Abstract
This paper presents an approach to resist modular exponentiation-based cryptosystems like RSA from higher-order DPA attacks. The best way to prevent higher-order DPA attacks is by splitting the sensitive data into independent shares and execute them individually. We have incorporated the concept of inner product to split the large exponent or secret key in modular exponentiation into multiple shares. With these independent shares, individual modular exponentiation has been computed using multiply-always binary method. These shares have also been arithmetically blinded with a 32-bit blinding factor prior to computation. The entire analysis has been executed in RSA of sizes: 1024 bits, 1536 bits and 2048 bits. The results show that the proposed work can provide significant resistance to SPA, DPA and higher-order DPA attacks on modular exponentiation-based cryptosystems.
Similar content being viewed by others
References
Kocher P, Joshu J, Jun B (1999) Differential power analysis. In: CRYPTO 1999. LNCS. vol 1666. Springer, Berlin, pp 388–397
Mangard S, Oswald E, Popp T (2008) Power analysis attacks: revealing the secrets of smart cards, vol 31. Springer, Berlin
Messerges TS, Dabdish EA, Sloan RH (1999) Power analysis attacks of modular exponentiation in smartcards. In: CHES-99. Springer, Berlin. pp 144–157
Fouque PA, Kunz-Jacques S et al (2006) Power attack on small RSA public exponent. In: CHES-06. Springer, Berlin. pp 339–353
Schindler W, Itoh K (2011) Exponent blinding does not always lift (partial) spa resistance to higher-level security. In: International conference on ACNS, pp 73–90
Schindler W, Wiemers A (2014) Power attacks in the presence of exponent blinding. J Cryptogr Eng 4(4):213–236
Schindler W, Wiemers A (2017) Generic power attacks on RSA with CRT and exponent blinding: new results. J Cryptogr Eng 7:255–272
Witteman MF, Witteman JG, Menarini F (2011) Defeating RSA multiply-always and message blinding countermeasures. In: CT-RSA-2011, pp 77–88
Bauer S (2012) Attacking exponent blinding in RSA without CRT. In: International conference on COSADE, pp 82–88
Bauer A, Jaulmes E (2013) Correlation analysis against protected SFM implementations of RSA. In: INDOCRYPT-2013. Springer, pp 98–115
Zhao B et al (2016) An improved power attack on small RSA public exponent. In: IEEE 12th international conference on CIS, pp 578–581
Kuzu EA et al (2013) New cross correlation attack methods on the montgomery ladder implementation of RSA. In: 3rd IEEE international advanced computing conference, pp 138–142
Kuzu EA, Tangel A (2014) A new style CPA attack on the ML implementation of RSA. In: IEEE international computer science and engineering conference, pp 323–328
Kaminaga M, Yoshikawa H, Suzuki T (2015) Double counting in \(2^{t}\)-ary RSA precomputation reveals the secret exponent. IEEE Trans Inf Forensics Secur 10(7):1394–1401
Wan W, Yang W, Chen J (2015) An optimized cross correlation power attack of message blinding exponentiation algorithms. China Commun 12(6):22–32
Ambrose JA, Ragel RG, Parameswaran S (2012) Randomized instruction injection to counter power analysis attacks. ACM Trans Embed Comput Syst 11(3):69–97
Giraud C (2006) An RSA implementation resistant to fault attacks and to simple power analysis. IEEE Trans Comput 55(9):1116–1120
Fournaris AP, Koufopavlou O (2012) Protecting CRT RSA against fault and power side channel attacks. In: IEEE computer society annual symposium on VLSI, pp 159–164
Liang Y, Bai G (2013) A new FA and SPA resistant implementation of RSA. In: IEEE 3rd international conference on CSNT, pp 893–897
Choi Y et al (2016) An improved square-always exponentiation resistant to side-channel attacks on RSA implementation. Intell Autom Soft Comput 22(3):353–363
Kim H et al (2016) A secure exponentiation algorithm resistant to a combined attack on RSA implementation. Int J Comput Math 93(2):258–272
Jin JF, Lu EH, Gao XW (2009) Resistance DPA of RSA on smartcard. In: 5th IEEE international conference on information assurance and security, pp 406–409
Kim H et al (2014) Message blinding method requiring no multiplicative inversion for RSA. ACM Trans Embed Comput Syst 13(4):80–89
Chari S, Jutla C, Rao JR, Rohatgi P (1999) Towards sound approaches to counteract power-analysis attacks. In: CRYPTO-1999. Springer, Berlin, p 791
Balasch J et al (2012) Theory and practice of a leakage resilient masking scheme. In: ASIACRYPT-2012. Springer, pp 758–775
Balasch J, Faust S, Gierlichs B (2015) Inner product masking revisited. In: Oswald E, Fischlin M (eds) Advances in cryptology - EUROCRYPT 2015, vol 9056. Springer, Berlin, Heidelberg, pp 486–510
Balasch J, Faust S, Gierlichs B, Paglialonga C, Standaert FX (2017) Consolidating inner product masking. In: ASIACRYPT-2017. LNCS, vol 10624. Springer, Berlin, pp 724–754
Dziembowski S, Faust S (2012) Leakage-resilient circuits without computational assumptions. In: Theory of cryptography conference, pp 230–247
Oswald E et al (2006) Practical second-order DPA attacks for masked smart card implementations of block ciphers. In: CT-RSA. Springer, Berlin, pp 192–207
Gierlichs B et al (2010) Revisiting higher-order DPA attacks: multivariate mutual information analysis. In: CT-RSA, vol 5985. Springer, Berlin, pp 221–234
Gierlichs B et al (2008) Mutual information analysis. In: CHES-08. Springer, Berlin, pp 426–442
Veyrat-Charvillon N, Standaert F (2009) Mutual information analysis: how, when and why? In: CHES-09. Springer, Berlin, pp 429–443
Mahanta HJ, Khan AK (2017) Comparative modular exponentiation with randomized exponent to resist power analysis attacks. Arab J Sci Eng 42(8):3423–3434
Mahanta HJ, Khan AK (2017) Securing RSA against power analysis attacks through non-uniform exponent partitioning with randomisation. IET Inform Secur 12(1):25–33
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Mahanta, H.J., Khan, A.K. & Mukhopadhyay, S. Modular exponentiation with inner product to resist higher-order DPA attacks. Innovations Syst Softw Eng 16, 87–97 (2020). https://doi.org/10.1007/s11334-019-00346-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11334-019-00346-2