Skip to main content
Book cover

International Workshop on Security

IWSEC 2016: Advances in Information and Computer Security pp 182–192Cite as

A Note on Fault Attacks Against Deterministic Signature Schemes (Short Paper)

Part of the Lecture Notes in Computer Science book series (LNSC,volume 9836)

Abstract

Providing sound and fault resilient signature schemes is of crucial importance for the realization of modern secure embedded systems. In this context, the use of standardized discrete logarithm signature primitives such as DSA and ECDSA has been proven frail with respect to failures in the RNG subsystem of a device, leading to the design of deterministic schemes. In this work we analyze the resistance of deterministic signature primitives to fault attacks. We devise an attack strategy relying on a relaxed fault model and show how to efficiently derive the secret key of the deterministic version of both DSA and ECDSA, employing a single correct-faulty signature pair, while we show that the EdDSA algorithm shows structural resistance against such attacks.

Keywords

  • Elliptic Curve
  • Signature Scheme
  • Fault Model
  • Fault Injection
  • Input Message

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-44524-3_11
  • Chapter length: 11 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-44524-3
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)
Learn about institutional subscriptions

References

  1. Barenghi, A., Bertoni, G.M., Breveglieri, L., Pelosi, G., Sanfilippo, S., Susella, R.: A fault-based secret key retrieval method for ECDSA: analysis and countermeasure. J. Emerg. Technol. Comput. Syst. 13(1) (2016)

    Google Scholar 

  2. Barenghi, A., Bertoni, G.M., Breveglieri, L., Pellicioli, M., Pelosi, G.: Fault attack on AES with single-bit induced faults. In: Sixth International Conference on Information Assurance and Security, IAS 2010, Atlanta, GA, USA, 23–25 August 2010. IEEE (2010)

    Google Scholar 

  3. Barenghi, A., Bertoni, G.M., Breveglieri, L., Pelosi, G.: A fault induction technique based on voltage underfeeding with application to attacks against AES and RSA. J. Syst. Softw. 86(7), 1864–1878 (2013)

    CrossRef  Google Scholar 

  4. Barenghi, A., Breveglieri, L., Koren, I., Naccache, D.: Fault injection attacks on cryptographic devices: theory, practice, and countermeasures. Proc. IEEE 100(11), 3056–3076 (2012)

    CrossRef  Google Scholar 

  5. Barenghi, A., Breveglieri, L., Koren, I., Pelosi, G., Regazzoni, F.: Countermeasures against fault attacks on software implemented AES: effectiveness and cost. In: 5th Workshop on Embedded Systems Security, WESS 2010. ACM (2010)

    Google Scholar 

  6. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.: High-speed High-security Signatures. J. Cryptographic Eng. 2(2), 77–89 (2012)

    CrossRef  MATH  Google Scholar 

  7. El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)

    CrossRef  MathSciNet  Google Scholar 

  8. Vitek, J., Naccache, D., Pointcheval, D., Vaudenay, S.: Computational alternatives to random number generators. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 72–80. Springer, Heidelberg (1999)

    CrossRef  Google Scholar 

  9. Pornin, T.: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA). IETF RFC 6979 (2013)

    Google Scholar 

  10. Josefsson, S., Möller, N.: EdDSA and Ed25519 (2015). https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-03

  11. Schmidt, J., Medwed, M.: A fault attack on ECDSA. In: FDTC 2009, pp. 93–99. IEEE CS (2009)

    Google Scholar 

  12. Schnorr, C.: Efficient signature generation by smart cards. J. Cryptology 4(3), 161–174 (1991)

    CrossRef  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgements

This work was supported in part by the EU grant awarded for the action “Safe Cooperating Cyber-Physical Systems using Wireless Communication – SafeCOP” (ECSEL JU 2015-RIA). Grant agreement no. 692529.

Author information

Authors and Affiliations

  1. Department of Electronics, Information and Bioengineering – DEIB, Politecnico di Milano, Milano, Italy

    Alessandro Barenghi & Gerardo Pelosi

Authors
  1. Alessandro Barenghi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gerardo Pelosi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gerardo Pelosi .

Editor information

Editors and Affiliations

  1. Japan Broadcasting Corporation, Tokyo, Japan

    Kazuto Ogawa

  2. Yokohama National University, Yokohama, Japan

    Katsunari Yoshioka

Rights and permissions

Reprints and Permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Barenghi, A., Pelosi, G. (2016). A Note on Fault Attacks Against Deterministic Signature Schemes (Short Paper). In: Ogawa, K., Yoshioka, K. (eds) Advances in Information and Computer Security. IWSEC 2016. Lecture Notes in Computer Science(), vol 9836. Springer, Cham. https://doi.org/10.1007/978-3-319-44524-3_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-44524-3_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-44523-6

  • Online ISBN: 978-3-319-44524-3

  • eBook Packages: Computer ScienceComputer Science (R0)