Paper 2015/291

Two Operands of Multipliers in Side-Channel Attack

Takeshi Sugawara, Daisuke Suzuki, and Minoru Saeki

Abstract

The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multipliers. There are two consequences. Firstly, designing order of operands can be a cost-effective countermeasure. We show a concrete example in which operand order determines success and failure of the attack. Secondly, countermeasures can be ineffective if the asymmetric leakage is considered. In addition to the main results, the attack by Hanley et al. is extended using the signal-processing technique of the big mac attack. An experimental result to successfully analyze an FPGA implementation of RSA with the multiply-always method is also presented.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Minor revision. COSADE 2015
Keywords
RSASide-Channel AttackCollision AttackMontgomery Multiplication
Contact author(s)
Sugawara Takeshi @ bp mitsubishielectric co jp
History
2015-04-01: received
Short URL
https://ia.cr/2015/291
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/291,
      author = {Takeshi Sugawara and Daisuke Suzuki and Minoru Saeki},
      title = {Two Operands of Multipliers in Side-Channel Attack},
      howpublished = {Cryptology ePrint Archive, Paper 2015/291},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/291}},
      url = {https://eprint.iacr.org/2015/291}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.