Paper 2016/238

Algorithmic Countermeasures Against Fault Attacks and Power Analysis for RSA-CRT

Ágnes Kiss, Juliane Krämer, Pablo Rauzy, and Jean-Pierre Seifert


In this work, we analyze all existing RSA-CRT countermeasures against the Bellcore attack that use binary self-secure exponentiation algorithms. We test their security against a powerful adversary by simulating fault injections in a fault model that includes random, zeroing, and skipping faults at all possible fault locations. We find that most of the countermeasures are vulnerable and do not provide sufficient security against all attacks in this fault model. After investigating how additional measures can be included to counter all possible fault injections, we present three countermeasures which prevent both power analysis and many kinds of fault attacks.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. MINOR revision.COSADE 2016
Bellcore attackRSA-CRTmodular exponentiationpower analysis
Contact author(s)
agnes kiss @ crisp-da de
2016-03-03: received
Short URL
Creative Commons Attribution


      author = {Ágnes Kiss and Juliane Krämer and Pablo Rauzy and Jean-Pierre Seifert},
      title = {Algorithmic Countermeasures Against Fault Attacks and Power Analysis for RSA-CRT},
      howpublished = {Cryptology ePrint Archive, Paper 2016/238},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.