More Detail for a Combined Timing and Power Attack against Implementations of RSA

Schindler, Werner; Walter, Colin D.

doi:10.1007/978-3-540-40974-8_20

Werner Schindler⁵ &
Colin D. Walter⁶

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2898))

Included in the following conference series:

IMA International Conference on Cryptography and Coding

762 Accesses
13 Citations

Abstract

Implementations of Montgomery’s modular multiplication algorithm (MMM) typically make conditional subtractions in order to keep the output within register or modulus bounds. For some standard exponentiation algorithms such as m-ary, it has been shown that this yields enough information to deduce the value of the exponent. This has serious implications for revealing the secret key in cryptographic applications without adequate counter-measures. Much more detail is provided here about the distribution of output values from MMM when the output is only reduced to keep it within register bounds, about how implementations of sliding windows can be attacked, and about handling errors.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the Timing Attack. In: Quisquater, J.-J., Schneier, B. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 175–190. Springer, Heidelberg (2000)
Google Scholar
Knuth, D.E.: The Art of Computer Programming, 2nd edn. Seminumerical Algorithms, vol. 2, pp. 441–466. Addison-Wesley, Reading (1981)
MATH Google Scholar
Koç, Ç.K.: Analysis of Sliding Window Techniques for Exponentiation. Computers and Mathematics with Applications 30(10), 17–24 (1995)
Article MATH MathSciNet Google Scholar
Kocher, P.: Timing attack on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Google Scholar
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Google Scholar
Mayer-Sommer, R.: Smartly Analyzing the Simplicity and the Power of Simple Power Analysis on Smartcards. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 78–92. Springer, Heidelberg (2000)
Chapter Google Scholar
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power Analysis Attacks of Modular Exponentiation in Smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999)
Chapter Google Scholar
Miller, V.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)
Google Scholar
Montgomery, P.L.: Modular Multiplication without Trial Division. Mathematics of Computation 44(170), 519–521 (1985)
Article MATH MathSciNet Google Scholar
Rivest, R.L., Shamir, A., Adleman, L.: A Method for obtaining Digital Signatures and Public-Key Cryptosystems. Comm. ACM 21, 120–126 (1978)
Article MATH MathSciNet Google Scholar
Schindler, W.: A Timing Attack against RSA with Chinese Remainder Theorem. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 109–124. Springer, Heidelberg (2000)
Chapter Google Scholar
Schindler, W.: A Combined Timing and Power Attack. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 263–279. Springer, Heidelberg (2002)
Chapter Google Scholar
Schindler, W.: Optimized Timing Attacks against Public Key Cryptosystems. Statistics & Decisions 20, 191–210 (2002)
MATH MathSciNet Google Scholar
Walter, C.D.: Montgomery Exponentiation Needs No Final Subtractions. Electronics Letters 35(21), 1831–1832 (1999)
Article Google Scholar
Walter, C.D.: Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 30–39. Springer, Heidelberg (2002)
Chapter Google Scholar
Walter, C.D., Thompson, S.: Distinguishing Exponent Digits by Observing Modular Subtractions. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 192–207. Springer, Heidelberg (2001)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Bundesamt für Sicherheit in der Informationstechnik (BSI), Godesberger Allee 185-189, 53175, Bonn, Germany
Werner Schindler
Comodo Research Laboratory, 10 Hey Street, Bradford, BD7 1DQ, UK
Colin D. Walter

Authors

Werner Schindler
View author publications
You can also search for this author in PubMed Google Scholar
Colin D. Walter
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Information Security Group, Royal Holloway, University of London, TW20 0EX, Egham, Surrey, U.K.
Kenneth G. Paterson

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Schindler, W., Walter, C.D. (2003). More Detail for a Combined Timing and Power Attack against Implementations of RSA. In: Paterson, K.G. (eds) Cryptography and Coding. Cryptography and Coding 2003. Lecture Notes in Computer Science, vol 2898. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-40974-8_20

Download citation

DOI: https://doi.org/10.1007/978-3-540-40974-8_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20663-7
Online ISBN: 978-3-540-40974-8
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics