Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis
IEEE Transactions on Computers
Examining Smart-Card Security under the Threat of Power Analysis Attacks
IEEE Transactions on Computers
RSA Speedup with Residue Number System Immune against Hardware Fault Cryptanalysis
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults
Proceedings of the 5th International Workshop on Security Protocols
The Montgomery Powering Ladder
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Optical Fault Induction Attacks
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis
IEEE Transactions on Computers
Hardware Implementation of a Montgomery Modular Multiplier in a Systolic Array
IPDPS '03 Proceedings of the 17th International Symposium on Parallel and Distributed Processing
Cryptanalysis of a provably secure CRT-RSA algorithm
Proceedings of the 11th ACM conference on Computer and communications security
Modified Radix-2 Montgomery Modular Multiplication to Make It Faster and Simpler
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
On authenticated computing and RSA-based authentication
Proceedings of the 12th ACM conference on Computer and communications security
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
CRT RSA algorithm protected against fault attacks
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Wagner’s attack on a secure CRT-RSA algorithm reconsidered
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
Securing RSA against Fault Analysis by Double Addition Chain Exponentiation
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
An efficient CRT-RSA algorithm secure against power and fault attacks
Journal of Systems and Software
| Hi-index | 0.00 |
The RSA is one of the most widely used algorithms nowadays in smart cards. The main part of RSA is the modular exponentiation composed of modular multiplications. Therefore most smart cards have a hardware modular multiplier to speed up the computation. However, secure implementation of a cryptographic algorithm in an embedded device such as a smart card has now become a big challenge since the advent of side channel analysis and fault attacks. In 2005 Giraud proposed an exponentiation algorithm, which is secure against Simple Power Analysis (SPA) and Fault Attacks (FA). Recently Boscher et al. proposed another SPA-FA resistant exponentiation algorithm. To the authors' best knowledge, only these two provide security against SPA and FA simultaneously in an exponentiation algorithm. Both algorithms are also secure against C safe-error attack and M safe-error attack when they are implemented in a software. However, when they are implemented with a hardware modular multiplier, and this is usual in a smart card, they could be vulnerable to another type of safe error attack. In this paper, we show how this attack is possible on both SPA-FA resistant exponentiation algorithms.