Using Bleichenbacher”s Solution to the Hidden Number Problem to Attack Nonce Leaks in 384-Bit ECDSA
- Elke De MulderAffiliated withCryptography Research, Inc.
- , Michael HutterAffiliated withCryptography Research, Inc.Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology
- , Mark E. MarsonAffiliated withCryptography Research, Inc.
- , Peter PearsonAffiliated withCryptography Research, Inc.
In this paper we describe an attack against nonce leaks in 384-bit ECDSA using an FFT-based attack due to Bleichenbacher. The signatures were computed by a modern smart card. We extracted the low-order bits of each nonce using a template-based power analysis attack against the modular inversion of the nonce. We also developed a BKZ-based method for the range reduction phase of the attack, as it was impractical to collect enough signatures for the collision searches originally used by Bleichenbacher. We confirmed our attack by extracting the entire signing key using a 5-bit nonce leak from 4000 signatures.
KeywordsSide Channel Analysis ECDSA Modular Inversion Hidden Number Problem Bleichenbacher FFT LLL BKZ
- Using Bleichenbacher”s Solution to the Hidden Number Problem to Attack Nonce Leaks in 384-Bit ECDSA
- Book Title
- Cryptographic Hardware and Embedded Systems - CHES 2013
- Book Subtitle
- 15th International Workshop, Santa Barbara, CA, USA, August 20-23, 2013. Proceedings
- pp 435-452
- Print ISBN
- Online ISBN
- Series Title
- Lecture Notes in Computer Science
- Series Volume
- Series ISSN
- Springer Berlin Heidelberg
- Copyright Holder
- Springer-Verlag Berlin Heidelberg
- Additional Links
- Side Channel Analysis
- Modular Inversion
- Hidden Number Problem
- Industry Sectors
- eBook Packages
- Editor Affiliations
- 16. STMicroelectronics
- 17. University of Luxembourg
- Author Affiliations
- 18. Cryptography Research, Inc., 425 Market Street, 11th Floor, San Francisco, CA, 94105, USA
- 19. Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, 8010, Graz, Austria
To view the rest of this content please follow the download PDF link above.