RSA speedup with Chinese remainder theorem immune against hardware fault cryptanalysis

IEEE Transactions on Computers

Volumn 52, Issue 4, 2003, Pages 461-472

  Yen, Sung Ming ^a   Kim, Seungjoo ^b   Lim, Seongan ^b   Moon, Sang Jae ^c  

^a NATIONAL CENTRAL UNIVERSITY   (Taiwan)

^b Korea Internet and Security Agency   (South Korea)

^c Kyungpook National University   (South Korea)

Author keywords

Chinese remainder theorem (CRT); Cryptography; Denial of service attack; Factorization; Fault detection; Fault infective CRT; Fault tolerance; Hardware fault cryptanalysis; Physical cryptanalysis; Residue number system; Side channel attack

Indexed keywords

ALGORITHMS; COMPUTER HARDWARE; ERROR DETECTION; FAULT TOLERANT COMPUTER SYSTEMS; NETWORK PROTOCOLS; NUMBER THEORY; PROBABILITY; SECURITY OF DATA; THEOREM PROVING;

CHINESE REMAINDER THEOREM; DENIAL OF SERVICE ATTACK; FACTORIZATION; FAULT DETECTION; HARDWARE FAULT CRYPTANALYSIS; RESIDUE NUMBER SYSTEM; SIDE CHANNEL ATTACK;

PUBLIC KEY CRYPTOGRAPHY;

EID: 0038374937     PISSN: 00189340     EISSN: None     Source Type: Journal    
DOI: 10.1109/TC.2003.1190587     Document Type: Article

References (28)

1. R.L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystem," Comm. ACM, vol. 21, no. 2, pp. 120-126, 1978.
2. T. ElGamal, "A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Trans. Information Theory, vol. 31, no. 4, pp. 469-472, 1985.
3. R. Anderson and M. Kuhn, "Tamper Resistance-A Cautionary Note," Proc. Second USENIX Workshop Electronic Commerce, pp. 1-11, 1996.
4. R. Anderson and M. Kuhn, "Low Cost Attacks on Tamper Resistant Devices," Pre-proc. 1997 Security Protocols Workshop, Apr. 1997.
5. Bellcore Press Release, "New Threat Model Breaks Crypto Codes," Sept. 1996, http://www.bellcore.com/PRESS/ADVSRY96/facts.html.
6. D. Boneh, R.A. DeMillo, and R.J. Lipton, "On the Importance of Checking Cryptographic Protocols for Faults," Advances in Cryptology-EUROCRYPT '97, pp. 37-51, 1997.
7. F. Bao, R.H. Deng, Y. Han, A. Jeng, A.D. Narasimbalu, and T. Ngair, "Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults," Pre-proc. 1997 Security Protocols Workshop, 1997.
8. Y. Zheng and T. Matsumoto, "Breaking Real-World Implementations of Cryptosystems by Manipulating their Random Number Generation," Pre-proc. 1997 Symp. Cryptography and Information Security, 29 Jan.-1 Feb. 1997. An earlier version was presented at the rump session of ASIACRYPT '96.
9. I. Peterson, "Chinks in Digital Armor - Exploiting Faults to Break Smart-Card Cryptosystems," Science News, vol. 151, no. 5, pp. 78-79, 1997.
10. M. Joye, J.-J. Quisquater, F. Bao, and R.H. Deng, "RSA-Type Signatures in the Presence of Transient Faults," Cryptography and Coding, pp. 155-160, Springer-Verlag, 1997.
11. D.P. Maher, "Fault Induction Attacks, Tamper Resistance, and Hostile Reverse Engineering in Perspective," Financial Cryptography, pp. 109-121, Berlin: Springer-Verlag, 1997.
12. E. Biham and A. Shamir, "Differential Fault Analysis of Secret Key Cryptosystems," Advances in Cryptology-CRYPTO '97, pp. 513-525, 1997.
13. M. Joye, A.K. Lenstra, and J.-J. Quisquarter, "Chinese Remaindering Based Cryptosystems in the Presence of Faults," J. Cryptology, vol. 12, no. 4, pp. 241-245, 1999.
14. M. Joye, F. Kouene, and J.-J. Quisquater, "Further Results on Chinese Remaindering," Technical Report CG-1997/1, UCL Crypto Group, Louvain-la-Neuve, Mar. 1997.
15. A. Shamir, "How to Check Modular Exponentiation," presented at the rump session of EUROCRYPT '97, May 1997.
16. A. Shamir, "Method and Apparatus for Protecting Public Key Schemes from Timing and Fault Attacks," US Patent 5991415, 23 Nov. 1999.
17. S.M. Yen and M. Joye, "Checking before Output May Not Be Enough against Fault-Based Cryptanalysis," IEEE Trans. Computers, vol. 49, no. 9, pp. 967-970, Sept. 2000.
18. P.J. Smith and M.J.J. Lennon, "LUC: A New Public Key System," Proc. Ninth IFIP Symp. Computer Security, pp. 103-117, 1993.
19. A.J. Menezes, Elliptic Curve Public Key Cryptosystems. Kluwer Academic, 1993.
20. J.-J. Quisquarter and C. Couvreur, "Fast Decipherment Algorithm for RSA Public-Key Cryptosystem," Electronics Letters, vol. 18, no. 21, pp. 905-907, 1982.
21. A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography. CRC Press, 1997.
22. P. Kocher, "Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems," Advances in Cryptology-CRYPTO '96, pp. 104-113, 1996.
23. B.S. Kaliski Jr. and M.J.B. Robshaw, "Comments on Some New Attacks on Cryptographic Devices," RSA Laboratories Bulletin, no. 5, July 1997.
24. W. Schindler, "A Timing Attack against RSA with the Chinese Remainder Theorem," Proc. Cryptographic Hardware and Embedded Systems-CHES 2000, pp. 109-124, 2000.
25. C.D. Walter, "Montgomery's Exponentiation Needs No Final Subtractions," Electronics Letters, vol. 35, no. 21, pp. 1831-1832, 1999.
26. C. Hachez and J.-J. Quisquater, "Montgomery Exponentiation with No Final Subtractions: Improved Results," Proc. Cryptographic Hardware and Embedded Systems-CHES 2000, pp. 293-301, 2000.
27. M. Joye, J.-J. Quisquater, S.M. Yen, and M. Yung, "Observability Analysis: Detecting When Improved Cryptosystems Fail," Topics in Cryptology-CT-RSA 2002, pp. 17-29, 2002.
28. Ç.K. Koç, "RSA Hardware Implementation," Technical Report TR 801, RSA Laboratories, Redwood City, Calif., Apr. 1996.