Bug Attacks

Authors:
Eli Biham;Yaniv Carmeli;Adi Shamir
Affiliations:
Computer Science Department, Technion - Israel Institute of Technology, Haifa, Israel 32000;Computer Science Department, Technion - Israel Institute of Technology, Haifa, Israel 32000;Computer Science Department, The Weizmann Institute of Science, Rehovot, Israel 76100
Venue:
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Year:
2008

Citing 5
Cited 8

A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
UMAC: Fast and Secure Message Authentication

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
OAEP Reconsidered

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Designing and implementing malicious hardware

LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats

Signature Schemes with Bounded Leakage Resilience

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fault-based attack of RSA authentication

Proceedings of the Conference on Design, Automation and Test in Europe
Secure set intersection with untrusted hardware tokens

CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Achieving leakage resilience through dual system encryption

TCC'11 Proceedings of the 8th conference on Theory of cryptography
How to leak on key updates

Proceedings of the forty-third annual ACM symposium on Theory of computing
Hardware trojans for inducing or amplifying side-channel leakage of cryptographic software

INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Practical realisation and elimination of an ECC-Related software bug attack

CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Efficient gröbner basis reductions for formal verification of galois field multipliers

DATE '12 Proceedings of the Conference on Design, Automation and Test in Europe

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present a new kind of cryptanalytic attack which utilizes bugs in the hardware implementation of computer instructions. The best known example of such a bug is the Intel division bug, which resulted in slightly inaccurate results for extremely rare inputs. Whereas in most applications such bugs can be viewed as a minor nuisance, we show that in the case of RSA (even when protected by OAEP), Pohlig-Hellman, elliptic curve cryptography, and several other schemes, such bugs can be a security disaster: Decrypting ciphertexts on anycomputer which multiplies even one pair of numbersincorrectly can lead to full leakage of the secret key, sometimes with a single well-chosen ciphertext.