Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis
IEEE Transactions on Computers
RSA Speedup with Residue Number System Immune against Hardware Fault Cryptanalysis
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
A new CRT-RSA algorithm secure against bellcore attacks
Proceedings of the 10th ACM conference on Computer and communications security
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis
IEEE Transactions on Computers
Perturbating RSA Public Keys: An Improved Attack
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Fault Attacks on RSA Public Keys: Left-To-Right Implementations Are Also Vulnerable
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Securing RSA against Fault Analysis by Double Addition Chain Exponentiation
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Automatic detection of fault attack and countermeasures
WESS '09 Proceedings of the 4th Workshop on Embedded Systems Security
Fault Analysis of Rabbit: Toward a Secret Key Leakage
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Fault attacks for CRT based RSA: new attacks, new results and new countermeasures
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
CRT RSA algorithm protected against fault attacks
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Safe-error attack on SPA-FA resistant exponentiations using a HW modular multiplier
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Fault-based attack of RSA authentication
Proceedings of the Conference on Design, Automation and Test in Europe
A new CRT-RSA algorithm resistant to powerful fault attacks
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
Public key perturbation of randomized RSA implementations
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Cryptanalysis of a type of CRT-based RSA algorithms
Journal of Computer Science and Technology
An efficient CRT-RSA algorithm secure against power and fault attacks
Journal of Systems and Software
Wagner’s attack on a secure CRT-RSA algorithm reconsidered
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
Cryptographic key reliable lifetimes: bounding the risk of key exposure in the presence of faults
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
Non-linear residue codes for robust public-key arithmetic
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
Secret key leakage from public key perturbation of DLP-Based cryptosystems
Cryptography and Security
Evaluation of the ability to transform SIM applications into hostile applications
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
A Comparative Survey on Cryptology-Based Methodologies
International Journal of Information Security and Privacy
| Hi-index | 0.00 |
We study a countermeasure proposed to protect Chinese remainder theorem (CRT) computations for RSA against fault attacks. The scheme was claimed to be provably secure. However, we demonstrate that the proposal is in fact insecure: it can be broken with a simple and practical fault attack. We conclude that the proposed countermeasure is not safe for use in its present form.