Cryptology ePrint Archive: Report 2015/291

Two Operands of Multipliers in Side-Channel Attack

Takeshi Sugawara, Daisuke Suzuki, and Minoru Saeki

Abstract: The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multipliers. There are two consequences. Firstly, designing order of operands can be a cost-effective countermeasure. We show a concrete example in which operand order determines success and failure of the attack. Secondly, countermeasures can be ineffective if the asymmetric leakage is considered. In addition to the main results, the attack by Hanley et al. is extended using the signal-processing technique of the big mac attack. An experimental result to successfully analyze an FPGA implementation of RSA with the multiply-always method is also presented.

Category / Keywords: implementation / RSA, Side-Channel Attack, Collision Attack, Montgomery Multiplication

Original Publication (with minor differences): COSADE 2015

Date: received 27 Mar 2015

Contact author: Sugawara Takeshi at bp MitsubishiElectric co jp

Available format(s): PDF | BibTeX Citation

Version: 20150401:133253 (All versions of this report)

Short URL: ia.cr/2015/291

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]