On the Multiple Fault Attack on RSA Signatures with LSBs of Messages Unknown

Lidong Han; Wei Wei; Mingjie Liu

Paper 2012/491

On the Multiple Fault Attack on RSA Signatures with LSBs of Messages Unknown

Lidong Han, Wei Wei, and Mingjie Liu

Abstract

In CHES 2009, Coron, Joux, Kizhvatov, Naccache and Paillier(CJKNP) introduced a fault attack on RSA signatures with partially unknown messages. They factored RSA modulus $N$ using a single faulty signature and increased the bound of unknown messages by multiple fault attack, however, the complexity multiple fault attack is exponential in the number of faulty signatures. At RSA 2010, it was improved which run in polynomial time in number of faults. Both previous multiple fault attacks deal with the general case that the unknown part of message is in the middle. This paper handles a special situation that some least significant bits of messages are unknown. First, we describe a sample attack by utilizing the technique of solving simultaneous diophantine approximation problem, and the bound of unknown message is where is the number of faulty signatures. Our attacks are heuristic but very efficient in practice. Furthermore, the new bound can be extended up to by the Cohn-Heninger technique. Comparison between previous attacks and new attacks with LSBs of message unknown will be given by simulation test.

Metadata

Available format(s): PDF
Publication info: Published elsewhere. Unknown where it was published
Keywords: Fault Attacks RSA Signatures Least Significant Bits (LSBs)ISO IEC} 9796-2 LLL Algorithm
Contact author(s): hanlidong @ mail tsinghua edu cn
History: 2012-09-03: received
Short URL: https://ia.cr/2012/491
License: CC BY

BibTeX

@misc{cryptoeprint:2012/491,
      author = {Lidong Han and Wei Wei and Mingjie Liu},
      title = {On the Multiple Fault Attack on {RSA} Signatures with {LSBs} of Messages Unknown},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/491},
      year = {2012},
      url = {https://eprint.iacr.org/2012/491}
}