Paper 2009/503

Fault Attacks Against EMV Signatures

Jean-Sebastien Coron, David Naccache, and Mehdi Tibouchi

Abstract

At CHES 2009, Coron, Joux, Kizhvatov, Naccache and Paillier (CJKNP) exhibited a fault attack against RSA signatures with partially known messages. This attack allows factoring the public modulus N. While the size of the unknown message part (UMP) increases with the number of faulty signatures available, the complexity of CJKNP's attack increases exponentially with the number of faulty signatures. This paper describes a simpler attack, whose complexity is polynomial in the number of faults; consequently, the new attack can handle much larger UMPs. The new technique can factor N in a fraction of a second using ten faulty EMV signatures -- a target beyond CJKNP's reach. We show how to apply the attack even when N is unknown, a frequent situation in real-life attacks.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Fault AttacksDigital SignaturesRSAISOIEC 9796-2EMV
Contact author(s)
mehdi tibouchi @ ens fr
History
2009-10-20: received
Short URL
https://ia.cr/2009/503
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/503,
      author = {Jean-Sebastien Coron and David Naccache and Mehdi Tibouchi},
      title = {Fault Attacks Against {EMV} Signatures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/503},
      year = {2009},
      url = {https://eprint.iacr.org/2009/503}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.