Countermeasures for hardware fault attack in multi-prime RSA cryptosystems

International Journal of Network Security

Volumn 6, Issue 2, 2008, Pages 190-200

  Abid, Zine Eddine ^a   Wang, Wei ^b  

^a UNIVERSITY OF WESTERN ONTARIO   (Canada)

^b INDIANA UNIVERSITY   (United States)

Author keywords

Chinese remainder theorem; Countermeasure; FPGA; Hardware fault attack; Immunity; RSA cryptosys tem

Indexed keywords

CHINESE REMAINDER THEOREM; COUNTERMEASURE; HARDWARE FAULTS; IMMUNITY; RSA CRYPTOSYS-TEM;

CRYPTOGRAPHY; FIELD PROGRAMMABLE GATE ARRAYS (FPGA); SMART CARDS;

HARDWARE;

EID: 84874975376     PISSN: 1816353X     EISSN: 18163548     Source Type: Journal    
DOI: None     Document Type: Article

References (35)

1. R. J. Anderson and M. G. Kuhn, "Tamper resistance-a cautionary note," in The 2nd USENIX Workshop on Electronic Commerce, pp. 1-11, 1996.
2. R. J. Anderson and M. G. Kuhn, "Low cost attacks on tamper resistant devices," in Proceedings of the 5th International Workshop on Security Protocols, pp. 125-136, 1997.
3. C. Aum̈uller, P. Bier, W. Fischer, P. Hofreiter, and J.-P. Seifert, "Fault attacks on RSA with CRT: Concrete results and practical countermeasures," in the 4th International Workshop on Cryptographic Hard-ware and Embedded Systems, pp. 260-275, 2002.
4. J. C. Bajard and l. Imbert, "A full RNS implementation of RSA," IEEE Transactions on Computers, vol. 53, no. 6, pp. 769-774, Jun. 2004.
5. J. Blomer, M. Otto, J. P. Seifert, "A new CRT-RSA algorithm secure against bellcore attacks," in 10th ACM conference on Computer and Communications Security, pp. 311-320, 2003.
6. D. Boneh, R. A. DeMillo, and R. J. Lipton, "On the importance of checking cryptographic protocols for fault," in Eurocrypt'97, LNCS 1233, pp. 37-51, Springer-Verlag, 1997.
7. M. Ciet, M. Neve, E. Peeters, and J. J. Quisquater, "Parallel FPGA implementation of RSA with residue number systems - can side-channel threats be avoided?," in Proceedings of the 46th IEEE Midwest Symposium on Circuits and Systems, Dec. 2003.
8. H. B.-El, H. Choukri, D. Naccache, M. Tunstall, and C. Whelan, "The sorcerer's apprentice guide to fault attacks," in Workshop on Fault Detection and Tol-erance in Cryptography, pp. 370-383, June 2004.
9. E. English and S. Hamilton, "Network security under siege: The timing attack," IEEE Transaction Com-puter, vol. 29, pp. 95-97, 1996.
10. J. Grossschadl, "The chinese remainder theorem and its application in a high-speed RSA crypto chip," in The 16th Annual Conference on Computer Security Applications, pp. 384-393, Dec. 2000.
11. M. K. Hani, T. S. Lin, and S. H. Nasir, "FPGA implementation of RSA public-key cryptographic coprocessor," in Proceedings on TENCON'00, vol. 3, pp. 6-11, Sep. 2000.
12. M. Joye, A. K. Lenstra, and J.-J. Quisquater, "Chinese remaindering based cryptosystems in the presence of faults," Journal of Cryptology, vol. 12, no. 4, pp. 241-245, 1999.
13. P. Kocher, "Timing attacks on implementations of Die-Hellman, RSA, DSS, and other systems," in Pro-ceedings of Crypto'96, pp. 104-113, Springer-Verlag, 1996.
14. P. Kocher, J. Jaffe, and B. Jun, "Differential power analysis," in Proceedings of Crypto'99, pp. 388-397, Aug. 1999.
15. C. K. Koc, High-speed RSA Implementations, Technical notes TR 201, RSA Security Inc., Nov. 1994.
