Paper 2010/582

Secret Key Leakage from Public Key Perturbation of DLP-based Cryptosystems

Alexandre Berzati, Cécile Canovas-Dumas, and Louis Goubin


Finding efficient countermeasures for cryptosystems against fault attacks is challenged by a constant discovery of flaws in designs. Even elements, such as public keys, that do not seem critical must be protected. From the attacks against RSA, we develop a new attack of DLP-based cryptosystems, built in addition on a lattice analysis to recover DSA public keys from partially known nonces. Based on a realistic fault model, our attack only requires 16 faulty signatures to recover a 160-bit DSA secret key within a few minutes on a standard PC. These results significantly improves the previous public element fault attack in the context of DLP-based cryptosystems.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
DSAexponentiationfault injectionpublic moduluslattice reduction.
Contact author(s)
cecile dumas @ cea fr
2010-11-18: received
Short URL
Creative Commons Attribution


      author = {Alexandre Berzati and Cécile Canovas-Dumas and Louis Goubin},
      title = {Secret Key Leakage from Public Key Perturbation of DLP-based Cryptosystems},
      howpublished = {Cryptology ePrint Archive, Paper 2010/582},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.