PSS Is Secure against Random Fault Attacks

  • Jean-Sébastien Coron
  • Avradip Mandal
Conference paper

DOI: 10.1007/978-3-642-10366-7_38

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5912)
Cite this paper as:
Coron JS., Mandal A. (2009) PSS Is Secure against Random Fault Attacks. In: Matsui M. (eds) Advances in Cryptology – ASIACRYPT 2009. ASIACRYPT 2009. Lecture Notes in Computer Science, vol 5912. Springer, Berlin, Heidelberg


A fault attack consists in inducing hardware malfunctions in order to recover secrets from electronic devices. One of the most famous fault attack is Bellcore’s attack against RSA with CRT; it consists in inducing a fault modulo p but not modulo q at signature generation step; then by taking a gcd the attacker can recover the factorization of N = pq. The Bellcore attack applies to any encoding function that is deterministic, for example FDH. Recently, the attack was extended to randomized encodings based on the iso/iec 9796-2 signature standard. Extending the attack to other randomized encodings remains an open problem.

In this paper, we show that the Bellcore attack cannot be applied to the PSS encoding; namely we show that PSS is provably secure against random fault attacks in the random oracle model, assuming that inverting RSA is hard.


Probabilistic Signature Scheme Provable Security Fault Attacks Bellcore Attack 
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Jean-Sébastien Coron
    • 1
  • Avradip Mandal
    • 1
  1. 1.University of Luxembourg 

Personalised recommendations