Fault attacks for CRT based RSA: new attacks, new results, and new countermeasures

(2007) Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems. First IFIP TC6/WG8.8/WG 11.2 International Workshop, WISTP 2007. Proceedings — Location: Crete, Greece (9.May.2007)

Files

No attached file found for this publication.

Details

Authors
Abstract
Nowadays RSA using Chinese remainder theorem (CRT) is widely used in practical applications. However there is a very powerful attack against it with a fault injection during one of its exponentiations. Many countermeasures were proposed but almost all of them are proven to be insecure. In 2005, two new countermeasures were proposed. However they still have a weakness. The final signature is stored in a memory after CRT combination and there is an error-check routine just after CRT combination. Therefore, if an attacker can do a double-fault attack that gives the first fault during one of the exponentiation and the other to skip the error-checking routine, then he can succeed in breaking RSA. In this paper, we show this can be done with the concrete result employing a glitch attack and propose a simple and almost cost-free method to defeat it.
Affiliations

Citations

Chong Hee Kim, & Quisquater, J.-J. (2007). Fault attacks for CRT based RSA: new attacks, new results, and new countermeasures. In Sauveron, D.; Markantonakis, K.; Bilas, A.; Quisquater, J.-J.; (ed.), Information Security Theory and Practices. Smart Cards, Mobile andUbiquitous Computing Systems. First IFIP TC6/WG8.8/WG 11.2International Workshop, WISTP 2007. Proceedings (Lecture Notes inComputer Science Vol.4462) (p. p. 215-228). Springer. https://hdl.handle.net/2078.5/229047