Skip to main content
SpringerLink
Log in

Transient Fault Induction Attacks on XTR

  • Conference paper
Information and Communications Security (ICICS 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3269))

Included in the following conference series:

Abstract

At Crypto 2000, the public-key system XTR was introduced by Lenstra and Verheul. This system uses an efficient and compact method to represent subgroup elements. Application of XTR in cryptographic protocols, such as Diffie-Hellman key agreement, El Gamal encryption or DSA signature, greatly reduces the computational cost without compromising security. XTR in the presence of a fault, i.e. when processing under unexpected conditions, has never been studied. This paper presents four different fault analyses and shows how an error during the XTR exponentiation can be exploited by a malicious adversary to recover a part or the totality of the secret parameter. Countermeasures are also presented to counteract fault attacks. They are very simple to implement and induce a negligible performance penalty in terms of both memory and time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akishita, T., Takagi, T.: Zero-value Point Attacks on Elliptic Curve Cryptosystem. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 218–233. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Anderson, R., Kuhn, M.: Tamper Resistance - a Cautionary Note. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce, pp. 1–11 (1996)

    Google Scholar 

  3. Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  4. Bao, F., Deng, R., Han, Y., Jeng, A., Narasimhalu, A.D., Ngair, T.-H.: Breaking Public Key Cryptosystems an Tamper Resistance Devices in the Presence of Transient Fault. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 115–124. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  5. Bévan, R.: Estimation statistique et sécurité des cartes à puce – Evaluation d’attaques DPA évoluées. PhD thesis, Supelec (June 2004)

    Google Scholar 

  6. Biehl, I., Meyer, B., Müller, V.: Differential Fault Analysis on Elliptic Curve Cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 131–146. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystem. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)

    Google Scholar 

  8. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Google Scholar 

  9. Gong, G., Harn, L.: Public key cryptosystems based on cubic finite field extensions. In: IEEE Transaction on Information Theory, LNCS, November 1999, Springer, Heidelberg (1999)

    Google Scholar 

  10. Goubin, L.: A Refined Power-Analysis Attack on Elliptic Curve Cryptosystem. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–210. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  11. Granger, R., Page, D., Stam, M.: A Comparison of CEILIDH and XTR. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 235–249. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  12. Joye, M., Lenstra, A.K., Quisquater, J.-J.: Chinese Remaindering Based Cryptosystems in the Presence of Faults. Journal of Cryptology 12(4), 241–246 (1999)

    Article  MATH  Google Scholar 

  13. Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  14. Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  15. Lenstra, A.K.: Memo on RSA Signature Generation in the Presence of Faults (1996) (manuscript), Available from the author at akl@Lucent.com

    Google Scholar 

  16. Lenstra, A.K., Verheul, E.R.: An overview of the XTR public key system. In: Public Key Cryptography and Computational Number Theory Conference (2000)

    Google Scholar 

  17. Lenstra, A.K., Verheul, E.R.: Key improvements to XTR. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 220–233. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  18. Lenstra, A.K., Verheul, E.R.: The XTR public key system. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 1–19. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  19. Lenstra, A.K., Verheul, E.R.: Fast irreductibility and subgroup membership testing in XTR. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 73–86. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  20. Piret, G., Quisquater, J.-J.: A Differential Fault Attack Technique Against SPN Structures, with Application to the AES and Khazad. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  21. Rubin, K., Silverberg, A.: Torus-based cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 349–365. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  22. Skorobogatov, S., Anderson, R.: Optical Fault Induction Attack. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  23. Smith, P., Skinner, C.: A public-key cryptosystem and a digital signature system based on the Lucas function analogue to discret logarithms. In: Safavi-Naini, R., Pieprzyk, J.P. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 357–364. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  24. Stam, M., Lenstra, A.K.: Speeding up XTR. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 125–143. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  25. Verheul, E.R.: Evidence that XTR Is More Secure then Supersingular Elliptic Curve Cryptosystems. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 195–210. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  26. Yen, S.-M., Joye, M.: Checking before output not be enough against faultbased cryptanalysis. IEEE Transactions on Computers 49(9), 967–970 (2000)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Innova Card, Avenue Coriandre, 13 600, La Ciotat, France

    Mathieu Ciet

  2. Oberthur Card Systems, 25, rue Auguste Blanche, 92 800, Puteaux, France

    Christophe Giraud

Authors
  1. Mathieu Ciet
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christophe Giraud
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier Lopez

  2. Chinese Academy of Sciences, Institute of Softwear, 100080, Beijing, China

    Sihan Qing

  3. Graduate School of Systems and Information Engineering, University of Tsukuba, 1-1-1 Tennodai, Tsukuba, 305-8573, Ibaraki, Japan

    Eiji Okamoto

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ciet, M., Giraud, C. (2004). Transient Fault Induction Attacks on XTR. In: Lopez, J., Qing, S., Okamoto, E. (eds) Information and Communications Security. ICICS 2004. Lecture Notes in Computer Science, vol 3269. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30191-2_34

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30191-2_34

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23563-7

  • Online ISBN: 978-3-540-30191-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation