Title :
In(security) Against Fault Injection Attacks for CRT-RSA Implementations
Author :
Berzati, Alexandre ; Canovas, C. ; Goubin, Louis
Author_Institution :
CEA-LETI/MINATEC, Grenoble
Abstract :
Since its invention in 1977, the celebrated RSA primitive has remained unbroken from a mathematical point of view, and has been widely used to build provably secure encryption or signature protocols. However, the introduction in 1996 of a new model of attacks - based on fault injections - by Boneh, deMillo and Lipton suggests the use of specific countermeasures to obtain a secure RSA implementation. In the special case of CRT implementations, many protections have been proposed and most of them have been proven insufficient to ensure resistance against DFA. In the present paper, we show that the Ciet-Joye method proposed in FDTC´2005 [10] does not completely prevent fault injection attacks: for a CRT-RSA with a 1024-bit modulus, we show that 13 faulty signatures are enough to recover the secret exponent with a probability greater than 50%, which can be improved to 99% with 83 faulty signatures.
Keywords :
cryptography; digital signatures; protocols; CRT-RSA implementations; fault injection attacks; faulty signatures; secure encryption; signature protocols; Cathode ray tubes; Cryptography; Doped fiber amplifiers; Fault diagnosis; Performance analysis; Protection; Protocols; Public key; Security; Warranties; CRT-RSA; countermeasures; fault attacks;
Conference_Titel :
Fault Diagnosis and Tolerance in Cryptography, 2008. FDTC '08. 5th Workshop on
Conference_Location :
Washington, DC
Print_ISBN :
978-0-7695-3314-8
DOI :
10.1109/FDTC.2008.9
