Browse > Article
http://dx.doi.org/10.13089/JKIISC.2009.19.3.51

Experimental Analysis of Optical Fault Injection Attack for CRT-RSA Cryptosystem  

Park, Jea-Hoon (Kyungpook National University)
Moon, Sang-Jae (Kyungpook National University)
Ha, Jae-Cheol (Hoseo University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.19, no.3, 2009 , pp. 51-59 More about this Journal
Abstract
The CRT-RSA cryptosystem is very vulnerable to fault insertion attacks in which an attacker can extract the secret prime factors p, q of modulus N by inserting an error during the computational operation on the cryptographic chip. In this paper, after implementing the CRT-RSA cryptosystem, we try to extract the secret key embedded in commercial microcontroller using optical injection tools such as laser beam or camera flash. As a result, we make sure that the commercial microcontroller is very vulnerable to fault insertion attacks using laser beam and camera flash, and can apply the prime factorization attack on CRT-RSA Cryptosystem.
Keywords
CRT-RSA; Fault Analysis Attack; Optical Fault Injection; Side-channel Attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. Blomer, M. Otto, and J. Seifert, "A new CRT RSA algorithm secure against Bellcore attacks," Proceedings of the 10th ACM conference on Computer and communications security, pp. 311-320, Oct. 2003   DOI
2 D. Wagner, "Cryptanalysis of a provably secure CRT-RSA algorithm," Proceedings of the 11th ACM conference on Computer and communications security, pp. 92-97, Oct. 2004   DOI
3 S. Skorobogatov and R. Anderson, "Optical Fault Injection Attack," Workshop on Cryptographic Hardware and Embedded Systems-CHES'02, LNCS 2523, pp. 2-12, 2002
4 New Wave, http://www.new-wave.com/1nwrProducts/EZLaze3.htm
5 C. Couvreur and J. Quisquater, "Fast decipherment algorithm for RSA public-key cryptosystem," Institution of Engineering and Technology IET, Electronics Letters, vol. 18, no. 21, pp. 905-907, Oct. 1982   DOI   ScienceOn
6 S. Yen, S. Kim, S. Lim, and S. Moon, "RSA speedup with residue number system immune against hardware fault cryptanalysis," International Conference on Information Security and CryptologyICISC'OJ, LNCS 2288, pp. 397-413, 2001
7 C. Kim and J. Quisquater, "Fault Attacks for CRT Based RSA: New Attacks, New Results, and New Countermeasures," Workshop in Information Security Theory and Practice-WISTP'07, LNCS 4462, pp. 215-228, 2007   DOI
8 S. Yen, D. Kim, and S. Moon, "Cryptanalysis of two protocols for RSA with CRT based on fault infection," Workshop on Fault Diagnosis and Tolerance-FDTC'06, LNCS 4236, pp. 53-61. 2006   DOI   ScienceOn
9 S. Yen, S. Moon, and J. Ha, "Permanent fault attack on the parameters of RSA with CRT," Australasian Conference on Information Security and Privacy-ACISP'03, LNCS 2727, pp. 285-296, 2003   DOI
10 M. Schmidt and M. Hutter, "Optical and EM Fault-Attacks on CRT-based RSA: Concrete Results," Proceedings of the 15th Austrian Workshop on Microelectronics, pp. 61-67, Oct. 2007
11 T. Messerges, E. Dabbish, and R. Sloan, "Power Analysis Attacks of Modular Exponentiation in Smartcards," Workshop on Cryptographic Hardware and Embedded Systems-CHES'99, LNCS 1717, pp. 144-157, 1999   DOI
12 C. Aumiiller, P. Bier, W. Fischer, P. Hofreiter, and J. Seifert, "Fault attacks on RSA with CRT: concrete results and practical countermeasures," Workshop on Cryptographic Hardware and Embedded Systems-CHES'02, LNCS 2523, pp. 260-275, 2002
13 LeCroy, http://www.lecroy.com/tm/prod ucts/ scopes/waverunner2/brochure/page10.asp
14 D. Boneh, R. DeMillo, and R. Lipton, "One the importance of checking cryptographic protocols for faults," Eurocrypt ConferenceEUROCRYPT' 97, LNCS 1233, pp. 37-51, 1997
15 D. Boneh, R. DeMillo, and R. Lipton, "New Threat Model Breaks Crypto Codes," Bellcore Press Release, Sep. 1996
16 A. Lenstra, "Memo on RSA Signature Generation in the Presence of Faults," private communication(available from the author), Sep. 1996
17 C. Giraud, "Fault resistant RSA implementation," Workshop on Fault Diagnosis and Tolerance-FDTC'05, LNCS 2779, pp. 142-151. 2005
18 F. Fumaroli and D. Vigilant, "Blinded fault resistant exponentiation," Workshop on Fault Diagnosis and Tolerance-FDTC'06, LNCS 4236, pp. 62-70, 2006   DOI
19 C. Kim and J. Quisquater, "How can we overcome both side channel analysis and fault attacks on RSA-CRT," Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 21-29, Sep. 2007   DOI
20 Atmel, http://www.atmel.com/dyn/products/product_card.asp?part_id=2018
21 M. Joye, A. Lenstra, and J. Quisquater, "Chinese remaindering based cryptosystems in the presence of faults," Journal of Cryptology, vol. 12, no. 4, pp. 241-245, Dec. 1999   DOI