Abstract
In smartcard encryption and signature applications, randomised algorithms are used to increase tamper resistance against attacks based on side channel leakage. Mist is one of these. As is the case with the classical m-ary and slidingwin dows exponentiation algorithms, the most significant half of the public modulus yields information which can be used to halve the number of key digits which need to be guessed to recover the secret key from a Mist side channel trace. Lattice based methods are used to reduce this to just one quarter of the least significant digits. This enables the strength of the Mist exponentiation algorithm to be guaged more accurately under several threat models.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
D. Agrawal, B. Archambeault, J.R. Rao & P. Rohatgi, The EM Side-Channels, Cryptographic Hardware and Embedded Systems-CHES 2002, B. Kaliski, /cC. Koç & C. Paar (editors), LNCS 2523, Springer-Verlag, 2002, to appear. 391
D. Boneh, G. Durfee & Y. Frankel, Exposing an RSA Private Key Given a Small Fraction of its Bits, Advances in Cryptology-AsiaCrypt’ 98, K. Ohta & D. Pei (editors), LNCS 1514, Springer-Verlag, 1998, 25–34. 392, 398, 399, 400
D. Coppersmith, Small Solutions to Polynomial equations and low exponent RSA vulnerabilities, Journal of Cryptology 10 (1997), 233–260. 398
K. Gandolfi, C. Mourtel & F. Olivier, Electromagnetic Analysis: Concrete Results, Cryptographic Hardware and Embedded Systems-CHES 2001, Ç. Koç, D. Naccache & C. Paar (editors), LNCS 2162, Springer-Verlag, 2001, 251–261. 391
J.C. Ha & S. J. Moon, Randomized signed-scalar multiplication of ECC to resist power attacks, Cryptographic Hardware and Embedded Systems-CHES 2002, B. Kaliski, Ç. Koç & C. Paar (editors), LNCS 2523, Springer-Verlag, 2002, to appear. 392
K. Itoh, J. Yajima, M. Takenaka, & N. Torii, DPA Countermeasures by improving the window method, Cryptographic Hardware and Embedded Systems-CHES 2002, B. Kaliski, Ç. Koç & C. Paar (editors), LNCS 2523, Springer-Verlag, 2002, to appear. 392
D.E. Knuth, The Art of Computer Programming, vol. 2, “Seminumerical Algorithms”, 2nd Edition, Addison-Wesley, 1981, 441–466. 392
P. Kocher, Timing Attack on Implementations of Diffie-Hellman, RSA, DSS, and other systems, Advances in Cryptology-Crypto’ 96, N. Koblitz (editor), LNCS 1109, Springer-Verlag, 1996, 104–113. 391, 395
P. Kocher, J. Jaffe & B. Jun, Differential Power Analysis, Advances in Cryptology-Crypto’ 99, M. Wiener (editor), LNCS 1666, Springer-Verlag, 1999, 388–397. 391, 393
R. Kumanduri & C. Romero, Number Theory with Computer Applications, Prentice Hall, 1998, ISBN 0-13-801812-X. 399
P.-Y. Liardet & N.P. Smart, Preventing SPA/DPA in ECC Systems using the Jacobi Form, Cryptographic Hardware and Embedded Systems-CHES 2001, Ç. Koç, D. Naccache & C. Paar (editors), LNCS 2162, Springer-Verlag, 2001, 391–401. 392
T. S. Messerges, E.A. Dabbish & R.H. Sloan, Power Analysis Attacks of Modular Exponentiation in Smartcards, Cryptographic Hardware and Embedded Systems (Proc. CHES 99), C. Paar & Ç. Koç (editors), LNCS 1717, Springer-Verlag, 1999, 144–157. 391
K. Okeya & K. Sakurai, On Insecurity of the Side Channel Attack Countermeasure using Addition-Subtraction Chains under Distinguishability between Addition and Doubling, Information Security and Privacy, L. Batten & J. Seberry (editors), LNCS 2384, Springer-Verlag, 2002, 420–435. 392
E. Oswald & M. Aigner, Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks, Cryptographic Hardware and Embedded Systems-CHES 2001, Ç. Koç, D. Naccache & C. Paar (editors), LNCS 2162, Springer-Verlag, 2001, 39–50. 392
J.-J. Quisquater & D. Samyde, ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards, Smart Card Programming and Security (e-Smart 2001), LNCS 2140, Springer-Verlag, 2001, 200–210. 391, 393
J.-J. Quisquater & D. Samyde, Eddy current for Magnetic Analysis with Active Sensor, Proc. e-Smart 2002, Nice, September 2002, 183–194. 391
C. D. Walter & S. Thompson, Distinguishing Exponent Digits by Observing Modular Subtractions, Topics in Cryptology-CT-RSA 2001, D. Naccache (editor), LNCS 2020, Springer-Verlag, 2001, 192–207. 391
C.D. Walter, Sliding Windows succumbs to Big Mac Attack, Cryptographic Hardware and Embedded Systems-CHES 2001, Ç. Koç, D. Naccache & C. Paar (editors), LNCS 2162, Springer-Verlag, 2001, 286–299. 391
C.D. Walter, Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli, Topics in Cryptology-CT-RSA 2002, B. Preneel (editor), LNCS 2271, Springer-Verlag, 2001, 30–39. 391
C.D. Walter, Improvements in, and relating to, Cryptographic Methods and Apparatus, UK Patent Application 0126317.7, Comodo Research Laboratory, 2001. 392
C.D. Walter, MIST: An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis, Topics in Cryptology-CT-RSA 2002, B. Preneel (editor), LNCS 2271, Springer-Verlag, 2002, 53–66. 392, 393
C.D. Walter, Some Security Aspects of the MIST Randomized Exponentiation Algorithm, Cryptographic Hardware and Embedded Systems-CHES 2002, B. Kaliski, Ç. Koç & C. Paar (editors), LNCS 2523, Springer-Verlag, 2002, to appear. 392, 393, 396, 400
C.D. Walter, Breaking the Liardet-Smart Randomized Exponentiation Algorithm, Proc. Cardis’ 02, USENIX, to appear. 392
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Walter, C.D. (2003). Seeing through Mist Given a Small Fraction of an RSA Private Key. In: Joye, M. (eds) Topics in Cryptology — CT-RSA 2003. CT-RSA 2003. Lecture Notes in Computer Science, vol 2612. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36563-X_27
Download citation
DOI: https://doi.org/10.1007/3-540-36563-X_27
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00847-7
Online ISBN: 978-3-540-36563-1
eBook Packages: Springer Book Archive