Abstract
Since side-channel attacks turned out to be a major threat against implementations of cryptographic algorithms, many countermeasures have been proposed. Amongst them, multiplicative blinding is believed to provide a reasonable amount of security for public-key algorithms. In this article we show how template attacks can be used to extract sufficient information to recover the mask. Our practical experiments verify that one power trace suffices in order to remove such a blinding factor. In the course of our work we attacked a protected Montgomery Powering Ladder implementation on a widely used microcontroller. As a result we can state that the described attack could be a serious threat for public key algorithms implemented on devices with small word size.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)
Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Rivest, R.L., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21(2), 120–126 (1978)
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power analysis attacks of modular exponentiation in smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999)
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)
Rechberger, C., Oswald, E.: Practical template attacks. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 443–457. Springer, Heidelberg (2005)
Medwed, M., Oswald, E.: Template Attacks on ECDSA. Cryptology ePrint Archive, Report 2008/081 (2008), http://eprint.iacr.org/
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks- Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)
Kim, C., Ha, J., Moon, S., Yen, S.-M., Lien, W.-C., Kim, S.-H.: An Improved and Effcient Countermeasure against Power Analysis Attacks. Cryptology ePrint Archive, Report 2005/022 (2005), http://eprint.iacr.org/
Fumaroli, G., Vigilant, D.: Blinded fault resistant exponentiation. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, J.-P. (eds.) FDTC 2006. LNCS, vol. 4236, pp. 62–70. Springer, Heidelberg (2006)
Montgomery, P.L.: Speeding the Pollard and Elliptic Curve Methods of Factorization. Mathematics of Computation 48(177), 243–264 (1987)
Joye, M., Yen, S.-M.: The montgomery powering ladder. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Herbst, C., Medwed, M. (2009). Using Templates to Attack Masked Montgomery Ladder Implementations of Modular Exponentiation. In: Chung, KI., Sohn, K., Yung, M. (eds) Information Security Applications. WISA 2008. Lecture Notes in Computer Science, vol 5379. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00306-6_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-00306-6_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00305-9
Online ISBN: 978-3-642-00306-6
eBook Packages: Computer ScienceComputer Science (R0)