• Corpus ID: 208147227

Defeating modexp side-channel attacks with data-independent execution traces

  title={Defeating modexp side-channel attacks with data-independent execution traces},
  author={Torbj{\"o}rn Granlund},
We present an efficient algorithm for computing m mod N , which is resilient to common side-channel attacks. For any two sets of n-bit operands, the algorithm performs the same sequence of operations and yields the exact same memory access traces. It is side-channel silent under reasonable assumptions of the underlying hardware’s side-channel silence for basic word operations. We have implemented the algorithm as part of the GMP library, and show that it is almost as efficient as corresponding… 

Tables from this paper


Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
  • P. Kocher
  • Computer Science, Mathematics
  • 1996
By carefully measuring the amount of time required tm perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.
Remote timing attacks are practical
Division by invariant integers using multiplication
This paper presents code sequences for division by arbitrary nonzero integer constants and run-time invariants using integer multiplication using a two's complement architecture, and treats unsigned division, signed division, and division where the result is known a priori.
Modular multiplication without trial division
A method for multiplying two integers modulo N while avoiding division by N, a representation of residue classes so as to speed modular multiplication without affecting the modular addition and subtraction algorithms.
Improved Division by Invariant Integers
An algorithm is described that produces a quotient and remainder using one umul and one umullo, which is an improvement over earlier methods, since the new method uses cheaper multiplication operations.
Handbook of Applied Cryptography
From the Publisher: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of
GNU multiple precision arithmetic library, version 5.0, September 2013. https:// gmplib.org
  • 2013
Kocher . Timing attacks on implementations of Diffie - Hellman , RSA , DSS , and other systems
  • Seminumerical Algorithms , volume 2 of The Art of Computer Programming
  • 1998
Seminumerical Algorithms, volume 2 of The Art of Computer Programming
  • 1998
Karatsuba . Doklady Akad
  • Nauk SSSR
  • 1962