Instruction Fault Attack on the Miller Algorithm in a Pairing-Based Cryptosystem

Author

Kiseok Bae ; Sangjae Moon ; Jaecheol Ha

Author_Institution

Syst. LSI Bus., Samsung Electron. Co., Ltd., Youngin, South Korea

fYear

2013

fDate

3-5 July 2013

Firstpage

167

Lastpage

174

Abstract

Some fault attacks such as counter and data corruption have been proposed for pairing-based cryptosystems. However, a fault model that can skip the if instruction in traditional schemes such as RSA and ECC(elliptic curve cryptosystem) does not appear in the literature in terms of pairing-based cryptography. This paper investigated the vulnerability of skipping the emph{if} instruction in the last iteration of the Miller algorithm and describes how to extract the secret information. Indeed, the proposed method of attack is more efficient than previous counter fault attacks against the Miller algorithm. As evidence, a fault attack in Affine and Jacobian coordinate systems that finds the secret information using one faulty output is described. The feasibility of our fault model was verified by a practical laser fault injection experiment.

Keywords

public key cryptography; Affine coordinate system; ECC; Jacobian coordinate system; Miller algorithm; RSA; counter fault attack; data corruption; elliptic curve cryptosystem; fault model; faulty output; instruction fault attack; laser fault injection experiment; pairing-based cryptography; pairing-based cryptosystem; secret information extraction; vulnerability; Circuit faults; Cryptography; Elliptic curves; Equations; Jacobian matrices; Mathematical model; Radiation detectors;

fLanguage

English

Publisher

ieee

Conference_Titel

Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2013 Seventh International Conference on

Conference_Location

Taichung

Type

conf

DOI

10.1109/IMIS.2013.36

Filename

6603667