Timing attacks and local timing attacks against Barrett’s modular multiplication algorithm

Abstract Montgomery’s and Barrett’s modular multiplication algorithms are widely used in exponentiation algorithms, e.g. to compute RSA or ECC operations. While algorithm has been studied extensively the literature many side-channel attacks have detected, our best knowledge no thorough analysis exists for algorithm. This article closes this gap. For both algorithm, differences of execution times caused by conditional integer subtractions, so-called extra reductions. allows even two reductions, feature increases mathematical difficulties significantly. We formulate analyse a two-dimensional Markov process, from which we deduce relevant stochastic properties within algorithms. transfer timing local (where second attack exhibits particular squarings multiplications) on However, there also differences. requires additional substeps, efficiency is much more sensitive variations parameters. treat with CRT, without Diffie–Hellman, as well against these presence basis blinding. Experiments confirm theoretical results.