Reference : Fault Attacks on RSA Signatures with Partially Unknown Messages
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/10580
Fault Attacks on RSA Signatures with Partially Unknown Messages
English
Coron, Jean-Sébastien mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Joux, Antoine [DGA and Université de Versailles]
Kizhvatov, Ilya [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Naccache, David [École Normale Supérieure]
Paillier, Pascal [Gemalto, Cryptography & Innovation]
2009
Proceedings of CHES 2009
Springer
444-456
Yes
978-3-642-04137-2
Workshop on Cryptographic Hardware and Embedded Systems
September 6-9, 2009
Lausanne
Switzerland
[en] fault attacks ; digital signatures ; RSA ; Coppersmith’s theorem ; ISO/IEC 9796-2
[en] Fault attacks exploit hardware malfunctions to recover secrets from embedded electronic devices. In the late 90’s, Boneh, DeMillo and Lipton introduced fault-based attacks on CRt-RSA. These attacks factor the signer’s modulus when the message padding function is deterministic. However, the attack does not apply when the message is partially unknown, for example when messages contain some randomness which is recovered only when verifying a correct signature. In this paper we successfully extends rsa fault attacks to a large class of partially known message configurations. The new attacks rely on Coppersmith’s algorithm for finding small roots of multivariate polynomial equations. We illustrate the approach by successfully attacking several randomized versions of the ISO/IEC 9796-2 encoding standard. Practical experiments show that a 2048-bit modulus can be factored in less than a minute given one faulty signature containing 160 random bits and an unknown 160-bit message digest.
http://hdl.handle.net/10993/10580
10.1007/978-3-642-04138-9
http://eprint.iacr.org/2009/309
5747
Cryptographic Hardware and Embedded Systems - CHES 2009

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
emvfault.pdfNo commentaryAuthor postprint257.99 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.