A New Exponentiation Algorithm Resistant to Combined Side Channel Attack
نویسندگان
چکیده
Since two different types of side channel attacks based on passive information leakage and active fault injection are independently considered as implementation threats on cryptographic modules, most countermeasures have been separately developed according to each attack type. But then, Amiel et al. proposed a combined side channel attack in which an attacker combines these two methods to recover the secret key in an RSA implementation. In this paper, we show that the BNP (Boscher, Naciri, and Prouff) algorithm for RSA, which is an SPA/FA-resistant exponentiation method, is also vulnerable to the combined attack. In addition, we propose a new exponentiation algorithm resistant to power analysis and fault attack as well as the combined attack. The proposed secure exponentiation algorithm can be employed to strengthen the security of CRT-RSA.
منابع مشابه
Power Analysis Attacks on the Right-to-Left Square-Always Exponentiation Algorithm
The naive implementation of an exponentiation used in public key cryptography may reveal a secret key to the attacker by several side-channel attacks. Recently, a novel square-always exponentiation algorithm based on trading multiplications for squarings is proposed. This algorithm for RSA implementation is faster than existing regular countermeasures against side-channel attacks. This paper su...
متن کاملCombined Implementation Attack Resistant Exponentiation
Different types of implementation attacks, like those based on side channel leakage and active fault injection, are often considered as separate threats. Countermeasures are, therefore, often developed and implemented accordingly. However, Amiel et al. showed that an adversary can successfully combine two attack methods to overcome such countermeasures. In this paper, we consider instances of t...
متن کاملExploiting Collisions in Addition Chain-Based Exponentiation Algorithms Using a Single Trace
Public key cryptographic algorithms are typically based on group exponentiation algorithms where the exponent is private. A collision attack is typically where an adversary seeks to determine whether two operations in an exponentiation have the same input. In this paper we extend this to an adversary who seeks to determine whether the output of one operation is used as the input to another. We ...
متن کاملFast SPA-Resistant Exponentiation Through Simultaneous Processing of Half-Exponents
Straightforward implementations of binary exponentiation algorithms make the cryptographic system vulnerable to side-channel attacks; specifically, to Simple Power Analysis (SPA) attacks. Most solutions proposed so far introduce a considerable performance penalty. A method exists that introduces SPA-resistance to certain types of binary exponentiation algorithms while introducing zero computati...
متن کاملBlinded Fault Resistant Exponentiation
As the core operation of many public key cryptosystems, group exponentiation is central to cryptography. Attacks on its implementation in embedded device setting is hence of great concern. Recently, implementations resisting both simple side-channel analysis and fault attacks were proposed. In this paper, we go further and present an algorithm that also inherently thwarts differential side-chan...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- J. Internet Serv. Inf. Secur.
دوره 3 شماره
صفحات -
تاریخ انتشار 2013