Fault Analysis Attacks on Control Statement of RSA Exponentiation Algorithm |
Gil, Kwang-Eun
(Hoseo University)
Baek, Yi-Roo (Hoseo University) Kim, Hwan-Koo (Hoseo University) Ha, Jae-Cheol (Hoseo University) |
1 | S.M. Yen, S.J. Kim, S.G. Lim, and S.J. Moon, "A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack," ICISC'01, LNCS 2288, pp. 414-427, 2002 |
2 | S.M. Yen and M. Joye, "Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis," In IEEE Transactions on Computers, vol. 49, no. 9, pp. 967-970, Sep. 2000 DOI ScienceOn |
3 | C. Kim and J.J. Quisquater, "Fault attacks for CRT based RSA : new attacks, new result and new countermeasures," WISTP'07, LNCS 4462, pp. 215-228, 2007 |
4 | J.M. Schmidt and C. Herbst, "A Practical Fault Attack on Square and Multiply," Fault Diagnosis and Tolerance in Cryptoqraphy, FDTC'08, pp. 53-58, Aug. 2008 |
5 | E. Dottax, C. Giraud, M. Rivain, and Y. Sierra, "On Second-Order Fault Analysis Resistance for CRT-RSA Implementation," Available at http://eprint.iacr.org/2009/024, June 2009 |
6 | C. Giraud, "An RSA Implementation Resistant to Fault Attacks and Simple Power Analysis," IEEE Trans on Computers, vol. 55, no. 9, pp. 1116-1120, Sep. 2006 DOI ScienceOn |
7 | D. Boneh, R.A. DeMillo, and R.J. Lipton, "On the importance of checking cryptographic protocols for faults," EUROCRYPT'97, LNCS 1233, pp. 37-51, 1997 |
8 | R. Rivest, A. Shamir, and L. Adelman, "A method for obtaining digital signature and public key cryptosystems," Comm. of ACM, vol. 21, no. 2, pp. 120-126, Feb. 1978 DOI ScienceOn |
9 | M. Joye, A.K. Lenstra, and J.J. Quisquater, "Chinese remaindering based cryptosystems in the presence of faults," Journal of Cryptology, vol. 12, no. 4, pp. 241-245, Dec. 1999 DOI |
10 | E. Biham and A. Shamir, "Differential Fault Analysis of Secret Key Cryptosystems," CRYPTO'97, LNCS 1294, pp. 513-525, 1997 |
11 | M. Joye and S.M. Yen, "The Montgomery Powering ladder," CHES'02, LNCS 2523, pp. 291–302, 2002 |
12 | N.E. Mrabet, "What About Vulnerability to a Fault Attack of the Miller's Algorithm Ducing an Identity Based Protocol?," ISA'09, LNCS 5576, pp. 122-134, 2009 |