Complete atomic blocks for elliptic curves in jacobian coordinates over prime fields
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
Defeating with fault injection a combined attack resistant exponentiation
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
| Hi-index | 0.00 |
Since side channel analysis was introduced as a method to recover secret information from an otherwise secure cryptosystem, many countermeasures have been proposed to prevent leakage from secure devices. Among these countermeasures is side channel atomicity that makes operations indistinguishable using side channel analysis. In this paper, we present practical results of an attack on RSA signature generation, protected in this manner, based on the expected difference in Hamming weight between the result of a multiplication and a squaring operation. This work presents the first attack that we are aware of where template analysis can be used without requiring an open device to characterize an implementation of a given cryptographic algorithm. Moreover, an attacker does not need to know the plaintexts being operated on and, therefore, blinding and padding countermeasures applied to the plaintext do not hinder the attack in anyway.