Formal analysis of CRT-RSA Vigilant's countermeasure against the BellCoRe attack: A pledge for formal methods in the field of implementation security

Proceedings of the 3rd ACM SIGPLAN Program Protection and Reverse Engineering Workshop 2014, PPREW 2014

Volumn , Issue , 2014, Pages

  Rauzy, Pablo ^a   Guilley, Sylvain ^a  

^a INSTITUT TELECOM   (France)

Author keywords

Adleman); BellCoRe (Bell communications research) attack; CRT (Chinese remainder theorem); Fault injection; Formal proof; OCaml; RSA (Rivest; Shamir

Indexed keywords

FORMAL METHODS; NETWORK SECURITY; SIDE CHANNEL ATTACK;

ADLEMAN); BELL COMMUNICATION RESEARCH ATTACK; CHINESE REMAINDER THEOREM; COMMUNICATION RESEARCH; FAULT INJECTION; FORMAL PROOFS; OCAML; RSA (RIVEST; SHAMIR;

SOFTWARE TESTING;

EID: 84893953821     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2556464.2556466     Document Type: Conference Paper

References (17)

1. [ABF+02] Christian Aumüller, Peter Bier, Wieland Fischer, Peter Hofreiter, and Jean-Pierre Seifert. Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures. In Burton S. Kaliski, Jr., Çetin Kaya Koç, and Christof Paar, editors, CHES, volume 2523 of Lecture Notes in Computer Science, pages 260-275. Springer, 2002.
2. [BDL97] Dan Boneh, Richard A. DeMillo, and Richard J. Lipton. On the Importance of Checking Cryptographic Protocols for Faults. In Proceedings of Eurocrypt'97, volume 1233 of LNCS, pages 37-51. Springer, May 11-15 1997. Konstanz, Germany. DOI: 10.1007/3- 540-69053-0 4.
3. thACM SIGPLAN- SIGACT Symposium on Principles of Programming Languages, POPL 2009, pages 90-101. ACM, 2009.
4. [CCGV13] Maria Christofi, Boutheina Chetali, Louis Goubin, and David Vigilant. Formal verification of an implementation of CRT-RSA Vigilant's algorithm. Journal of Cryptographic Engineering, 3(3), 2013. DOI: 10.1007/s13389-013-0049-3.
5. [CGM+10] Jean-Sébastien Coron, Christophe Giraud, Nicolas Morin, Gilles Piret, and David Vigilant. Fault Attacks and Countermeasures on Vigilant's RSA-CRT Algorithm. In Luca Breveglieri, Marc Joye, Israel Koren, David Naccache, and Ingrid Verbauwhede, editors, FDTC, pages 89-96. IEEE Computer Society, 2010.
6. [HMER13] Karine Heydemann, Nicolas Moro, Emmanuelle Encrenaz, and Bruno Robisson. Formal Verification of a Software Countermeasure Against Instruction Skip Attacks. Cryptology ePrint Archive, Report 2013/679, 2013. http://eprint.iacr.org/.
7. [JT11] Marc Joye and Michael Tunstall. Fault Analysis in Cryptography. Springer LNCS, March 2011. http://joye.site88.net/FAbook.html.DOI:10.1007/978-3- 642-29656-7; ISBN 978-3-642-29655-0.
8. [KJJ96] Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. Timing Attacks on Implementations of Diffe- Hellman, RSA, DSS, and Other Systems. In Proceed- ings of CRYPTO'96, volume 1109 of LNCS, pages 104-113. Springer-Verlag, 1996.
9. [Koç94] Çetin Kaya Koç. High-Speed RSA Implementation, November 1994. Version 2, ftp://ftp.rsasecurity.com/pub/pdfs/ tr201.pdf.
10. [Pai99] Pascal Paillier. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In EURO- CRYPT, volume 1592 of Lecture Notes in Computer Science, pages 223-238. Springer, May 2-6 1999. Prague, Czech Republic.
11. [RG13] Pablo Rauzy and Sylvain Guilley. A Formal Proof of Countermeasures Against Fault Injection Attacks on CRT-RSA. Cryptology ePrint Archive, Report 2013/506, 2013. http://eprint.iacr.org/.
12. [RSA78] Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Commun. ACM, 21(2):120-126, 1978.
13. [Sha99] Adi Shamir. Method and apparatus for protecting public key schemes from timing and fault attacks, November 1999. Patent Number 5, 991, 415; also presented at the rump session of EUROCRYPT '97.
14. [TW12] Mohammad Tehranipoor and Cliff Wang, editors. In- Troduction to Hardware Security and Trust. Springer, 2012. ISBN 978-1-4419-8079-3.
15. [Vig08] David Vigilant. RSA with CRT: A New Cost- E-ective Solution to Thwart Fault Attacks. In Elisabeth Oswald and Pankaj Rohatgi, editors, CHES, volume 5154 of Lecture Notes in Computer Science, pages 130-145. Springer, 2008.
16. [Vig10] David Vigilant. Countermeasure securing exponentiation based cryptography, Feb 17 2010. European patent, EP 2154604 A1.
17. [vWWM11] Jasper G. J. van Woudenberg, Marc F. Witteman, and Federico Menarini. Practical Optical Fault Injection on Secure Microcontrollers. In Luca Breveglieri, Sylvain Guilley, Israel Koren, David Naccache, and Junko Takahashi, editors, FDTC, pages 91-99. IEEE, 2011.