Attacking Randomized Exponentiations Using Unsupervised Learning
Countermeasures to defeat most of side-channel attacks on exponentiations are based on randomization of processed data. The exponent and the message blinding are particular techniques to thwart simple, collisions, differential and correlation analyses. Attacks based on a single (trace) execution of exponentiations, like horizontal correlation analysis and profiled template attacks, have shown to be efficient against most of popular countermeasures. In this paper we show how an unsupervised learning can explore the remaining leakages caused by conditional control tests and memory addressing in a RNS-based implementation of the RSA. The device under attack is protected with the exponent blinding and the leak resistant arithmetic. The developed attack combines the leakage of several samples over the segments of the exponentiation in order to recover the entire exponent. We demonstrate how to find the points of interest using trace pre-processing and clustering algorithms. This attack can recover the exponent using a single trace.
KeywordsRSA Randomized exponentiation Electromagnetic analysis Unsupervised learning Clustering algorithms Single-execution attacks
- 2.Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
- 22.Dyrkolbotn, G.O., Snekkenes, E.: Modified template attack detecting address bus signals of equal hamming weight. In: The Norwegian Information Security Conference (NISK), pp. 43–56 (2009)Google Scholar
- 24.Guillermin, N.: A coprocessor for secure and high speed modular arithmetic, Cryptology ePrint Archive, report 2011/354 (2011). http://eprint.iacr.org/
- 25.Perin, G., Imbert, L., Torres, L., Maurine, P.: Electromagnetic analysis on RSA algorithm based on RNS. In: Proceedings of 16th Euromicro Conference on Digital System Design (DSD), pp. 345–352. IEEE, September 2013Google Scholar
- 27.Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to Elliptic Curve Cryptography, Springer Professional Computing (2004)Google Scholar