Checking before output may not be enough against fault-based cryptanalysis

IEEE Transactions on Computers

Volumn 49, Issue 9, 2000, Pages 967-970

  Yen, Sung Ming ^a   Joye, Marc ^b  

^a NATIONAL CENTRAL UNIVERSITY   (Taiwan)

^b GEMPLUS   (France)

Author keywords

[No Author keywords available]

Indexed keywords

ALGORITHMS; CODING ERRORS; COMPUTER SYSTEM RECOVERY; DATA STORAGE EQUIPMENT; SECURITY OF DATA; SMART CARDS;

EXPONENTIATION; FAULT BASED CRYPTANALYSIS; INTERLEAVED MODULAR MULTIPLICATION; TAMPER RESISTANCE;

CRYPTOGRAPHY;

EID: 0034276289     PISSN: 00189340     EISSN: None     Source Type: Journal    
DOI: 10.1109/12.869328     Document Type: Article

References (23)

1. R.L. Rivest, A. Shamir, and L.M. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystem," Comm. ACM, vol. 21, no. 2, pp. 120-126, Feb. 1978.
2. T. ElGamal, "A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Trans. Information Theory, vol. 31, no. 4, pp. 469-472, July 1985.
3. D. Boneh, R.A. DeMillo, and R.J. Lipton, "On the Importance of Checking Cryptographic Protocols for Faults," Proc. Advances in Cryptology - EUROCRYPT '97, pp. 37-51, 1997.
4. R. Anderson and M. Kuhn, "Tamper Resistance - A Cautionary Note," Proc. Second USENIX Workshop Electronic Commerce, pp. 1-11, 1996.
5. M. Joye, A.K. Lenstra, and T.-T. Quisquater, "Chinese Remaindering Based CryptoSystems in the Presence of Faults," J. Cryptology, vol. 12, no. 4, pp. 241-245, 1999.
6. F. Bao, R.H. Deng, Y. Han, A. Jeng, A.D. Narasimbalu, and T. Ngair, "Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults," Proc. Security Protocols, pp. 115-124, 1998.
7. Y. Zheng and T. Matsumoto, "Breaking Real-World Implementations of Cryptosystems by Manipulating Their Random Number Generation," Preproc. 1997 Symp. Cryptography and Information Security, Tan./Feb. 1997.
8. E. Biham and A. Shamir, "Differential Fault Analysis of Secret Key Cryptosystems," Proc. Advances in Cryptology - CRYPTO '97, pp. 513-525, 1997.
9. A. Shamir, "How to Check Modular Exponentiation," Presented at the rump session of EUROCRYPT '97, May 1997
10. D.P. Maher, "Fault Induction Attacks, Tamper Resistance, and Hostile Reverse Engineering in Perspective," Proc. Financial Cryptography, pp. 109-121, 1997.
11. B.S. Kaliski Jr. and M.J.B. Robshaw, "Comments on Some New Attacks on Cryptographic Devices," RSA Laboratories Bulletin, no. 5, Redwood City, Calif., July 1997.
12. Bellcore Press Release, "New Threat Model Breaks Crypto Codes," Sept. 1996.
13. R. Anderson and M. Kuhn, "Low Cost Attacks on Tamper Resistant Devices," Proc. Security Protocols, pp. 125-136, 1998.
14. P. Gutmann, "Secure Deletion of Data from Magnetic and Solid-State Memory," Proc. Sixth USENIX Security Symp., pp. 77-89, 1996.
15. O. Kocar, "Hardwaresicherheit von Mikrochips in Chipkarten," Datenschutz und Datensicherheit, vol. 20, no. 7, pp. 421-424, July 1996.
16. I. Peterson, "Chinks in Digital Armor - Exploiting Faults to Break Smart-Card Cryptosystems," Science News, vol. 151, no. 5, pp. 78-79, Feb. 1997.
17. A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, chapter 14. New York: CRC Press, 1997.
18. G.R. Blakley, "A Computer Algorithm for the Product AB Modulo M," IEEE Trans. Computers, vol. 32, no. 5, pp. 497-500, May 1983.
19. K.R. Sloan Jr., "Comments on 'A Computer Algorithm for the Product AB Modulo M," IEEE Trans. Computers, vol. 34, no. 3, pp. 290-292, Mar. 1985.
20. C.K. Koç, "RSA Hardware Implementation," Technical Report TR 801, RSA Laboratories, Redwood City, Calif., Apr. 1996.
21. D. Coppersmith, "Finding a Small Root of a Univariate Modular Equation," Proc. Advances in Cryptology - EUROCRYPT '96, pp. 155-165, 1996.
22. D. Boneh, G. Durfee, and Y. Frankel, "An Attack on RSA Given a Small Fraction of the Private Key Bits," Proc. Advances in Cryptology - ASMCRYPT '98, pp. 25-34, 1998.
23. NBS FIPS PUB, "Data Encryption Standard," Nat'l Bureau of Standards, US Dept. of Commerce, Jan. 1977.