Elliptic curves in cryptography
Elliptic curves in cryptography
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis
IEEE Transactions on Computers
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Observability Analysis - Detecting When Improved Cryptosystems Fail
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
A Practical Implementation of the Timing Attack
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack
INDOCRYPT '00 Proceedings of the First International Conference on Progress in Cryptology
IFIP/Sec '93 Proceedings of the IFIP TC11, Ninth International Conference on Information Security: Computer Security
Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults
Proceedings of the 5th International Workshop on Security Protocols
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
Fault Induction Attacks, Tamper Resistance, and Hostile Reverse Engineering in Perspective
FC '97 Proceedings of the First International Conference on Financial Cryptography
Securing the AES Finalists Against Power Analysis Attacks
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
RSA-type Signatures in the Presence of Transient Faults
Proceedings of the 6th IMA International Conference on Cryptography and Coding
DES and Differential Power Analysis (The "Duplication" Method)
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Power Analysis Attacks of Modular Exponentiation in Smartcards
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
IPA: A New Class of Power Attacks
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
A Timing Attack against RSA with the Chinese Remainder Theorem
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
On Boolean and Arithmetic Masking against Differential Power Analysis
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Using Second-Order Power Analysis to Attack DPA Resistant Software
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Differential Power Analysis in the Presence of Hardware Countermeasures
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Universal Exponentiation Algorithm
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Sliding Windows Succumbs to Big Mac Attack
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
An Implementation of DES and AES, Secure against Some Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
A Sound Method for Switching between Boolean and Arithmetic Masking
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Investigations of power analysis attacks on smartcards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Comments on "A Computer Algorithm for Calculating the Product AB Modulo M"
IEEE Transactions on Computers
A Computer Algorithm for Calculating the Product AB Modulo M
IEEE Transactions on Computers
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
The Montgomery Powering Ladder
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
A new CRT-RSA algorithm secure against bellcore attacks
Proceedings of the 10th ACM conference on Computer and communications security
An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis
IEEE Transactions on Computers
On the implementation of the advanced encryption standard on a public-key crypto-coprocessor
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Secret External Encodings Do Not Prevent Transient Fault Analysis
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Perturbating RSA Public Keys: An Improved Attack
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Securing RSA against Fault Analysis by Double Addition Chain Exponentiation
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Exponent Recoding and Regular Exponentiation Algorithms
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
Programmable and Parallel ECC Coprocessor Architecture: Tradeoffs between Area, Speed and Security
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
A new fault cryptanalysis on montgomery ladder exponentiation algorithm
Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human
Enhanced doubling attacks on signed-all-bits set recoding
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Co-Z addition formulæ and binary ladders on elliptic curves
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Amplifying side-channel attacks with techniques from block cipher cryptanalysis
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Collision attack on XTR and a countermeasure with a fixed pattern
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Improvement on ha-moon randomized exponentiation algorithm
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
DPA attack on the improved ha-moon algorithm
WISA'05 Proceedings of the 6th international conference on Information Security Applications
SPA resistant left-to-right integer recodings
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Relative doubling attack against montgomery ladder
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Memory-efficient fault countermeasures
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
On the implementation of unified arithmetic on binary huff curves
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Message blinding method requiring no multiplicative inversion for RSA
ACM Transactions on Embedded Computing Systems (TECS)
| Hi-index | 0.00 |
Recently, many research works have been reported about how physical cryptanalysis can be carried out on cryptographic devices by exploiting any possible leaked information through side channels. In this paper, we demonstrate a new type of safe-error based hardware fault cryptanalysis which is mounted on a recently reported countermeasure against simple power analysis attack. This safe-error based attack is developed by inducing a temporary random computational fault other than a temporary memory fault which was explicitly assumed in the first published safe-error based attack (in which more precisions on timing and fault location are assumed) proposed by Yen and Joye. Analysis shows that the new safe-error based attack proposed in this paper is powerful and feasible because the cryptanalytic complexity (especially the computational complexity) is quite small and the assumptions made are more reasonable. Existing research works considered many possible countermeasures against each kind of physical cryptanalysis. This paper and a few previous reports clearly show that a countermeasure developed against one physical attack does not necessarily thwart another kind of physical attack. However, almost no research has been done on dealing the possible mutual relationship between different kinds of physical cryptanalysis when choosing a specific countermeasure. Most importantly, in this paper we wish to emphasize that a countermeasure developed against one physical attack if not carefully examined may benefit another physical attack tremendously. This issue has never been explicitely noticed previously but its importance can not be overlooked because of the attack found in this paper. Notice that almost all the issues considered in this paper on a modular exponentiation also applies to a scalar multiplication over an elliptic curve.