Paper 2012/553

Bellcore attack in practice

Andrey Sidorenko, Joachim van den Berg, Remko Foekema, Michiel Grashuis, and Jaap de Vos

Abstract

In this paper we analyze practical aspects of the differential fault attack on RSA published by Boneh, Demillo and Lipton from Bellcore. We focus on the CRT variant, which requires only one faulty signature to be entirely broken provided that no DFA countermeasures are in use. Usually the easiest approach for the attacker is to introduce a fault in one of the two RSA-CRT exponentiations. These are time-consuming and often clearly visible in the power profiles. However, protection of the exponentiations against faults does not always circumvent the Bellcore attack. Our goal is to investigate and classify other possible targets of the attack.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Bellcore attackDFAlight manipulationperturbation attacks
Contact author(s)
sidorenko @ brightsight com
History
2012-09-27: received
Short URL
https://ia.cr/2012/553
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/553,
      author = {Andrey Sidorenko and Joachim van den Berg and Remko Foekema and Michiel Grashuis and Jaap de Vos},
      title = {Bellcore attack in practice},
      howpublished = {Cryptology ePrint Archive, Paper 2012/553},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/553}},
      url = {https://eprint.iacr.org/2012/553}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.