Hardware Fault Attack Resistant RSA-CRT with Parallel Support (오류주입 공격에 강건하며 병렬연산이 가능한 RSA-CRT )

은하수; Heekuck Oh (오희국); Sangjin Kim (김상진)

Hardware Fault Attack Resistant RSA-CRT with Parallel Support

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2012, 17(5), pp.59-70
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

은하수 ¹, Heekuck Oh ¹, Sangjin Kim ²

¹한양대학교
²한국기술교육대학교

Accredited

ABSTRACT

RSA-CRT is one of the commonly used techniques to speedup RSA operation. Since RSA-CRT performs its operations based on the modulus of two private primes, it is about four times faster than RSA. In RSA, the two primes are normally thrown away after generating the public key pair. However, in RSA-CRT, the two primes are directly used in RSA operations. This led to hardware fault attacks which can be used to factor the public modulus. The most common way to counter these attacks is based on error propagation. In these schemes, all the outputs of RSA are affected by the infected error which makes it difficult for an adversary to use the output to factor the public modulus. However, the error propagation has sequentialized the RSA operation. Moreover, these schemes have been found to be still vulnerable to hardware fault attacks. In this paper, we propose two new RSA-CRT schemes which are both resistant to hardware fault attack and support parallel execution: one uses common modulus and the other one perform operations in each prime modulus. Both proposed schemes takes about a time equal to two exponentiations to complete the RSA operation if parallel execution is fully used and can protect the two private primes from hardware fault attacks.

KEYWORDS

RSA-CRT, Fault injection, Parallel processing

Citation status

* References for papers published after 2023 are currently being built.

[journal] R. Rivest / 1978 / A Method for Obtaining Digital Signatures and Public-Key Cryptosystems / Communications of the ACM 21(2) : 129~126

[journal] C. Couvreur / 1982 / Fast Decipherment Algorithm for RSA Public-Key Cryptosystem / Electronics Letters 18(21) : 905~907

[book] A. Lenstra / 1996 / Memo on RSA Signature Generation in the Presence of Faults

[confproc] D. Boneh / 1997 / On the Importance of Checking Cryptographic Protocols for Fault / EUROCRYPT '97 1233 : 37~51

[confproc] A. Shamir / 1997 / How to Check Modular Exponentiation / EUROCRYPT '97 Rump Session

[other] A. Shamir / 1999 / Method and Apparatus for Protecting Public Key Schemes from Timing and Fault Attacks / United States Patent 5991415

[journal] S. Yen / 2003 / RSA Speedup with Chinese Remainder Theorem Immune Against Hardware Fault Cryptoanalysis / IEEE Transactions on Computers 52(4) : 461~472

[confproc] S. Yen / 2006 / Cryptoanalysis of Two Protocols for RSA with CRT Based on Fault Infection / Fault Diagnosis and Tolerance in Cryptography 2006 4236 : 53~61

[journal] 김성경 / 2008 / Secure RSA with CRT Protected Against Fault Attacks without using Checking Procedure / 정보보호학회논문지 / 한국정보보호학회 18(4) : 17~26

[journal] 백이루 / 2010 / Chosen Message Attack on the RSA-CRT Countermeasure Based on Fault Propagation Method / 정보보호학회논문지 / 한국정보보호학회 20(3) : 135~140

[journal] 박제훈 / 2009 / Experimental Analysis of Optical Fault Injection Attack for CRT-RSA Cryptosystem / 정보보호학회논문지 / 한국정보보호학회 19(3) : 51~59

[journal] 박제훈 / 2009 / An Experimental Fault Injection Attack on RSA Cryptosystem using Abnormal Source Voltage / 정보보호학회논문지 / 한국정보보호학회 19(5) : 195~200

[book] E. Barker / 2011 / Transitions : Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths / NIST Special Publication

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65