Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.5.985

Security Evaluation Against Collision-based Power Analysis on RSA Algorithm Adopted Exponent Splitting Method  

Ha, Jaecheol (Hoseo University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.5, 2015 , pp. 985-991 More about this Journal
Abstract
The user's secret key can be retrieved by various side channel leakage informations occurred during the execution of cryptographic RSA exponentiation algorithm which is embedded on a security device. The collision-based power analysis attack known as a serious side channel threat can be accomplished by finding some collision pairs on a RSA power consumption trace. Recently, an RSA exponentiation algorithm was proposed as a countermeasure which is based on the window method adopted combination of message blinding and exponent splitting. In this paper, we show that this countermeasure provides approximately $2^{53}$ attack complexity, much lower than $2^{98}$ insisted in the original article, when the window size is two.
Keywords
Embedded Secure Module; Exponentiation Algorithm; Collision-based Power Analysis; Exponent Splitting; Efficiency-Security Evaluation;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 P. Kocher, "Timing Attacks on Implementation of Diffie-Hellman, RSA, DSS, and Other Systems," CRYPTO'96, LNCS 1109, pp. 104-113, 1996.
2 P. Kocher, J. Jae, and B. Jun, "Differential power analysis," CRYPTO'99, LNCS 1666, pp. 388-397, 1999.
3 J. Coron, "Resistance against differential power analysis for elliptic curve cryptosystems," CHES'99, LNCS 1717, pp. 292-302, 1999.
4 T. Messerges, E. Dabbis, and R. Sloan, "Power analysis attacks of modular exponentiation in smartcard," CHES'99, LNCS 1717, pp. 144-157, 1999.
5 P. Fouque and F. Valette, "The doubling attack- why upwards is better than downwards," CHES'03, LNCS 2779, pp. 269-280, 2003.
6 M. Witteman, J. Woudenberg, and F. Menarini, "Defeating RSA Multiply-Always and Message Blinding Countermeasures," CT- RSA'11, LNCS 6558, pp. 77-88, 2011.
7 B. Sim, Y. Won and D. Han, "Study for improving attack complexity against RSA collision analysis," Journal of The Korea Institute of Information Security & Cryptology(JKIISC), Vol. 25, No. 2, pp. 261-270, 2015.   DOI
8 H. Kim, D. Han, S. Hong, J. Ha, "Message blinding method requiring on multiplicative inversion for RSA," ACM Trans. on Embedded Computing Systems, Vol. 9, No. 4, article 39, Mar. 2011.
9 R. Rivest, A Shamir, and L, Adelman, "A method for obtaining digital signature and public-key cryptosystems," Comm. of the ACM 21, pp. 120-126, 1978.   DOI
10 C. Clavier and M. Joye, "Universal exponentiation algorithm - A first step towards provable SPA-Resistance," CHES'01, LNCS 2162, pp.300-308, 2001
11 J. Solinas, "Low-weight binary representations for pairs of integers," Technical report CORR 2001-41, CACR, University of Waterloo, 2001.
12 H. Kim, Y, Baek, S. Kim, and D. Won, "Power attack against an exponent blinding method," Proceedings of Conference on Information Security and Cryptology-Summer(CISC-S'06), Vol. 16, No. 1, pp. 164-168, 2006.