Hardware Fault Attack Resistant RSA-CRT with Parallel Support

은하수; Oh， Heekuck; Sangjin Kim

doi:http://dx.doi.org/

Journal of The Korea Society of Computer and Information

Abbr : JKSCI
2012, 17(5), pp.59-70
DOI :
Publisher : The Korean Society Of Computer And Information
Research Area : Computer Science

은하수 ¹ , Oh， Heekuck ² , Sangjin Kim ³

¹ 한양대학교
² 한양대학교
³ 한국기술교육대학교

ABSTRACT

RSA-CRT is one of the commonly used techniques to speedup RSA operation. Since RSA-CRT performs its operations based on the modulus of two private primes, it is about four times faster than RSA. In RSA, the two primes are normally thrown away after generating the public key pair. However, in RSA-CRT, the two primes are directly used in RSA operations. This led to hardware fault attacks which can be used to factor the public modulus. The most common way to counter these attacks is based on error propagation. In these schemes, all the outputs of RSA are affected by the infected error which makes it difficult for an adversary to use the output to factor the public modulus. However, the error propagation has sequentialized the RSA operation. Moreover, these schemes have been found to be still vulnerable to hardware fault attacks. In this paper, we propose two new RSA-CRT schemes which are both resistant to hardware fault attack and support parallel execution: one uses common modulus and the other one perform operations in each prime modulus. Both proposed schemes takes about a time equal to two exponentiations to complete the RSA operation if parallel execution is fully used and can protect the two private primes from hardware fault attacks.
KEYWORDS

RSA-CRT , Fault injection , Parallel processing
REFERENCES (13)

[journal] R. Rivest / 1978 / A Method for Obtaining Digital Signatures and Public-Key Cryptosystems / Communications of the ACM 21 (2) : 129~126

[journal] C. Couvreur / 1982 / Fast Decipherment Algorithm for RSA Public-Key Cryptosystem / Electronics Letters 18 (21) : 905~907

[book] A. Lenstra / 1996 / Memo on RSA Signature Generation in the Presence of Faults

[confproc] D. Boneh / 1997 / On the Importance of Checking Cryptographic Protocols for Fault / EUROCRYPT '97 1233 : 37~51

[confproc] A. Shamir / 1997 / How to Check Modular Exponentiation / EUROCRYPT '97 Rump Session

[other] A. Shamir / 1999 / Method and Apparatus for Protecting Public Key Schemes from Timing and Fault Attacks / United States Patent 5991415

[journal] S. Yen / 2003 / RSA Speedup with Chinese Remainder Theorem Immune Against Hardware Fault Cryptoanalysis / IEEE Transactions on Computers 52 (4) : 461~472

[confproc] S. Yen / 2006 / Cryptoanalysis of Two Protocols for RSA with CRT Based on Fault Infection / Fault Diagnosis and Tolerance in Cryptography 2006 4236 : 53~61

[journal] 김성경 / 2008 / Secure RSA with CRT Protected Against Fault Attacks without using Checking Procedure / 정보보호학회논문지 / 한국정보보호학회 18 (4) : 17~26

[journal] 백이루 / 2010 / Chosen Message Attack on the RSA-CRT Countermeasure Based on Fault Propagation Method / 정보보호학회논문지 / 한국정보보호학회 20 (3) : 135~140

[journal] 박제훈 / 2009 / Experimental Analysis of Optical Fault Injection Attack for CRT-RSA Cryptosystem / 정보보호학회논문지 / 한국정보보호학회 19 (3) : 51~59

[journal] 박제훈 / 2009 / An Experimental Fault Injection Attack on RSA Cryptosystem using Abnormal Source Voltage / 정보보호학회논문지 / 한국정보보호학회 19 (5) : 195~200

[book] E. Barker / 2011 / Transitions : Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths / NIST Special Publication
KCI Citation (0)

KJC Korea
Journal Central

Statistics

Tools