A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Power Analysis Attacks of Modular Exponentiation in Smartcards
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
The Montgomery Powering Ladder
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Blinded fault resistant exponentiation
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
WISA'04 Proceedings of the 5th international conference on Information Security Applications
An updated survey on secure ECC implementations: attacks, countermeasures and cost
Cryptography and Security
Hi-index | 0.00 |
Since side-channel attacks turned out to be a major threat against implementations of cryptographic algorithms, many countermeasures have been proposed. Amongst them, multiplicative blinding is believed to provide a reasonable amount of security for public-key algorithms. In this article we show how template attacks can be used to extract sufficient information to recover the mask. Our practical experiments verify that one power trace suffices in order to remove such a blinding factor. In the course of our work we attacked a protected Montgomery Powering Ladder implementation on a widely used microcontroller. As a result we can state that the described attack could be a serious threat for public key algorithms implemented on devices with small word size.