RSA-type signatures in the presence of transient faults

  • Marc Joye
  • Jean-Jacques Quisquater
  • Feng Bao
  • Robert H. Deng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1355)


In this paper, we show that the presence of transient faults can leak some secret information. We prove that only one faulty RSA-signature is needed to recover one bit of the secret key. Thereafter, we extend this result to Lucas-based and elliptic curve systems.


RSA Lucas sequences elliptic curves transient faults 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R., and Kuhn, M. Tamper resistance — a cautionary note. In Proceedings of the Second USENIX Workshop on Electronic Commerce (1996), USENIX Association, pp. 1–11.Google Scholar
  2. 2.
    Bao, F., Deng, R. H., Han, Y., Jeng, A., Narasimhalu, A. D., and Ngair, T. Breaking public key cryptosystems on tamper resistant devices in the presence of faults. In Pre-proceedings of the 1997 Security Protocols Workshop (1997).Google Scholar
  3. 3.
    BRESSOUD, D. M. Factorization and primality testing. Undergraduate Texts in Mathematics. Springer-Verlag, 1989.Google Scholar
  4. 4.
    Davida, G. Chosen signature cryptanalysis of the RSA (MIT) public key cryptosystem. Tech. Report TR-CS-82-2, Dept. of Electrical Engineering and Computer Science, University of Wisconsin, Milwaukee, USA, Oct. 1982.Google Scholar
  5. 5.
    Demytko, N. A new elliptic curve based analogue of RSA. In Advance in Cryptology — Eurocrypt'93 (1994), T. Helleseth, Ed., vol. 765 of Lectures Notes in Computer Science, Springer-Verlag, pp. 40–49.Google Scholar
  6. 6.
    Joys, M., and Quisquater, J.-J. Efficient computation of full Lucas sequences. Electronics Letters 32, 6 (Mar. 1996), 537–538.CrossRefGoogle Scholar
  7. 7.
    Koyama, K., Maurer, U. M., Okamoto, T., and Vanstone, S. A. New publickey schemes based on elliptic curves over the ring ℤn. In Advance in Cryptology — Crypto'91 (1992), J. Feigenbaum, Ed., vol. 576 of Lectures Notes in Computer Science, Springer-Verlag, pp. 252–266.Google Scholar
  8. 8.
    Lang, S.Elliptic curves: Diophantine analysis, vol. 231 of Grundlehren der mathematischen Wissenschaften. Springer-Verlag, 1978.Google Scholar
  9. 9.
    Rivest, R. L., Shamir, A., and Adleman, L. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 2 (Feb. 1978),120–126.CrossRefGoogle Scholar
  10. 10.
    Silverman, J. H.The arithmetic of elliptic curves, vol. 106 of Graduate Texts in Mathematics. Springer-Verlag, 1986.Google Scholar
  11. 11.
    Smith, P. J., and Lennon, M. J. J. Luc: A new public key system. In Ninth IFIP Symposium on Computer Security (1993), E. G. Douglas, Ed., Elsevier Science Publishers, pp. 103–117.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1997

Authors and Affiliations

  • Marc Joye
    • 1
  • Jean-Jacques Quisquater
    • 2
  • Feng Bao
    • 3
  • Robert H. Deng
    • 3
  1. 1.UCL Crypto Group, Dept of MathematicsUniversity of LouvainLouvain-la-NeuveBelgium
  2. 2.UCL Crypto Group, Microelectronics LabsUniversity of LouvainLouvain-la-NeuveBelgium
  3. 3.Institute of Systems ScienceNational University of Singapore Kent RidgeSingapore

Personalised recommendations