Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.2.157

A Study on Secure Digital Signature Algorithm for Side Channel Attack  

Lee, HunHee (Korea University)
Hong, SeokHie (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.2, 2021 , pp. 157-165 More about this Journal
Abstract
Side channel attack is a powerful technique that can threaten the security of mathematically proven cryptographic algorithms. In this paper, side channel attack methods for DSA(Digital Signature Algorithm) and an algorithm proposed by Kim, the safest among existing countermeasures, were analyzed. In addition, a new DSA signature algorithm was proposed that increases safety and computational efficiency by improving the problems of Kim's algorithm. The Kim's algorithm is secure against all fault injection attacks, but it's not considered for power analysis attacks and requires a lot of computation. The new algorithm proposed in this paper is similar to the Kim's algorithm by using two nonce, but it's secure against not only fault injection attacks but also power analysis attacks, because secret key is multiplied by a nonce and used to generate the signature. Also, the computational efficiency was improved by about 34% compared to the Kim's algorithm.
Keywords
DSA; Side Channel Attack; Countermeasures;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 D. Boneh. R. A. DeMillo and R. J. Lipton, "On the Importance of Checking Cryptographic Protocols for Faults," EUROCRYPT-1997, LNCS 1233, pp.37-51, 1997.
2 T. Messerges, "Power Analysis Attacks and Countermeasures for Cryptographic Algorithms," Ph.D Thesis, Univ. of Illinois at Chicago, pp. 541-548, 2000.
3 J. Coron and Louis Goubin "On Boolean and Arithmetic Masking against Differential Power Analysis", CHES'00, LNCS 1965, pp. 231-237, 2000.
4 "National institute of standards and technology," FIPS PUB 186-2: Digital Signature Standard, 2000.
5 M. Nikodem, "DSA Signature Scheme Immune to the Fault Cryptanalysis," CARDIS-2008, LNCS 5189. pp. 61-73, 2008.
6 C.P. Schnorr, "Efficient Identification and Signatures for Smart cards", CRYPTO'89, LNCS 435, pp. 239-251, July. 2001.
7 P. Kocher, J. Jaffe, and B. Jun, "Timing Attacks on Implementations of DiffieHellman, RSA, DSS,and Others Systems," CRYPTO-1996, LNCS 1109, pp.104-113, 1996.
8 P. Kocher, J. Jaffe, and B. Jun, "Introduction to differential power analysis and related attacks," White Paper, Cryptography Research, http://www.cryptography.com/dpa/technical, 1998.
9 F. Bao, R. H. Deng, Y. Han, A. Jeng, A. D. Narasimhalu, and T. Ngair, "Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults," International Workshop on Security Protocols-1997, LNCS 1361, pp. 115-124, 1997.
10 C. Giraud and E. Knudsen, "Fault Attacks on Signature Schemes," ACISP-2004, LNCS 3108, pp. 478-491, 2004.
11 M. Nikodem, "Error Prevention, Detection and Diffusion Algorithms for Cryptographic Hardware," RELCOMEX'07, pp. 127-134, June. 2007.
12 D. Naccache, P. Nguyen, M. Tunstall and C.Whelan, "Experimenting with Faults, Lattices and the DSA," PKC-2005, LNCS 3386, pp. 16-28, 2005.
13 J. Schmidt, and M. Medwed, "A Fault Attack on ECDSA," Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 93-99, Sep. 2009.
14 C. Jung, D. Oh, D. Choi, H. Kim and J. Ha, "Cryptanalysis using Fault Injection and Countermeasures on DSA", Journal of The Korea Academia -industrial Cooperation Society, 11(8), pp. 3045-3052, Aug. 2010.   DOI
15 T. Kim, T. Kim, S. Hong and Y. Park, "A new digital signature scheme secure against fault attacks," Journal of The Korea Institute of Information Security and Cryptology, 22(3), pp. 515-524, June. 2012.   DOI
16 NIST CAVP: FIPS 186-2 DSA CAVS, "https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/dss/186-2dsatestvectors.zip"
17 P. Nguyen and J. Stern, "Lattice Reduction in Cryptology: An Update", ANTS'00, LNCS 1838, pp. 85-112, 2000.
18 P. Nguyen and I. Shparlinski, "The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces", Designs. Codes Cryptography. vol. 30, no.2, pp. 201-217, 2003.   DOI
19 M. Bellare, S. Goldwasser, and D. Micciancio, "Pseudo-Random Number Generation Within Cryptographic Algorithms: The DDS Case". CRYPTO'97, LNCS 1294, pp. 277-291, 1997.