Advertisement

SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation

  • Roman Novak
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2274)

Abstract

We describe an adaptive chosen-ciphertext attack on a smart card implementation of the RSA decryption algorithm in the presence of side-channel information leakage. We studied the information leakage through power consumption variation. Simple power analysis (SPA) of the smart card that is widely used for secure Internet banking, Web access and remote access to corporate networks, revealed macro characteristics caused by improper implementation of Chinese remaindering. The findings can be used to eventually improve future implementations of fast RSA decryption.

Keywords

Smart Card Information Leakage Chinese Remainder Theorem Modular Representation Modular Exponentiation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Anderson, R., Kuhn, M.G.: Tamper Resistance-a Cautionary Note. Proceedings of the Second USENIX Workshop on Electronic Commerce, Oakland, California, November 18–21, USENIX Association (1996) 1–11Google Scholar
  2. 2.
    Kömmerling, O., Kuhn, M.G.: Design Principles for Tamper-Resistant Smartcard Processors. Proceedings of the USENIX Workshop on Smartcard Technology-Smartcard’99, Chicago, Illinois, May 10–11, USENIX Association (1999) 9–20Google Scholar
  3. 3.
    Rivest, R.L., Shamir, A., Adleman L.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21(2) (1978) 120–126zbMATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski, B.S. (ed.): Advances in Cryptology-Crypto’97. Lecture Notes in Computer Science, Vol. 1294. Springer-Verlag, Berlin Heidelberg New York (1997) 513–525CrossRefGoogle Scholar
  5. 5.
    Bao, F., et al.: Breaking Public Key Cryptosystems in the Presence of Transient Faults. In: Christianson, B., et al. (eds.): Security Protocols. Lecture Notes in Computer Science, Vol. 1361. Springer-Verlag, Berlin Heidelberg New York (1997) 115–124CrossRefGoogle Scholar
  6. 6.
    Kocher, P.: Timing Attacks on Implementation of Diffie-Hellman, RSA, DSS and Other Systems. In: Koblitz, N. (ed.): Advances in Cryptology-Crypto’96. Lecture Notes in Computer Science, Vol. 1109. Springer-Verlag, Berlin Heidelberg New York (1996) 104–113Google Scholar
  7. 7.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Investigation of Power Analysis Attacks on Smartcards. Proceedings of the USENIX Workshop on Smartcard Technology-Smartcard’99, Chicago, Illinois, May 10–11, USENIX Association (1999) 151–161Google Scholar
  8. 8.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.): Advances in Cryptology-Crypto’99. Lecture Notes in Computer Science, Vol. 1666. Springer-Verlag, Berlin Heidelberg New York (1999) 388–397CrossRefGoogle Scholar
  9. 9.
    Fahn, P.N., Pearson, P.K.: IPA: A New Class of Power Attacks. In: Koc, C.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems-CHES’99. Lecture Notes in Computer Science, Vol. 1717. Springer-Verlag, Berlin Heidelberg New York (1999) 173–186Google Scholar
  10. 10.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press Series on Discrete Mathematics and Its Applications (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Roman Novak
    • 1
  1. 1.Jozef Stefan InstituteLjubljanaSlovenia

Personalised recommendations