Abstract
Seifert (ACM CCS 2005) recently described a new fault attack against an implementation of RSA signature verification. Seifert’s attack differs from the seminal work of Boneh, DeMillo and Lipton (EUROCRYPT 1997) in that it targets a public-key rather than a private-key operation. Here we give a simplified analysis of Seifert’s attack and gauge its practicality against RSA moduli of practical sizes. Our intent is to give practice-oriented work estimates rather than asymptotic results. We also suggest an improvement to Seifert’s attack which has the following consequences: If an adversary is able to cause random faults in only 4 bits of a 1024-bit RSA modulus stored in a device, then there is a greater than 50% chance that they will be able to make that device accept a signature on a message of their choice. For 2048-bit RSA, 6 bits suffice.
Chapter PDF
Similar content being viewed by others
References
Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer’s apprentice guide to fault attacks. Proceedings of the IEEE 94, 370–382 (2006)
Bellare, M., Rogaway, P.: The exact security of digital signatures: How to sign with RSA and Rabin. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)
Boneh, D., DeMillo, R., Lipton, R.: On the importance of checking cryptographic protocols for faults. Journal of Cryptology 14, 101–119 (2001)
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31, 469–472 (1985)
Huang, A.: Hacking the Xbox: An Introduction to Reverse Engineering. No Starch Press (2003)
Knuth, D., Trabb Pardo, L.: Analysis of a simple factorization algorithm. Theoretical Computer Science 3, 321–348 (1976)
Naccache, D., Nguyen, P., Tunstall, M., Whelan, C.: Experimenting with faults, lattices and the DSA. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 16–28. Springer, Heidelberg (2005)
Seifert, J.: On authenticated computing and RSA-based authentication. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005), November 2005, pp. 122–127 (2005)
Shoup, V.: NTL: A library for doing number theory (version 5.4), http://shoup.net/ntl/
Microsoft Xbox, http://www.microsoft.com/xbox/
Operation X, http://sourceforge.net/projects/opx/
RSA Challenge Numbers, http://www.rsasecurity.com/rsalabs/node.asp?id=2093
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Muir, J.A. (2006). Seifert’s RSA Fault Attack: Simplified Analysis and Generalizations. In: Ning, P., Qing, S., Li, N. (eds) Information and Communications Security. ICICS 2006. Lecture Notes in Computer Science, vol 4307. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935308_30
Download citation
DOI: https://doi.org/10.1007/11935308_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49496-6
Online ISBN: 978-3-540-49497-3
eBook Packages: Computer ScienceComputer Science (R0)