Power analysis by exploiting chosen message and internal collisions – vulnerability of checking mechanism for RSA-Decryption

Authors:
Sung-Ming Yen;Wei-Chih Lien;SangJae Moon;JaeCheol Ha
Affiliations:
Laboratory of Cryptography and Information Security (LCIS), Dept of Computer Science and Information Engineering, National Central University, Chung-Li, Taiwan, R.O.C.;Laboratory of Cryptography and Information Security (LCIS), Dept of Computer Science and Information Engineering, National Central University, Chung-Li, Taiwan, R.O.C.;School of Electronic and Electrical Engineering, Kyungpook National University, Taegu, Korea;Dept of Computer and Information, Korea Nazarene University, Choong Nam, Korea
Venue:
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Year:
2005

Citing 6
Cited 17

Use of elliptic curves in cryptography

Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems

CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems

An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis

IEEE Transactions on Computers
Collision-Based Power Analysis of Modular Exponentiation Using Chosen-Message Pairs

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Generalized Scalar Multiplication Secure against SPA, DPA, and RPA

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Exponent Recoding and Regular Exponentiation Algorithms

AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
CRT RSA algorithm protected against fault attacks

WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Generalized MMM-algorithm secure against SPA, DPA, and RPA

ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Provably secure countermeasure resistant to several types of power attack for ECC

WISA'07 Proceedings of the 8th international conference on Information security applications
On the BRIP algorithms security for RSA

WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
Horizontal correlation analysis on exponentiation

ICICS'10 Proceedings of the 12th international conference on Information and communications security
An efficient CRT-RSA algorithm secure against power and fault attacks

Journal of Systems and Software
Exponent blinding does not always lift (partial) spa resistance to higher-level security

ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Simple power analysis on exponentiation revisited

CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
Same values power analysis using special points on elliptic curves

COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Weaknesses in current RSA signature schemes

ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Reduce-by-feedback: timing resistant and DPA-aware modular multiplication plus: how to break RSA by DPA

CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Updated recommendations for blinded exponentiation vs. single trace analysis

COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Message blinding method requiring no multiplicative inversion for RSA

ACM Transactions on Embedded Computing Systems (TECS)

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we will point out a new side-channel vulnerability of cryptosystems implementation based on BRIP or square-multiply-always algorithm by exploiting specially chosen input message of order two. A recently published countermeasure, BRIP, against conventional simple power analysis (SPA) and differential power analysis (DPA) will be shown to be vulnerable to the proposed SPA in this paper. Another well known SPA countermeasure, the square-multiply-always algorithm, will also be shown to be vulnerable to this new attack. Further extension of the proposed attack is possible to develop more powerful attacks.