Attacks on Authentication and Signature Schemes Involving Corruption of Public Key (Modulus)

Brier et al (2006) showed how to attack RSA by induction of faults in public modulus n. We propose to use the same kind of technique to attack other asymmetric cryptographic schemes. The most interesting case in which we use a somewhat different approach is the attack on Elliptic Curves based signature protocol (namely ECDSA). Here we also take advantage of the short keys to offer a nontrivial practical attack that enables us to fully recover the private key. Different idea is used to attack Guillou-Quisquater authentication scheme (GQ). This demonstrates how the difference between schemes influences the details of the modulus corruption attacks. Special efforts were devoted to calculate the amount of corrupted data to perform the attack on each scheme. Various ways of protection against fault injection attacks on public key elements are discussed.

[1]  Vincent Rijmen,et al.  Cryptography on smart cards , 2001, Comput. Networks.

[2]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[3]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[4]  Jean-Pierre Seifert,et al.  On authenticated computing and RSA-based authentication , 2005, CCS '05.

[5]  Bart Preneel,et al.  A survey of recent developments in cryptographic algorithms for smart cards , 2007, Comput. Networks.

[6]  N. Koblitz A Course in Number Theory and Cryptography , 1987 .

[7]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[8]  R. A. Leibler,et al.  On Information and Sufficiency , 1951 .

[9]  Marc Joye,et al.  Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults , 2005, Des. Codes Cryptogr..

[10]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[11]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[12]  Bernd Meyer,et al.  Differential Fault Attacks on Elliptic Curve Cryptosystems , 2000, CRYPTO.

[13]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[14]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[15]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[16]  Christophe Clavier,et al.  Why One Should Also Secure RSA Public Key Elements , 2006, CHES.

[17]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[18]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[19]  Jean-Pierre Seifert,et al.  Sign Change Fault Attacks on Elliptic Curve Cryptosystems , 2006, FDTC.

[20]  Adi Shamir,et al.  Fault Analysis of Stream Ciphers , 2004, CHES.

[21]  David Naccache,et al.  Experimenting with Faults, Lattices and the DSA , 2005, Public Key Cryptography.