Skip to main content
SpringerLink
Log in

Fault Attacks Against emv Signatures

  • Conference paper
Topics in Cryptology - CT-RSA 2010 (CT-RSA 2010)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 5985))

Included in the following conference series:

Abstract

At ches 2009, Coron, Joux, Kizhvatov, Naccache and Paillier (cjknp) exhibited a fault attack against rsa signatures with partially known messages. This fault attack allows factoring the public modulus N. While the size of the unknown message part (ump) increases with the number of faulty signatures available, the complexity of cjknp’s attack increases exponentially with the number of faulty signatures.

This paper describes a simpler attack, whose complexity remains polynomial in the number of faults; consequently, the new attack can handle much larger umps. The new technique can factor N in a fraction of a second using ten faulty emv signatures – a target beyond cjknp’s reach. We also show how to apply the attack even when N is unknown, a frequent situation in real-life attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M., Rogaway, P.: The Exact security of digital signatures: How to sign with rsa and Rabin. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)

    Google Scholar 

  2. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. Journal of Cryptology 14(2), 101–119 (2001)

    Article  MATH  MathSciNet  Google Scholar 

  3. Coppersmith, D.: Small solutions to polynomial equations, and low exponent vulnerabilities. Journal of Cryptology 10(4), 233–260 (1997)

    Article  MATH  MathSciNet  Google Scholar 

  4. Coron, J.-S., Joux, A., Kizhvatov, I., Naccache, D., Paillier, P.: Fault attacks on rsa signatures with partially unknown messages. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 444–456. Springer, Heidelberg (2009), eprint.iacr.org/2009/309

    Chapter  Google Scholar 

  5. Coron, J.-S., Naccache, D., Stern, J.P.: On the security of RSA padding. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 1–18. Springer, Heidelberg (1999)

    Google Scholar 

  6. Coron, J.-S., Naccache, D., Tibouchi, M., Weinmann, R.P.: Practical cryptanalysis of iso/iec 9796-2 and emv signatures. In: Halevi, S. (ed.) Advances in Cryptology - CRYPTO 2009. LNCS, vol. 5677, pp. 428–444. Springer, Heidelberg (2009), eprint.iacr.org/2009/203

    Chapter  Google Scholar 

  7. Coron, J.-S.: Optimal security proofs for pss and other signature schemes. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 272–287. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Coron, J.-S., Joye, M., Naccache, D., Paillier, P.: Universal padding schemes for RSA. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 226–241. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  9. Herrmann, M., May, A.: Solving linear equations modulo divisors: On factoring given any bits. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 406–424. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  10. emv, Integrated circuit card specifications for payment systems, Book 2. Security and Key Management. Version 4.2 (June 2008), http://www.emvco.com

  11. emv, EMVCo type approval terminal level 2 test cases. Version 4.2a (April 2009), http://www.emvco.com

  12. iso/iec 8825-1:2002, Information technology – ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) (2002)

    Google Scholar 

  13. iso/iec 9796-2, Information technology – Security techniques – Digital signature schemes giving message recovery – Part 2: Mechanisms using a hash-funcion (1997)

    Google Scholar 

  14. iso/iec 9796-2:2002 Information technology – Security techniques – Digital signature schemes giving message recovery– Part 2: Integer factorization based mechanisms (2002)

    Google Scholar 

  15. Joye, M., Lenstra, A., Quisquater, J.-J.: Chinese remaindering cryptosystems in the presence of faults. Journal of Cryptology 21(1), 27–51 (1999)

    Google Scholar 

  16. Nguyen, P., Stern, J.: Cryptanalysis of a fast public key cryptosystem presented at sac 1997. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 213–218. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  17. Nguyen, P., Stern, J.: Merkle-Hellman revisited: a cryptanalysis of the Qu-Vanstone cryptosystem based on group factorization. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 198–212. Springer, Heidelberg (1997)

    Google Scholar 

  18. Lenstra, A., Lenstra Jr., H., Lovász, L.: Factoring polynomials with rational coefficients. In: Mathematische Annalen, vol. 261, pp. 513–534. Springer, Heidelberg (1982)

    Google Scholar 

  19. Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: rsa-oaep is secure under the rsa assumption. Journal of Cryptology 17(2), 81–104 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  20. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Communications of the acm, 120–126 (1978)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Université du Luxembourg, 6, rue Richard Coudenhove-Kalergi, l-1359 Luxembourg, Luxembourg

    Jean-Sébastien Coron

  2. Département d’informatique, Groupe de Cryptographie, École normale supérieure, 45, rue d’Ulm, f-75230, Paris Cedex 05, France

    David Naccache & Mehdi Tibouchi

Authors
  1. Jean-Sébastien Coron
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Naccache
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mehdi Tibouchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, Macquarie University, NSW 2109, Sydney, Australia

    Josef Pieprzyk

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Coron, JS., Naccache, D., Tibouchi, M. (2010). Fault Attacks Against emv Signatures. In: Pieprzyk, J. (eds) Topics in Cryptology - CT-RSA 2010. CT-RSA 2010. Lecture Notes in Computer Science, vol 5985. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11925-5_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-11925-5_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-11924-8

  • Online ISBN: 978-3-642-11925-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation