ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Cryptanalysis of a provably secure CRT-RSA algorithm
Full text PdfPdf (132 KB)
Source Conference on Computer and Communications Security archive
Proceedings of the 11th ACM conference on Computer and communications security table of contents
Washington DC, USA
SESSION: Applied cryptography table of contents
Pages: 92 - 97  
Year of Publication: 2004
ISBN:1-58113-961-6
Author
David Wagner  University of California at Berkeley
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 5,   Downloads (12 Months): 75,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1030083.1030097
What is a DOI?

ABSTRACT

We study a countermeasure proposed to protect Chinese remainder theorem (CRT) computations for RSA against fault attacks. The scheme was claimed to be provably secure. However, we demonstrate that the proposal is in fact insecure: it can be broken with a simple and practical fault attack. We conclude that the proposed countermeasure is not safe for use in its present form.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
R. Anderson, M. Kuhn, "Tamper resistance---a cautionary note," 2nd USENIX Workshop on Electronic Commerce, pp.1--11, 1996.
 
2
Ross J. Anderson , Markus G. Kuhn, Low Cost Attacks on Tamper Resistant Devices, Proceedings of the 5th International Workshop on Security Protocols, p.125-136, April 07-09, 1997
 
3
H. Bar-El, H. Choukri, D. Naccache, M. Tunstall, C. Whelan, "The sorcerer's apprentice guide to fault attacks," Workshop on Fault Detection and Tolerance in Cryptography, June 2004.
4
Johannes Blömer , Martin Otto , Jean-Pierre Seifert, A new CRT-RSA algorithm secure against bellcore attacks, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA  [doi>10.1145/948109.948151]
 
5
D. Boneh, R.A. DeMillo, R.J. Lipton, "On the importance of checking cryptographic protocols for fault," EUROCRYPT'97, Springer-Verlag, LNCS 1233, pp.37--51, 1997.
 
6
M. Joye, A.K. Lenstra, J.-J. Quisquater, "Chinese remaindering based cryptosystems in the presence of faults," Journal of Cryptology, vol. 12, no. 4, pp.241--245, 1999.
 
7
A.K. Lenstra, "Memo on RSA signature generation in the presence of faults," Sept. 1996.
 
8
Sung-Ming Yen , Marc Joye, Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis, IEEE Transactions on Computers, v.49 n.9, p.967-970, September 2000  [doi>10.1109/12.869328 ]
 
9
Sung-Ming Yen , Seungjoo Kim , Seongan Lim , SangJae Moon, RSA Speedup with Residue Number System Immune against Hardware Fault Cryptanalysis, Proceedings of the 4th International Conference Seoul on Information Security and Cryptology, p.397-413, December 06-07, 2001

INDEX TERMS

Primary Classification:
  E. Data
  E.3 DATA ENCRYPTION


General Terms:
Security


Keywords:
RSA, chinese remainder theorem, cryptanalysis, fault attacks

Collaborative Colleagues:
David Wagner: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2008 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player