International Workshop on Cryptographic Hardware and Embedded Systems

CHES 2008: Cryptographic Hardware and Embedded Systems – CHES 2008 pp 380-395

Perturbating RSA Public Keys: An Improved Attack

  • Alexandre Berzati
  • Cécile Canovas
  • Louis Goubin
Conference paper

DOI: 10.1007/978-3-540-85053-3_24

Volume 5154 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Berzati A., Canovas C., Goubin L. (2008) Perturbating RSA Public Keys: An Improved Attack. In: Oswald E., Rohatgi P. (eds) Cryptographic Hardware and Embedded Systems – CHES 2008. CHES 2008. Lecture Notes in Computer Science, vol 5154. Springer, Berlin, Heidelberg

Abstract

Since its first introduction by Bellcore researchers [BDL97], fault injections have been considered as a powerful and practical way to attack cryptosystems, especially when they are implemented on embedded devices. Among published attacks, Brier et al. followed the work initiated by Seifert to raise the problem of protecting RSA public elements.

We describe here a new fault attack on RSA public elements. Under a very natural fault model, we show that our attack is more efficient than previously published ones. Moreover, the general strategy described here can be applied using multiple transient fault models, increasing the practicability of the attack.

Both the theoretical analysis of the success probability, and the experimental results – obtained with the GMP Library on a PC –, provide evidence that this is a real threat for all RSA implementations, and confirm the need for protection of the public key.

Keywords

RSAfault attacksDFApublic key
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Alexandre Berzati
    • 1
    • 2
  • Cécile Canovas
    • 1
  • Louis Goubin
    • 2
  1. 1.CEA-LETI/MINATECGrenoble Cedex 9France
  2. 2.Versailles Saint-Quentin-en-Yvelines UniversityVersailles CedexFrance