On the Implementation of a Fast Prime Generation Algorithm

Authors:
Christophe Clavier;Jean-Sébastien Coron
Affiliations:
Gemalto, Security Labs, La Vigie, Avenue du Jujubier, ZI Athélia IV, F-13705 La Ciotat Cedex, France;University of Luxembourg, Faculty of Sciences, Technology and Communication, 6, rue Richard Coudenhove-Kalergi, L-1359, Luxembourg
Venue:
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Year:
2007

Citing 7
Cited 4

Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems

CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Efficient Generation of Prime Numbers

CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Riemann's hypothesis and tests for primality

Journal of Computer and System Sciences
Fast generation of prime numbers on portable devices: an update

CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Power attack on small RSA public exponent

CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Resistance of randomized projective coordinates against power analysis

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems

A New Side-Channel Attack on RSA Prime Generation

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
To infinity and beyond: combined attack on ECC using points of low order

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
RSA key generation: new attacks

COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Generating provable primes efficiently on embedded devices

PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

A side-channel analysis of a cryptographic algorithm generally concentrates on the encryption or decryption phases, rarely on the key generation phase. In this paper, we show that, when not properly implemented, the fast prime generation algorithm proposed by Joye and Paillier at CHES 2006 is susceptible to side-channel analysis; its main application is the generation of RSA key-pairs for embedded platforms like smart-cards. Our attack assumes that some parity bit can be recovered through SPA when it appears in a branch condition. Our attack can be combined with Coppersmith's theorem to improve its efficiency; we show that for 1024-bit RSA moduli, one can recover the factorization of roughly 1/1000 of the RSA moduli.