A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
A Practical Implementation of the Timing Attack
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Montgomery's Multiplication Technique: How to Make It Smaller and Faster
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
A Timing Attack against RSA with the Chinese Remainder Theorem
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
MIST: An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Montgomery in Practice: How to Do It More Efficiently in Hardware
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Improved Elliptic Curve Multiplication Methods Resistant against Side Channel Attacks
INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
Another Way of Doing RSA Cryptography in Hardware
Proceedings of the 8th IMA International Conference on Cryptography and Coding
Efficient Implementation of Elliptic Curve Cryptosystems on an ARM7 with Hardware Accelerator
ISC '01 Proceedings of the 4th International Conference on Information Security
ISC '02 Proceedings of the 5th International Conference on Information Security
A Combined Timing and Power Attack
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Sliding Windows Succumbs to Big Mac Attack
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Parallel Cryptographic Arithmetic Using a Redundant Montgomery Representation
IEEE Transactions on Computers
Breaking the liardet-smart randomized exponentiation algorithm
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Computers and Electrical Engineering
Fault Attacks on Public Key Elements: Application to DLP-Based Schemes
EuroPKI '08 Proceedings of the 5th European PKI workshop on Public Key Infrastructure: Theory and Practice
Collision-Based Power Analysis of Modular Exponentiation Using Chosen-Message Pairs
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Workload Characterization of a Lightweight SSL Implementation Resistant to Side-Channel Attacks
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Simple backdoors for RSA key generation
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Longer randomly blinded RSA keys may be weaker than shorter ones
WISA'07 Proceedings of the 8th international conference on Information security applications
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Coordinate blinding over large prime fields
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Amplifying side-channel attacks with techniques from block cipher cryptanalysis
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
On the optimization of side-channel attacks by advanced stochastic methods
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Exact analysis of montgomery multiplication
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Simple power analysis on fast modular reduction with NIST recommended elliptic curves
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Weaknesses in current RSA signature schemes
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Using bleichenbacher's solution to the hidden number problem to attack nonce leaks in 384-bit ECDSA
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
We analyse timing variations in an implementation of modular multiplication which has certain standard characteristics. This shows that squarings and multiplications behave differently when averaged over a number of random observations. Since power analysis can reveal such data, secret RSA exponents can be deduced if a standard square and multiply exponentiation algorithm is used. No knowledge of the modulus or input is required to do this. The technique generalises to the m-ary and sliding windows exponentiation methods since different multipliers can be distinguished. Moreover, only a small number of observations (independent of the key size and well under 1k) are required to perform the cryptanalysis successfully. Thus, if the modular multiplication algorithm cannot be made any safer, the exponent must be modified on every use.