channel Attack against RSA Key Generation Algorithms
TLDR
A new attack is proposed that is able to break secure implementations recommended by the ANSI X9.31 and FIPS 186-4 standards and should avoid the use of a prime sieve combined with a deterministic process to generate the prime candidates from a random seed. Expand
Fault Resistant RSA Signatures: Chinese Remaindering in Both Directions
TLDR
This paper proposes new efficient methods with associated security proofs in two different models that protect against run-time errors, computation errors, and most permanent errors in the key parameters as well and extends the methods with infective computation strategies to secure the algorithm against doublefaults. Expand
On Second-Order Fault Analysis Resistance for CRT-RSA Implementations
TLDR
It is shown that these countermeasures published to protect the RSA cryptosystem using the CRT mode are not intrinsically resistant and a new method is proposed to implement a CRT-RSA that resists to this kind of second-order fault attack. Expand
A New CRT-RSA Scheme Resistant to Power Analysis and Fault Attacks
TLDR
A new CRT-RSA scheme secure against all known power analysis and fault attacks by modifying a random message blinding exponentiation algorithm which is both practical and efficient due to the low computational load compared to other existing literatures. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 24 REFERENCES
Hardware Fault Attackon RSA with CRT Revisited
TLDR
The proposed CRT-based fault attacks once again reveals the importance of developing a sound countermeasure against RSA with CRT, and considers permanent fault on some stored parameters in the above two countermeasures. Expand
RSA Speedup with Residue Number System Immune against Hardware Fault Cryptanalysis
TLDR
This article considers the problem of how to prevent the fast RSA signature and decryption computation with residue number system speedup from a hardware fault cryptanalysis in a highly reliable and efficient approach and proposes a new concept of fault infective CRT computation and fault infectives CRT recombination. Expand
A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack
TLDR
A new type of safe-error based hardware fault cryptanalysis is demonstrated which is mounted on a recently reported countermeasure against simple power analysis attack and it is emphasized that acountermeasure developed against one physical attack if not carefully examined may benefit another physical attack tremendously. Expand
Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures
TLDR
This article describes concrete results and practically validated countermeasures concerning differential fault attacks on RSA using the CRT, and is convinced that only sophisticated hardware countermeasures in combination with software countermeasures will be able to provide security. Expand
Cryptanalysis of Two Protocols for RSA with CRT Based on Fault Infection
TLDR
It will be shown that two hardware fault immune protocols for CRT speedup on RSA private computation are still vulnerable to a potential computational fault attack on an auxiliary process that was not considered in the usual CRT-based factorization attack. Expand
Power Analysis by Exploiting Chosen Message and Internal Collisions - Vulnerability of Checking Mechanism for RSA-Decryption
TLDR
A new side-channel vulnerability of cryptosystems implementation based on BRIP or square-multiply-always algorithm is pointed out by exploiting specially chosen input message of order two and further extension of the proposed attack is possible to develop more powerful attacks. Expand
A new CRT-RSA algorithm secure against bellcore attacks
TLDR
This paper describes a new algorithm to prevent fault attacks on RSA signature algorithms using the Chinese Remainder Theorem (CRT-RSA), and proves that the new algorithm is secure against the Bellcore attack. Expand
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems
TLDR
This paper generalizes DPA attack to elliptic curve (EC) cryptosystems and describes a DPA on EC Diffie-Hellman key exchange and EC EI-Gamal type encryption that enable to recover the private key stored inside the smart-card. Expand
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
By carefully measuring the amount of time required tm perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.Expand
A Survey on Fault Attacks
TLDR
What can be achieved nowadays by using fault attacks in a smart card environment is described and attacks on the most popular cryptosystems are described and the problem of induced perturbations in the smart card environments is discussed. Expand
...
1
2
3
...