Longer Keys May Facilitate Side Channel Attacks

  • Colin D. Walter
Conference paper

DOI: 10.1007/978-3-540-24654-1_4

Part of the Lecture Notes in Computer Science book series (LNCS, volume 3006)
Cite this paper as:
Walter C.D. (2004) Longer Keys May Facilitate Side Channel Attacks. In: Matsui M., Zuccherato R.J. (eds) Selected Areas in Cryptography. SAC 2003. Lecture Notes in Computer Science, vol 3006. Springer, Berlin, Heidelberg


Increasing key length is a standard counter-measure to cryptanalysis. However, longer key length generally means greater side channel leakage. For embedded RSA crypto-systems the increase in leaked data outstrips the increase in secret data so that, in contrast to the improved mathematical strength, longer keys may, in fact, lead to lower security. This is investigated for two types of implementation attack. The first is a timing attack in which squares and multiplications are differentiated from the relative frequencies of conditional subtractions over several exponentiations. Once keys are large enough, longer length seems to decrease security. The second case is a power analysis attack on a single m-ary exponentiation using a single k-bit hardware multiplier. For this, despite certain counter-measures such as exponent blinding, uncertainty in determining the secret bits decreases so quickly that longer keys appear to be noticeably less secure.


RSA Cryptosystem Key Length Side Channel Attacks Timing Attack Power Analysis DPA 

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Colin D. Walter
    • 1
  1. 1.Comodo Research LabBradfordUK

Personalised recommendations