Cryptology ePrint Archive: Report 2013/447

Dynamic Runtime Methods to Enhance Private Key Blinding

Karine Gandolfi-Villegas and Nabil Hamzi

Abstract: In this paper we propose new methods to blind exponents used in RSA and in elliptic curves based algorithms. Due to classical differential power analysis (DPA and CPA), a lot of countermeasures to protect exponents have been proposed since 1999 Kocher [20] and by Coron [13]. However, these blinding methods present some drawbacks regarding execution time and memory cost. It also got some weaknesses. Indeed they could also be targeted by some attacks such as The Carry Leakage on the Randomized Exponent proposed by P.A. Fouque et al. in [23] or inefficient against some others analysis such as Single Power Analysis. In this article, we explain how the most used method could be exploited when an attacker can access test samples. We target here new dynamic blinding methods in order to prevent from any learning phase and also to improve the resistance against the latest side channel analyses published.

Category / Keywords: implementation / Reverse engineering, exponent blinding, side channel attacks, RSA, ECC

Date: received 16 Jul 2013

Contact author: nabil hamzi at gemalto com

Available format(s): PDF | BibTeX Citation

Version: 20130722:122954 (All versions of this report)

Short URL: ia.cr/2013/447

Discussion forum: Show discussion | Start new discussion