Perturbating RSA Public Keys: An Improved Attack

  • Alexandre Berzati
  • Cécile Canovas
  • Louis Goubin
Conference paper

DOI: 10.1007/978-3-540-85053-3_24

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5154)
Cite this paper as:
Berzati A., Canovas C., Goubin L. (2008) Perturbating RSA Public Keys: An Improved Attack. In: Oswald E., Rohatgi P. (eds) Cryptographic Hardware and Embedded Systems – CHES 2008. CHES 2008. Lecture Notes in Computer Science, vol 5154. Springer, Berlin, Heidelberg

Abstract

Since its first introduction by Bellcore researchers [BDL97], fault injections have been considered as a powerful and practical way to attack cryptosystems, especially when they are implemented on embedded devices. Among published attacks, Brier et al. followed the work initiated by Seifert to raise the problem of protecting RSA public elements.

We describe here a new fault attack on RSA public elements. Under a very natural fault model, we show that our attack is more efficient than previously published ones. Moreover, the general strategy described here can be applied using multiple transient fault models, increasing the practicability of the attack.

Both the theoretical analysis of the success probability, and the experimental results – obtained with the GMP Library on a PC –, provide evidence that this is a real threat for all RSA implementations, and confirm the need for protection of the public key.

Keywords

RSA fault attacks DFA public key 
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Alexandre Berzati
    • 1
    • 2
  • Cécile Canovas
    • 1
  • Louis Goubin
    • 2
  1. 1.CEA-LETI/MINATECGrenoble Cedex 9France
  2. 2.Versailles Saint-Quentin-en-Yvelines UniversityVersailles CedexFrance

Personalised recommendations