Skip to main content
SpringerLink
Log in

Attacking Randomized Exponentiations Using Unsupervised Learning

  • Conference paper
  • First Online:
Constructive Side-Channel Analysis and Secure Design (COSADE 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8622))

Abstract

Countermeasures to defeat most of side-channel attacks on exponentiations are based on randomization of processed data. The exponent and the message blinding are particular techniques to thwart simple, collisions, differential and correlation analyses. Attacks based on a single (trace) execution of exponentiations, like horizontal correlation analysis and profiled template attacks, have shown to be efficient against most of popular countermeasures. In this paper we show how an unsupervised learning can explore the remaining leakages caused by conditional control tests and memory addressing in a RNS-based implementation of the RSA. The device under attack is protected with the exponent blinding and the leak resistant arithmetic. The developed attack combines the leakage of several samples over the segments of the exponentiation in order to recover the entire exponent. We demonstrate how to find the points of interest using trace pre-processing and clustering algorithms. This attack can recover the exponent using a single trace.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Their setting simulates the use of 9 probes uniformly positioned over the chip under attack.

References

  1. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  2. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  3. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 388. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  4. Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  5. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Fouque, P.-A., Valette, F.: The doubling attack – why upwards is better than downwards. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269–280. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243–264 (1987)

    Article  MATH  Google Scholar 

  8. Joye, M., Yen, S.-M.: The Montgomery powering ladder. In: Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Bajard, J.-C., Imbert, L., Liardet, P.-Y., Teglia, Y.: Leak resistant arithmetic. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 62–75. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Bajard, J.-C., Didier, L.-S., Kornerup, P.: An RNS Montgomery modular multiplication algorithm. IEEE Trans. Comput. 47(7), 766–776 (1998)

    Article  MathSciNet  Google Scholar 

  11. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Herbst, C., Medwed, M.: Using templates to attack masked Montgomery ladder implementations of modular exponentiation. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 1–13. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  13. Hanley, N., Tunstall, M., Marnane, W.P.: Using templates to distinguish multiplications from squaring operations. IJIS 10(4), 255–266 (2011)

    Article  Google Scholar 

  14. Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Clavier, C., Feix, B., Gagnerot, G., Giraud, C., Roussellet, M., Verneuil, V.: ROSETTA for single trace analysis. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 140–155. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal and vertical side-channel attacks against secure RSA implementations. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 1–17. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  17. Bauer, A., Jaulmes, É.: Correlation analysis against protected SFM implementations of RSA. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 98–115. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  18. Heyszl, J., Ibing, A., Mangard, S., Santis, F., Sigl, G.: Clustering algorithms for non-profiled single-execution attacks on exponentiations. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, pp. 79–93. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  19. Bauer, S.: Attacking exponent blinding in RSA without CRT. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 82–88. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  20. Itoh, K., Izu, T., Takenaka, M.: Address-bit differential power analysis of cryptographic schemes OK-ECDH and OK-ECDSA. In: Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 129–143. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  21. Walter, C.D.: Sliding windows succumbs to Big Mac attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 286. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  22. Dyrkolbotn, G.O., Snekkenes, E.: Modified template attack detecting address bus signals of equal hamming weight. In: The Norwegian Information Security Conference (NISK), pp. 43–56 (2009)

    Google Scholar 

  23. Chevallier-Mames, B., Ciet, M., Joye, M.: Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity. IEEE Trans. Comput. 51(6), 760–768 (2004)

    Article  Google Scholar 

  24. Guillermin, N.: A coprocessor for secure and high speed modular arithmetic, Cryptology ePrint Archive, report 2011/354 (2011). http://eprint.iacr.org/

  25. Perin, G., Imbert, L., Torres, L., Maurine, P.: Electromagnetic analysis on RSA algorithm based on RNS. In: Proceedings of 16th Euromicro Conference on Digital System Design (DSD), pp. 345–352. IEEE, September 2013

    Google Scholar 

  26. Lopez, L., Dahab, R.: Fast multiplication on elliptic curves over \(GF(2^{m})\) without precomputation. In: Koç, Ç.K., Paar, C. (eds.) CHES’99. LNCS, vol. 1717, pp. 316–327. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  27. Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to Elliptic Curve Cryptography, Springer Professional Computing (2004)

    Google Scholar 

  28. Duda, R.O., Hart, P.E., Stork, D.G.: Pattern Classification, 2nd edn. Wiley, Boston (2001)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LIRMM/UM2, 161, Rue Ada, 34095, Montpellier, France

    Guilherme Perin, Laurent Imbert, Lionel Torres & Philippe Maurine

  2. CEA-TECH LSAS Laboratory, 880 Avenue de Mimet, 13541, Gardanne, France

    Philippe Maurine

Authors
  1. Guilherme Perin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Laurent Imbert
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lionel Torres
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Philippe Maurine
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Guilherme Perin or Laurent Imbert .

Editor information

Editors and Affiliations

  1. FNISA, Paris, France

    Emmanuel Prouff

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Perin, G., Imbert, L., Torres, L., Maurine, P. (2014). Attacking Randomized Exponentiations Using Unsupervised Learning. In: Prouff, E. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2014. Lecture Notes in Computer Science(), vol 8622. Springer, Cham. https://doi.org/10.1007/978-3-319-10175-0_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-10175-0_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-10174-3

  • Online ISBN: 978-3-319-10175-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation