Fault attacks and countermeasures

[1]  Atsuko Miyaji,et al.  Efficient Elliptic Curve Exponentiation Using Mixed Coordinates , 1998, ASIACRYPT.

[2]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[3]  Marc Joye,et al.  Attacks on systems using Chinese remaindering , 1996 .

[4]  Dong-Guk Han,et al.  Side Channel Attack on Ha-Moon's Countermeasure of Randomized Signed Scalar Multiplication , 2003, INDOCRYPT.

[5]  Marc Joye,et al.  Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults , 2005, Des. Codes Cryptogr..

[6]  Dan Page,et al.  Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel , 2002, IACR Cryptol. ePrint Arch..

[7]  Dan Boneh,et al.  Cryptanalysis of RSA with private key d less than N0.292 , 2000, IEEE Trans. Inf. Theory.

[8]  Werner Schindler,et al.  A Timing Attack against RSA with the Chinese Remainder Theorem , 2000, CHES.

[9]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[10]  Christophe Giraud,et al.  Fault Attacks on Signature Schemes , 2004, ACISP.

[11]  Joachim von zur Gathen,et al.  Modern Computer Algebra , 1998 .

[12]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[13]  David M'Raïhi,et al.  Cryptographic smart cards , 1996, IEEE Micro.

[14]  David A. Wagner,et al.  Hidden Markov Model Cryptanalysis , 2003, CHES.

[15]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[16]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[17]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[18]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[19]  Wieland Fischer,et al.  Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures , 2002, CHES.

[20]  R. Schoof Journal de Theorie des Nombres de Bordeaux 7 (1995), 219{254 , 2022 .

[21]  Bernd Meyer,et al.  Differential Fault Attacks on Elliptic Curve Cryptosystems , 2000, CRYPTO.

[22]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[23]  D. R. Heath-Brown The Differences between Consecutive Primes , 1978 .

[24]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[25]  Daniel M. Gordon,et al.  A Survey of Fast Exponentiation Methods , 1998, J. Algorithms.

[26]  Marc Joye,et al.  Chinese Remaindering Based Cryptosystems in the Presence of Faults , 1999, Journal of Cryptology.

[27]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[28]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.

[29]  Andrew W. Appel,et al.  Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..

[30]  Helena Handschuh,et al.  Smart Card Crypto-Coprocessors for Public-Key Cryptography , 1998, CARDIS.

[31]  C. D. Walter,et al.  Security Constraints on the Oswald-Aigner Exponentiation Algorithm , 2003, IACR Cryptol. ePrint Arch..

[32]  Neal Koblitz,et al.  CM-Curves with Good Cryptographic Properties , 1991, CRYPTO.

[33]  J. Quisquater,et al.  Fast decipherment algorithm for RSA public-key cryptosystem , 1982 .

[34]  Bruce Schneier,et al.  Secrets and Lies: Digital Security in a Networked World , 2000 .

[35]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, TCC.

[36]  J. Olivos,et al.  Speeding up the computations on an elliptic curve using addition-subtraction chains , 1990, RAIRO Theor. Informatics Appl..

[37]  James L. Walsh,et al.  Field testing for cosmic ray soft errors in semiconductor memories , 1996, IBM J. Res. Dev..

[38]  Ivars Peterson,et al.  Chinks in digital armor: Exploiting faults to break smart‐card cryptosystems , 1997 .

[39]  Omer Egecioglu Fast modular exponentiation , 1998 .

[40]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[41]  James L. Walsh,et al.  IBM experiments in soft fails in computer electronics (1978-1994) , 1996, IBM J. Res. Dev..

[42]  Jean-Pierre Seifert,et al.  Note on Fast Computation of Secret RSA Exponents , 2002, ACISP.

[43]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[44]  Peter J. Downey,et al.  Computing Sequences with Addition Chains , 1981, SIAM J. Comput..

[45]  Claus-Peter Schnorr,et al.  Security of 2^t-Root Identification and Signatures , 1996, CRYPTO.

[46]  Marc Joye,et al.  Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity , 2004, IEEE Transactions on Computers.

[47]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[48]  Marc Joye,et al.  Hessian Elliptic Curves and Side-Channel Attacks , 2001, CHES.

[49]  Andrew D. Booth,et al.  A SIGNED BINARY MULTIPLICATION TECHNIQUE , 1951 .

[50]  Joos Vandewalle,et al.  Hardware architectures for public key cryptography , 2003, Integr..

[51]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[52]  Ramesh Karri,et al.  Scan Based Side Channel Attack on Data Encryption Standard , 2004, IACR Cryptol. ePrint Arch..

[53]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[54]  Jean-Sébastien Coron,et al.  Statistics and Secret Leakage , 2000, Financial Cryptography.

[55]  Holger Sedlak,et al.  The RSA Cryptography Processor , 1987, EUROCRYPT.

[56]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[57]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[58]  Jean-Jacques Quisquater,et al.  CORSAIR: A SMART Card for Public Key Cryptosystems , 1990, CRYPTO.

[59]  Marc Joye,et al.  Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis , 2000, IEEE Trans. Computers.

[60]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[61]  Mark G. Karpovsky,et al.  Robust protection against fault-injection attacks on smart cards implementing the advanced encryption standard , 2004, International Conference on Dependable Systems and Networks, 2004.

[62]  Kouichi Sakurai,et al.  Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack , 2000, INDOCRYPT.

[63]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[64]  Gene Itkis,et al.  Intrusion-Resilient Signatures: Generic Constructions, or Defeating Strong Adversary with Minimal Assumptions , 2002, SCN.

[65]  Tsuyoshi Takagi,et al.  SCA-Resistant and Fast Elliptic Scalar Multiplication Based on wNAF , 2004, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[66]  Frederik Vercauteren,et al.  Fault and Side-Channel Attacks on Pairing Based Cryptography , 2004, IACR Cryptology ePrint Archive.

[67]  Tsuyoshi Takagi,et al.  A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks , 2002, Public Key Cryptography.

[68]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[69]  D. Chudnovsky,et al.  Sequences of numbers generated by addition in formal groups and new primality and factorization tests , 1986 .

[70]  JaeCheol Ha,et al.  Hardware Fault Attackon RSA with CRT Revisited , 2002, ICISC.

[71]  Robert H. Deng,et al.  RSA-type Signatures in the Presence of Transient Faults , 1997, IMACC.

[72]  D. Boneh Cryptanalysis of RSA with Private Key d Less Than N 0 , 1999 .

[73]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[74]  Robert H. Deng,et al.  Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults , 1997, Security Protocols Workshop.

[75]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[76]  Johannes Blömer,et al.  A Generalized Wiener Attack on RSA , 2004, Public Key Cryptography.

[77]  Joe Kilian,et al.  Almost all primes can be quickly certified , 1986, STOC '86.

[78]  Tsuyoshi Takagi,et al.  Exceptional Procedure Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[79]  O. L. Macsorley High-Speed Arithmetic in Binary Computers , 1961, Proceedings of the IRE.

[80]  Yuliang Zheng Breaking Smart Card Implementations of ElGamal Signature and Its Variants , 2006 .

[81]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[82]  Jean-Pierre Seifert,et al.  Sign Change Fault Attacks on Elliptic Curve Cryptosystems , 2006, FDTC.

[83]  E. Normand Single event upset at ground level , 1996 .

[84]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[85]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[86]  Moti Yung,et al.  Observability Analysis - Detecting When Improved Cryptosystems Fail , 2002, CT-RSA.

[87]  Kai Hwang,et al.  Computer arithmetic: Principles, architecture, and design , 1979 .

[88]  Pankaj Rohatgi,et al.  EMpowering Side-Channel Attacks , 2001, IACR Cryptology ePrint Archive.

[89]  Seungjoo Kim,et al.  A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack , 2001, ICISC.

[90]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[91]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.

[92]  Shinichi Kawamura,et al.  A fast modular exponentiation algorithm , 1991 .

[93]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[94]  Jean-Pierre Seifert,et al.  Parallel scalar multiplication on general elliptic curves over Fp hedged against Non-Differential Side-Channel Attacks , 2002, IACR Cryptol. ePrint Arch..

[95]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[96]  Mihir Bellare,et al.  Optimal Asymmetric Encryption-How to Encrypt with RSA , 1995 .

[97]  Seungjoo Kim,et al.  RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis , 2003, IEEE Trans. Computers.

[98]  Dan Boneh,et al.  Attacking an Obfuscated Cipher by Injecting Faults , 2002, Digital Rights Management Workshop.

[99]  Ricardo Dahab,et al.  Improved Algorithms for Elliptic Curve Arithmetic in GF(2n) , 1998, Selected Areas in Cryptography.

[100]  Israel Koren Computer arithmetic algorithms , 1993 .

[101]  Marc Joye,et al.  Compact Encoding of Non-adjacent Forms with Applications to Elliptic Curve Cryptography , 2001, Public Key Cryptography.

[102]  Frédéric Valette,et al.  The Doubling Attack - Why Upwards Is Better than Downwards , 2003, CHES.

[103]  Jacques Stern,et al.  Probing Attacks on Tamper-Resistant Devices , 1999, CHES.

[104]  Eran Tromer,et al.  Acoustic cryptanalysis : on nosy people and noisy machines , 2004 .

[105]  Marc Joye,et al.  Optimal Left-to-Right Binary Signed-Digit Recoding , 2000, IEEE Trans. Computers.

[106]  Emmanuelle Dottax Fault Attacks on NESSIE Signature and Identification Schemes , 2002 .

[107]  Neal Koblitz,et al.  Constructing Elliptic Curve Cryptosystems in Characteristic 2 , 1990, CRYPTO.

[108]  Seungjoo Kim,et al.  RSA Speedup with Residue Number System Immune against Hardware Fault Cryptanalysis , 2001, ICISC.

[109]  L. Washington Elliptic Curves: Number Theory and Cryptography , 2003 .

[110]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, Theory of Cryptography Conference.

[111]  J. Littlewood,et al.  Some problems of ‘Partitio numerorum’; III: On the expression of a number as a sum of primes , 1923 .

[112]  Yuliang Zheng,et al.  Breaking real-world implementations of cryptosys-tems by manipulating their random number generation , 1997 .

[113]  M. Deuring Die Typen der Multiplikatorenringe elliptischer Funktionenkörper , 1941 .

[114]  David A. Wagner,et al.  Cryptanalysis of a provably secure CRT-RSA algorithm , 2004, CCS '04.

[115]  H. Garner The residue number system , 1959, IRE-AIEE-ACM '59 (Western).

[116]  Jean-Pierre Seifert,et al.  A new CRT-RSA algorithm secure against bellcore attacks , 2003, CCS '03.

[117]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[118]  Gene Itkis,et al.  Cryptographic tamper evidence , 2003, CCS '03.

[119]  Paul Barrett,et al.  Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor , 1986, CRYPTO.

[120]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.