DocumentCode :
3349007
Title :
SPA-based Security Evaluation of RSA Implementation in Internet Banking USB Token
Author :
Zhou, Yuanyuan ; Guo, Shize
Author_Institution :
G&D (China) Inf. Technol. Co., Ltd., Beijing, China
fYear :
2011
fDate :
21-23 Oct. 2011
Firstpage :
499
Lastpage :
503
Abstract :
Almost all the commercial banks in China use USB Token with RSA-coprocessor tamper-resistant crypto-device to ensure the security of Internet Banking transactions. To evaluate the security of such Tokens objectively, finished practical SPA (Simple Power Analysis) attack on four kinds of USB Token from different suppliers in this paper, and all the correct RSA private keys were gotten successfully although the Tokens use different Montgomery or Sliding-Window implementations. This paper also presents some simple countermeasures against such attack.
Keywords :
Internet; banking; public key cryptography; Internet banking USB Token; Internet banking transactions; Montgomery implementations; RSA implementation; RSA private keys; RSA-coprocessor tamper-resistant crypto-device; SPA-based security evaluation; commercial banks; sliding-window implementations; Cryptography; Hardware; Integrated circuits; Online banking; Power demand; Universal Serial Bus; Internet Banking; RSA; SPA; Side-Channel Attack; USB Token;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Instrumentation, Measurement, Computer, Communication and Control, 2011 First International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-0-7695-4519-6
Type :
conf
DOI :
10.1109/IMCCC.2011.130
Filename :
6154155
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3349007
بازگشت