论文信息 - Evaluation of Simple/Comparative Power Analysis against an RSA ASIC implementation

Evaluation of Simple/Comparative Power Analysis against an RSA ASIC implementation

Simple Power Analysis attacks with chosen-message techniques were applied to an RSA processor implemented with standard CMOS technology on ASIC, and the different characteristics of power waveforms caused by two types of implementation (ASIC and FPGA) were investigated in detail. We also applied Comparative Power Analysis an advanced power analysis attack in which a pair of input data was used to enhance the waveform pattern for modular exponentiation. The power dissipation of modular squaring in the difference waveform was greatly reduced when compared to modular multiplication, allowing all of the secret key bits to be successfully revealed.

Akashi Satoh | Takafumi Aoki | Naofumi Homma | Atsushi Miyamoto

[1] Frédéric Valette,et al. The Doubling Attack - Why Upwards Is Better than Downwards , 2003, CHES.

[2] JaeCheol Ha,et al. Power Analysis by Exploiting Chosen Message and Internal Collisions - Vulnerability of Checking Mechanism for RSA-Decryption , 2005, Mycrypt.

[3] Tolga Acar,et al. Analyzing and comparing Montgomery multiplication algorithms , 1996, IEEE Micro.

[4] Bert den Boer,et al. A DPA Attack against the Modular Reduction within a CRT Implementation of RSA , 2002, CHES.

[5] Roman Novak,et al. SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation , 2002, Public Key Cryptography.

[6] Paul C. Kocher,et al. Differential Power Analysis , 1999, CRYPTO.

[7] Adi Shamir,et al. Collision-Based Power Analysis of Modular Exponentiation Using Chosen-Message Pairs , 2008, CHES.

[8] P. L. Montgomery. Modular multiplication without trial division , 1985 .