More detail for a combined timing and power attack against implementations of RSA

被引:0
作者
Schindler, Werner [1 ]
Walter, Colin D. [2 ]
机构
[1] Bundesamt für Sicherheit in der Informationstechnik (BSI), 53175 Bonn
[2] Comodo Research Laboratory, Bradford, BD7 1DQ
来源
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | 2003年 / 2898卷
关键词
Exponentiation; Montgomery modular multiplication; Power analysis; RSA cryptosystem; Side channel leakage; Statistical decision problem; Timing attack;
D O I
10.1007/978-3-540-40974-8_20
中图分类号
学科分类号
摘要
Implementations of Montgomery's modular multiplication algorithm (MMM) typically make conditional subtractions in order to keep the output within register or modulus bounds. For some standard exponentiation algorithms such as m-ary, it has been shown that this yields enough information to deduce the value of the exponent. This has serious implications for revealing the secret key in cryptographic applications without adequate counter-measures. Much more detail is provided here about the distribution of output values from MMM when the output is only reduced to keep it within register bounds, about how implementations of sliding windows can be attacked, and about handling errors. © Springer-Verlag Berlin Heidelberg 2003.
引用
收藏
页码:245 / 263
页数:18
相关论文
共 16 条
[1]  
Dhem J.-F., Koeune F., Leroux P.-A., Mestre P., Quisquater J.-J., Willems J.-L., A practical implementation of the Timing Attack, LNCS, 1820, pp. 175-190, (2000)
[2]  
Knuth D.E., The Art of Computer Programming, 2, pp. 441-466, (1981)
[3]  
Koc C.K., Analysis of Sliding Window Techniques for Exponentiation, Computers and Mathematics with Applications, 30, 10, pp. 17-24, (1995)
[4]  
Kocher P., Timing attack on implementations of Diffie-Hellman, RSA, DSS, and other systems, LNCS, 1109, pp. 104-113, (1996)
[5]  
Kocher P., Jaffe J., Jun B., Differential Power Analysis, LNCS, 1666, pp. 388-397, (1999)
[6]  
Mayer-Sommer R., Smartly Analyzing the Simplicity and the Power of Simple Power Analysis on Smartcards, LNCS, 1965, pp. 78-92, (2000)
[7]  
Messerges T.S., Dabbish E.A., Sloan R.H., Power Analysis Attacks of Modular Exponentiation in Smartcards, LNCS, 1717, pp. 144-157, (1999)
[8]  
Miller V., Use of Elliptic Curves in Cryptography, LNCS, 218, pp. 417-426, (1986)
[9]  
Montgomery P.L., Modular Multiplication without Trial Division, Mathematics of Computation, 44, 170, pp. 519-521, (1985)
[10]  
Rivest R.L., Shamir A., Adleman L., A Method for obtaining Digital Signatures and Public-Key Cryptosystems, Comm. ACM, 21, pp. 120-126, (1978)