Title :
A Fault Attack on ECDSA
Author :
Schmidt, Jörn-Marc ; Medwed, Marcel
Author_Institution :
Inst. for Appl. Inf. Process. & Commun., Graz Univ. of Technol., Graz, Austria
Abstract :
An advantage of schemes based on elliptic curve cryptography (ECC) is that they require a smaller key size than other public key schemes to guarantee the same level of security. Thus, ECC algorithms are well suited for systems with constrained resources like smart cards or mobile devices. When evaluating those devices, not only the security from a theoretical point of view, but also implementation attacks, like fault attacks, have to be taken into account. In this paper, we present a new fault attack on the elliptic curve digital signature algorithm (ECDSA). We use a modification of the program flow to retrieve parts of the ephemeral key. The retrieved information allows performing a lattice attack to determine the secret signing key. Furthermore, we propose a countermeasure to prevent such an attack.
Keywords :
digital signatures; public key cryptography; ECDSA; elliptic curve cryptography; elliptic curve digital signature algorithm; ephemeral key; fault attack; lattice attack; mobile devices; public key schemes; secret signing key; smart cards; Digital signatures; Elliptic curve cryptography; Elliptic curves; Equations; Information security; Lattices; Protection; Public key; Public key cryptography; Smart cards; Countermeasure; ECC; ECDSA; Fault attack;
Conference_Titel :
Fault Diagnosis and Tolerance in Cryptography (FDTC), 2009 Workshop on
Conference_Location :
Lausanne
Print_ISBN :
978-1-4244-4972-9
DOI :
10.1109/FDTC.2009.38