16. C. K. Koc, RSA hardware implementation, Technical notes TR 801, RSA Security Inc., Aug. 1995.
17. P. Kornerup, "A systolic, linear-array multiplier for a class of right-shift algorithms," IEEE Transactions on Computer Arithmetic, vol. 43, pp. 892-898, Aug. 1994.
18. Krishnamurthy, Y. Tang, C. Xu, and Y. Wang, "An efficient implementation of multi-prime RSA on DSP processor," in IEEE International Conference on Acoustics, Speech, & Signal Processing, vol. 2, pp. 413-416, Apr. 2003.
19. A. K. Lenstra, "Memo on RSA signature generation in the presence of faults," pp. 1-4, Sep. 1996.
20. T. S. Messerges, Power Analysis Attack Countermea-sures and their Weaknesses, Security Technology Research Laboratory, 2000.
21. P. L. Montgomery, "Modular multiplication without trial division," Mathematics of Computation, vol. 44, pp. 519-521, 1985.
22. R. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems," Communications of the ACM, vol. 21, pp. 120-126, Feb. 1978.
23. RSA Laboratories, PKCS #1 v2.0 Amend-ment 1: Multi-Prime RSA, Jul. 2000. (ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-0a1.pdf)
24. W. Schindler, "A timing attack against RSA with the chinese remainder theorem," in Proceedings of Cryptographic Hardware and Embedded Systems, pp. 109-124, 2000.
25. A. Shamir, "How to check modular exponentiation," in Proceedings of Eurocrypt'97, pp. 123, May 1997.
26. C. Su, S. Hwang, P. Chen, and C. Wu, "An improved montgomery's algorithm for high-speed RSA public-key cryptosystem," IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 7, pp 280-284, June 1999.
27. D. Wagner, "Cryptanalysis of a provably secure CRT-RSA algorithm," in Proceedings of the 11th ACM conference on Computer and communications security, pp. 92-97, 2004.
28. C. H. Wu, J. H. Hong, and C. W. Wu, "RSA cryptosystem design based on the chinese remainder theorem," in Proceedings of the ASP-DAC'01, pp. 391-95, 2001.
29. S. M. Yen and M. Joye, "Checking before output may not be enough against fault-based cryptanalysis," IEEE Transactions on Computers, vol.49, no. 9, pp. 967-970, Sep. 2000.
30. S. M. Yen and D. Kim, "Cryptanalysis of two protocols for RSA with CRT based on fault infection," in Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 381-385, June 2004.
31. S. M. Yen, S. Kim, S. Lim, and S. J. Moon, "A countermeasure against one physical cryptanalysis may benefit another attack," in Proceedings of the 4th In-ternational Conference Seoul on Information Secu-rity and Cryptology, pp. 414-427, Dec. 2001.
32. S. M. Yen, S. Kim, S. Lim, and S. J. Moon, "RSA speedup with residue number system immune against hardware fault cryptanalysis," in Proceedings of the 4th International Conference Seoul on Information Security and Cryptology, pp. 397-413, Dec. 2001.
33. S. M. Yen, S. Kim, S. Lim, and S. J. Moon, "RSA Speedup with chinese remainder theorem immune against hardware fault cryptanalysis," IEEE Trans-actions on computers, vol. 52, pp. 461-472, Apr. 2003.
34. S. M. Yen, S. J. Moon, and J. C. Ha, "Hardware fault attack on RSA with CRT Revisited," in Proceedings of the ICISC'02, LNCS 2587, pp. 374-388, Springer-Verlag, 2003.
35. S. M. Yen, S. J. Moon, and J. C. Ha, "Permanent fault attack on RSA with CRT," in Proceedings of the ACISP'03, LNCS 2727, pp. 285-296, Springer-Verlag, 2003.