Browse > Article
http://dx.doi.org/10.3745/KTCCS.2013.2.2.083

An Improved Side Channel Attack Using Event Information of Subtraction  

Park, Jong-Yeon (한국전자통신연구원 사이버융합보안연구단)
Han, Dong-Guk (국민대학교 수학과)
Yi, Okyeon (국민대학교 수학과)
Kim, Jung-Nyeo (한국전자통신연구원)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.2, no.2, 2013 , pp. 83-92 More about this Journal
Abstract
RSA-CRT is a widely used algorithm that provides high performance implementation of the RSA-signature algorithm. Many previous studies on each operation step have been published to verify the physical leakages of RSA-CRT when used in smart devices. This paper proposes SAED (subtraction algorithm analysis on equidistant data), which extracts sensitive information using the event information of the subtraction operation in a reduction algorithm. SAED is an attack method that uses algorithm-dependent power signal changes. An adversary can extract a key using differential power analysis (DPA) of the subtraction operation. This paper indicates the theoretical rationality of SAED, and shows that its results are better than those of other methods. According to our experiments, only 256 power traces are sufficient to acquire one block of data. We verify that this method is more efficient than those proposed in previously published studies.
Keywords
RSA-CRT; Side Channel Attack; Equidistant Message Power Analysis; CPA(Correlation Power Analysis);
Citations & Related Records
연도 인용수 순위
  • Reference
1 Rivest R, Shamir A, Adleman L. "A method for obtaining digital signatures and public-key cryptosystems". Commun ACM, pp.120-126, 1978.
2 N.Koblitz, "Elliptic Curve Cryptosystem", Mathematics of Computation, ISSN 1088-6842.
3 B.D. Boer. K. Lemke, and G.Wicke, "A DPA attack against the modular reduction within a crt implementation of RSA", CHES 2002, LNCS, Vol.2523, Springer-Verlag, pp.228-243, 2002.
4 R. Novak "SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation" PKC 2002, Springer-Verlag Berlin Heidelberg 2002, LNCS 2274, pp.252-262, 2002.
5 F. Amiel, B. Feix, and K. Villegas, "Power Analysis for Secret Recovering and Reverse Engineering of Public Key Algorithms", SAC 2007, Springer-Verlag, pp.110-125, 2007.
6 J.Y Park, D.H Han, O. Yi, D.H Choi, "Ghost key patterns with Equidistant Chosen Message attack on RSA-CRT", 2011 IEEE International Carnahan Conference, IEEE/IET Electronic Library (IEL), VDE VERLAG Conference Proceedings, pp.1-5, 2011.
7 R. Rao, P. Rohatgi, H. Scherzer, S. Tinguely , "Partitioning attacks: or how to rapidly clone some GSM cards", IEEE Symposium on Security and Privacy 2002. Proceedings. 2002.
8 S. Mangard, E. Oswarld, T. Popp, "Power Analysis Attacks, revealing the secret of smart cards", Springer, ISBN.0387308571, 2007. 12.
9 S. Mangard, "A Simple Power-Analysis (SPA) Attack on Implementations of the AES Key Expansion", ICISC 2002, LNCS 2587, Springer-Verlag, pp.343-358, 2003.
10 A,J Menezes, PaulC.van Oorschot and S.A Vanstone, "Handbood Applied Cryptography", CRC press ISBN : 0-8493-8523-7, 1996.
11 P. Kocher, "Timing attacks on implementations of Diffe-Hellman, RSA, DSS and other systems", Advances in Cryptology - CRYPTO 96, Santa Barbara, Califormia, LNCS 1109, pp.103-113, 1996.
12 P. Kocher, J. Jaffe, and B. Jun, "Differential power analysis", CRYPTO 1999, LNCS 1666, Springer-Verlag, pp.388-397, 1999.
13 E. Brier, C. Clavier, and F. Olivier, "Correlation power analysis with a leakage model", CHES 2004. LNCS 3156, Springer- Verlag, pp.16-29, 2004.
14 S. Chari, R. Rao, P. Rohatgi, "Template Attacks", CHES 2002, LNCS 2523, pp.13-28, 2003.
15 D. Agrawal, P. Rohatgi, and J.Rao. , "Multi-channel attacks", CHES 2003. LNCS 2779, Springer-Verlag, pp.2-16, 2003.
16 E. Oswald and P. Rohatgi, "Mutual Information Analysis", CHES 2008, LNCS 5154, Springer-Verlag, pp.426-442, 2008.
17 J. Zhou and M. Yung, "Principles on the Security of AES against First and Second-Order Differential Power Analysis" ACNS 2010, LNCS 6123, pp.168.185, 2010.