论文信息 - Improving Divide and Conquer Attacks against Cryptosystems by Better Error Detection / Correction Strategies

Improving Divide and Conquer Attacks against Cryptosystems by Better Error Detection / Correction Strategies

Divide and conquer attacks try to recover small portions of cryptographic keys one by one. Usually, a wrong guess makes subsequent ones useless. Hence possible errors should be detected and corrected as soon as possible. In this paper we introduce a new (generic) error detection and correction strategy. Its efficiency is demonstrated at various examples, namely at a power attack, two timing attacks against RSA implementations with and without Chinese Remainder Theorem, and a timing attack against the future AES (Rijndael). As the design of efficient countermeasures requires a good understanding of an attack's actual power, the possible improvement induced by sophisticated error detection and correction should not be neglected. Although divide and conquer attacks are typical for side-channel attacks, we would like to stress that they are not restricted to that field, as will be illustrated by Siegenthaler's attack.

[1] Hermann Witting,et al. Mathematische Statistik II , 1985 .

[2] P. L. Montgomery. Modular multiplication without trial division , 1985 .

[3] Thomas Siegenthaler,et al. Decrypting a Class of Stream Ciphers Using Ciphertext Only , 1985, IEEE Transactions on Computers.

[4] Paul C. Kocher,et al. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[5] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[6] Don Coppersmith,et al. Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities , 1997, Journal of Cryptology.

[7] J. Quisquater,et al. A Practical Implementation of the Timing Attack , 1998, CARDIS.

[8] Bruce Schneier,et al. Smart Card Research and Applications , 1998, Lecture Notes in Computer Science.

[9] Robert H. Sloan,et al. Power Analysis Attacks of Modular Exponentiation in Smartcards , 1999, CHES.

[10] Werner Schindler,et al. A Timing Attack against RSA with the Chinese Remainder Theorem , 2000, CHES.

[11] Neal Koblitz,et al. Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[12] Christof Paar,et al. Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[13] Schindler Werner. OPTIMIZED TIMING ATTACKS AGAINST PUBLIC KEY CRYPTOSYSTEMS , 2002 .