Incorporating Error Detection in an RSA Architecture
Most successful attacks against hardware implementations of cryptographic systems make use of side-channel information leakage. Recently, some attacks have been proposed against various cryptosystems, which exploit deliberate error injection during the computation process. Several error detection schemes have been proposed in order to counteract these attacks. In this paper, we add a residue-based error detection scheme to an RSA architecture and evaluate the area and latency overheads with respect to the basic architecture.
KeywordsProcessing Element Clock Cycle Side Channel Attack Fault Attack Cryptographic Hardware
Unable to display preview. Download preview PDF.
- 1.Anderson, R., Kuhn, M.: Low Cost Attacks on Tamper Resistant Devices. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189. Springer, Heidelberg (1997)Google Scholar
- 3.Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. Technical Report, Technion - Computer Science Department (1997)Google Scholar
- 5.Gueron, S.: Fault Detection Mechanism for Smartcards Performing Modular Exponentiation. In: Workshop on Fault Diagnosis and Tolerance in Cryptography 2004. Supplemental Volume of the 2004 Intern. Conf. on Dependable Systems and Networks, pp. 368–372 (2004)Google Scholar
- 6.Mazzeo, A., Romano, L., Saggese, G.P., Mazzocca, N.: FPGA-based implementation of a serial RSA processor. In: Design, Automation and Test in Europe Conference and Exhibition 2003, pp. 582–587 (2003)Google Scholar
- 8.Parhami, B., Avizienis, A.: Design of Fault-Tolerant Associative Processors. In: ISCA, pp. 141–145 (1973)Google Scholar
- 10.Shamir, A.: Method and Apparatus for Protecting Public Key Schemes from Timing and Fault Attacks. US Patent 5991415 (1999)Google Scholar