Autosoft Journal

Online Manuscript Access


An Improved Square-always Exponentiation Resistant to Side-channel Attacks on RSA Implementation


Authors



Abstract

Many cryptographic algorithms embedded in security devices have been used to strengthen home- land defense capability and protect critical information from cyber attacks. The RSA cryptosystem with the naive implementation of an exponentiation may reveal a secret key by two types of side-channel attacks, namely passive leakage information analysis and active fault injection attacks. Recently, a square-always exponentiation algorithm in which the multiplication is traded for squarings has been proposed. This novel algorithm for RSA implementation is faster than other regularity-based countermeasures and is resistant to SPA (simple power analysis) and fault injection attacks. This paper shows that the right-to-left version of square-always exponentiation algorithm is vulnerable to several side-channel attacks, namely collision distance-based doubling, chosen-message CPA (collision power analysis), and horizontal CPA-based combined attacks. Furthermore, an improved right-to-left square-always algorithm adopting the additive message blinding method and the intermediate message update technique is proposed to defeat previous and proposed side-channel attacks. The proposed exponentiation algorithm can be employed for secure CRT-RSA (RSA based on the Chinese remainder theorem) implementation resistant to the Bellcore attack. The paper presents some experimental results for the proposed power analysis attacks using an evaluation board.


Keywords


Pages

Total Pages: 11
Pages: 353-363

DOI
10.1080/10798587.2015.1118909


Manuscript ViewPdf Subscription required to access this document

Obtain access this manuscript in one of the following ways


Already subscribed?

Need information on obtaining a subscription? Personal and institutional subscriptions are available.

Already an author? Have access via email address?


Published

Volume: 22
Issue: 3
Year: 2016

Cite this document


References

Amiel, Frederic et al. "Distinguishing Multiplications from Squaring Operations." Lecture Notes in Computer Science (2009): 346-360. Crossref. Web. https://doi.org/10.1007/978-3-642-04159-4_22

Amiel, Frederic et al. "Passive and Active Combined Attacks: Combining Fault Attacks and Side Channel Analysis." Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC 2007) (2007): n. pag. Crossref. Web. https://doi.org/10.1109/FDTC.2007.12

Aumüller C. Proc. of the 4th International Workshop on Cryptographic Hardware and Embedded Systems (CHES ‘02), LNCS https://doi.org/10.1007/3-540-36400-5_20

Blömer J. Proc. of the 10th ACM Conference on Computer and Communications Security (CCS’03)

Boneh D. Proc. of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT ‘97), LNCS 1233

Boscher A. Proc. of the International Workshop on Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems (WISTP ‘07), LNCS

Brier E. Proc. of the 6th International Workshop on Cryptographic Hardware and Embedded Systems (CHES ‘04), LNCS https://doi.org/10.1007/978-3-540-28632-5_2

Chevallier-Mames, B., M. Ciet, and M. Joye. "Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity." IEEE Transactions on Computers 53.6 (2004): 760-768. Crossref. Web. https://doi.org/10.1109/TC.2004.13

Clavier, Christophe, and Benoit Feix. "Updated Recommendations for Blinded Exponentiation Vs. Single Trace Analysis." Lecture Notes in Computer Science (2013): 80-98. Crossref. Web. https://doi.org/10.1007/978-3-642-40026-1_6

Clavier C. Proc. of the 12th International Conference on Cryptology in India (INDOCRYPT ‘11), LNCS 7107

Clavier C. Proc. of the 12th International Conference on Information and Communications Security (ICICS ’10), LNCS 6476

Coron, Jean-Sébastien. "Resistance Against Differential Power Analysis For Elliptic Curve Cryptosystems." Lecture Notes in Computer Science (1999): 292-302. Crossref. Web. https://doi.org/10.1007/3-540-48059-5_25

Courrege J. Proc. of the 9th International Conference on Smart Card Research and Advanced Application(CRDIS ‘10), LNCS 6035

Quisquater, J.-J., and C. Couvreur. "Fast Decipherment Algorithm for RSA Public-Key Cryptosystem." Electronics Letters 18.21 (1982): 905. Crossref. Web. https://doi.org/10.1049/el:19820617

Fouque P. Proc. of the 5th International Workshop on Cryptographic Hardware and Embedded Systems (CHES ‘03), LNCS https://doi.org/10.1007/978-3-540-45238-6_22

Giraud C. Proc. of the 2nd Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’05)

Ha J. Journal of Internet Services and Information Security

Joye M. Proc. of the 16th Annual International Workshop on Selected Areas in Cryptography (SAC ‘09), LNCS https://doi.org/10.1007/978-3-642-05445-7_22

Joye M. Proc. of the 4th International Workshop on Cryptographic Hardware and Embedded Systems (CHES ‘02), LNCS https://doi.org/10.1007/3-540-36400-5_22

Kim, Chong Hee, and Jean-Jacques Quisquater. "Fault Attacks for CRT Based RSA: New Attacks, New Results, and New Countermeasures." Lecture Notes in Computer Science (2007): 215-228. Crossref. Web. https://doi.org/10.1007/978-3-540-72354-7_18

Kim, Chong Hee, and Jean-Jacques Quisquater. "How Can We Overcome Both Side Channel Analysis and Fault Attacks on RSA-CRT?" Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC 2007) (2007): n. pag. Crossref. Web. https://doi.org/10.1109/FDTC.2007.11

Kocher P. Proc. of the 19th International Cryptology Conference (CRYPTO ‘99), LNCS

Lenstra A. Memo on RSA signature generation in the presence of faults

Messerges, Thomas S., Ezzy A. Dabbish, and Robert H. Sloan. "Power Analysis Attacks of Modular Exponentiation in Smartcards." Lecture Notes in Computer Science (1999): 144-157. Crossref. Web. https://doi.org/10.1007/3-540-48059-5_14

Rauzy P. Proc. of the 11th Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’14)

Rivest, R. L., A. Shamir, and L. Adleman. "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems." Communications of the ACM 21.2 (1978): 120-126. Crossref. Web. https://doi.org/10.1145/359340.359342

Shamir A. Method and apparatus for protecting public key schemes from timing and fault attack

Walter C. Proc. of the 3rd International Workshop on Cryptographic Hardware and Embedded Systems (CHES ‘01), LNCS

Witteman M. Proc. of the Cryptographers’ Track at the RSA Conference (CT-RSA ‘11), LNCS

Sung-Ming Yen, and M. Joye. "Checking before Output May Not Be Enough Against Fault-Based Cryptanalysis." IEEE Transactions on Computers 49.9 (2000): 967-970. Crossref. Web. https://doi.org/10.1109/12.869328

Yen S. Proc. of the 4th International Conference on Information Security and Cryptology (ICISC ‘01), LNCS 2288

Yen S. Proc. of the 8th International Conference on Information Security and Cryptology (ICISC’05), LNCS 3935

Yen S. Proc. of the 1st International Conference on Cryptology in Malaysia (Mycrypt ‘05), LNCS 3715

JOURNAL INFORMATION


ISSN PRINT: 1079-8587
ISSN ONLINE: 2326-005X
DOI PREFIX: 10.31209
10.1080/10798587 with T&F
IMPACT FACTOR: 0.652 (2017/2018)
Journal: 1995-Present




CONTACT INFORMATION


TSI Press
18015 Bullis Hill
San Antonio, TX 78258 USA
PH: 210 479 1022
FAX: 210 479 1048
EMAIL: tsiepress@gmail.com
WEB: http://www.wacong.org/tsi/