Cryptology ePrint Archive: Report 2004/187

Parallel FPGA Implementation of RSA with Residue Number Systems - Can side-channel threats be avoided? - Extended version

Mathieu Ciet and Michael Neve and Eric Peeters and Jean-Jacques Quisquater

Abstract: In this paper, we present a new parallel architecture to avoid side-channel analyses such as: timing attack, simple/differential power analysis, fault induction attack and simple/differential electromagnetic analysis. We use a Montgomery Multiplication based on Residue Number Systems. Thanks to RNS, we develop a design able to perform an RSA signature in parallel on a set of identical and independent coprocessors. Of independent interest, we propose a new DPA countermeasure in the framework of RNS. It is only (slightly) memory consuming (1.5 KBytes). Finally, we synthesized our new architecture on FPGA and it presents promising performance results. Even if our aim is to sketch a secure architecture, the RSA signature is performed in less than 160 ms, with competitive hardware resources. To our knowledge, this is the first proposal of an architecture counteracting electromagnetic analysis apart from hardware countermeasures reducing electromagnetic radiations.

Category / Keywords: public-key cryptography / RSA, Residue Numbers Systems, Side-Channels, SPA, DPA, EMA, Counter-measures, FPGA implementations

Date: received 5 Aug 2004

Contact author: peeters at dice ucl ac be

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20040807:043814 (All versions of this report)

Short URL: ia.cr/2004/187

Discussion forum: Show discussion | Start new discussion