Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.2.335

Analysis and Countermeasure on RSA Algorithm Having High Attack Complexity in Collision-Based Power Analysis Attack  

Kim, Suhri (Korea University)
Kim, Taewon (Korea University)
Jo, Sungmin (Korea University)
Kim, HeeSeok (Korea Institute of Science and Technology Information)
Hong, Seokhie (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.2, 2016 , pp. 335-344 More about this Journal
Abstract
It is known that power analysis is one of the most powerful attack in side channel analysis. Among power analysis single trace attack is widely studied recently since it uses one power consumption trace to recover secret key of public cryptosystem. Recently Sim et al. proposed new exponentiation algorithm for RSA cryptosystem with higher attack complexity to prevent single trace attack. In this paper we analyze the vulnerability of exponentiation algorithm described by Sim et al. Sim et al. applied message blinding and random exponentiation splitting method on $2^t-ary$ for higher attack complexity. However we can reveal private key using information exposed during pre-computation generation. Also we describe modified algorithm that provides higher attack complexity on collision attack. Proposed algorithm minimized the reuse of value that are used during exponentiation to provide security under single collision attack.
Keywords
Collision Attack; RSA; Side Channel Analysis Analysis;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 P. Kocher, J. Jaffee, and B. Jun, "Differential power analysis," CRYPTO '99 LNCS 1666, pp. 388-397, 1999
2 P.A. Fouque and F. Valette, "The doubling attack - why upwards is better thatn downwards," CHES 2003, LNCS 2779. pp. 269-280, 2003.
3 C.D. Walter, "Sliding windows succumbs to big mac attack," LNCS, pp. 286-299, 2001
4 H, Kim, D. Han, S. Hong, J. Ha, " Message Blinding Method Requiring No Multiplicative Inversion of RSA," ,ACM vol. 13 no. 4, Article 80, Feb. 2014.
5 Bauer, A., Jaulmes, E., Prouff, E., Wild, J, "Horizontal collision correlation attack on elliptic curves," Selected Areas in Cryptography, vol. 8282, pp. 553-570, 2013
6 B. Sim, Y. Won, D. Han, "Study for improving attack complexity against RSA collision analysis," Journal of the Korea Institute of Infomation Security & Cryptology, vol.25, no. 2, April. 2015
7 Clavier. C, Feix, B. Gagnerot, G. Roussellet, M., Verneuil, V, "Horizontal correlation analysis on exponentiation," ICICS, Lecture Notes in Computer Science, vol. 6917, pp. 46-61,2010.
8 E. Brier, Christophe Clavier, and Francis Olivier, "Correlation Power Analysis with a Leakage Model," Cryptographic Hardware and Embedded Systems - CHES, Lecture Notes in Computer Science vol.3156 pp16-29, 2004
9 P. Kocher, "Timing Attacks on Implemntations of Diffie-Hellman, RSA, DSS and Other Systems," Proc. CRYPTO '96, LNCS vol 1109, pp. 104-113, 1996.
10 I. Biehl, B. Meyer, and V. Muller, "Differential Fault Attacks on Elliptic Curve Cryptosystems," CRYPTO, vol.1880, pp131-146, May 2000.
11 Coron, J.S, " Resistance against differential power analysis for elliptic curve cryptosystems:" ASIACRYPT '98, LNCS, vol. 1514. pp. 51-65, 1998
12 Marc F. Witterman, Jasper G.J. can Woudenberg, Federico Menarini, "Defeating RSA multiply-always and message blinding countermeasure," CT-RSA 2011, LNCS 6558, pp. 77-88, 2011
13 H. Kim, T. Kim, J. Youn, S. Hong, "Pratical Second-Order Correlation Power Analysis on the Message Blinding Method and Its Novel Countermeasure for RSA," ETRI, vol.32 no.1, pp. 102-111, Feb 2010   DOI
14 N. Hanley, H. Kim, M. Tunstall, " Exploiting Collision in Addition Chain-Based Exponentiation Algorithms Using a Single Trace," CT-RSA, LNCS 9048, pp 431-448, 2015
15 A. Bauer, E. Jaulmes, E. Prouff, J. Wild "Horizontal Collision Correlation Attack on Elliptic Curves," SAC 2013, pp. 553-570, 2014.
16 K. Itho, T. Izu, M. Takenaka, "Address-Bit Differential Power Analysis of Cryptographic Schemes OK-ECDH and OK-ECDSA," CHES 2002, LNCS 2523, pp. 129-143, 2003.