Two Operands of Multipliers in Side-Channel Attack


The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multipliers. There are two consequences. Firstly, designing order of operands can be a cost-effective countermeasure. We show a concrete example in which operand order determines success and failure of the attack. Secondly, countermeasures can be ineffective if the asymmetric leakage is considered. In addition to the main results, the attack by Hanley et al. is extended using the signal-processing technique of the big mac attack. An experimental result to successfully analyze an FPGA implementation of RSA with the multiply-always method is also presented.

DOI: 10.1007/978-3-319-21476-4_5

Extracted Key Phrases

8 Figures and Tables

Cite this paper

@inproceedings{Sugawara2015TwoOO, title={Two Operands of Multipliers in Side-Channel Attack}, author={Takeshi Sugawara and Daisuke Suzuki and Minoru Saeki}, booktitle={IACR Cryptology ePrint Archive}, year={2015} }